Introduction
GoodBooks ("we," "us," or "our") is a nonprofit-focused accounting and donation management platform serving small nonprofits and volunteer treasurers. We are committed to protecting the privacy of individuals who use our platform. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.
By accessing or using GoodBooks, you agree to the practices described in this policy. If you do not agree, please discontinue use of the platform.
Information We Collect
Information You Provide
We collect information you provide directly, including:
- Account registration data: name, email address, organization name, and password
- Nonprofit organization details: legal name, EIN, mailing address, and contact information
- Financial data: donor records, donation amounts, fund designations, and transaction history
- Banking and payment information: provided through our payment processor, Stripe (we do not store raw bank account or card numbers ourselves)
- Communications: messages you send to our support team or through the platform
Information Collected Automatically
When you use GoodBooks, we automatically collect certain technical data, including:
- Log data: IP address, browser type, operating system, pages visited, and timestamps
- Device identifiers and usage analytics
- Session data managed via secure, encrypted session tokens
Information From Third Parties
We may receive information from:
- Stripe: payment and transaction metadata related to donations processed through your connected nonprofit account
- WorkOS: authentication-related data if you sign in through a supported identity provider
How We Use Your Information
We use collected information to:
- Provide, operate, and improve the GoodBooks platform
- Process donations and generate donor acknowledgments on behalf of connected nonprofits
- Enable treasurer accounting, fund tracking, and financial reporting features
- Communicate with you about your account, updates, and support requests
- Comply with legal obligations, including tax reporting requirements
- Detect fraud, abuse, or violations of our Terms of Service
- Send transactional emails and, with your consent, product updates
How We Share Your Information
We do not sell your personal information. We share information only in the following circumstances:
- Service providers: We share data with trusted vendors (such as Stripe, WorkOS, and AWS) who assist in operating the platform, under contractual data protection obligations.
- Your organization: Treasurer-entered data is accessible to authorized users within the same nonprofit organization account.
- Legal compliance: We may disclose information if required by law, subpoena, or to protect the rights and safety of GoodBooks, our users, or the public.
- Business transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction, with notice provided to affected users.
Stripe & Payment Processing
Donation payments are processed through Stripe. When your nonprofit connects a Stripe account, donor payment information (including ACH banking details and card data) is collected and stored by Stripe, not GoodBooks. Stripe's use of that data is governed by Stripe's own Privacy Policy. We receive transaction metadata (amount, date, donor reference) to support your accounting records.
Data Retention
We retain your account data and financial records for as long as your account is active, plus a reasonable period thereafter to comply with legal obligations (including IRS record-keeping requirements applicable to nonprofit organizations). You may request deletion of your account at any time; however, we may retain certain records as required by law.
Security
We use industry-standard security measures to protect your data, including encrypted data transmission (TLS), encrypted session management, and access controls. We carry Errors & Omissions, General Liability, and Cyber Liability insurance. While we take these precautions seriously, no system is completely immune to unauthorized access, and we cannot guarantee absolute security.
Your Rights
Depending on your location, you may have rights to:
- Access the personal information we hold about you
- Correct inaccurate or incomplete data
- Request deletion of your data, subject to legal retention requirements
- Object to or restrict certain processing of your data
- Export your data in a portable format
To exercise any of these rights, contact us at privacy@goodbooks.app.
Children's Privacy
GoodBooks is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have done so, we will take steps to delete that information.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of material changes by posting an updated policy on our website and, where appropriate, by email. Continued use of the platform following notice of changes constitutes your acceptance of the updated policy.
Contact Us
If you have questions or concerns about this Privacy Policy, please reach out:
Email: privacy@goodbooks.app
Website: goodbooks.app