Privacy Policy

Effective Date: April 29, 2026 · Last Updated: April 29, 2026

Christian Esqueda, dba MicroGive ("MicroGive," "we," "us," or "our") operates the MicroGive platform, a micro-donation service that connects donors with charitable organizations. This Privacy Policy explains how we collect, use, store, and share your information when you use our platform (the "Service").

1. Who This Policy Applies To

This policy applies to:

Donors: individuals who link bank accounts and make micro-donations
Organization administrators: staff who manage a charitable organization account on MicroGive
Visitors: anyone who browses our website

2. Information We Collect

Information You Provide Directly

Account information: first name, last name, email address, phone number, and password (stored as a one-way hash; it is never readable by us)
Organization information: organization name, EIN (tax ID), website, address, contact email and phone

Financial Information (via Plaid)

When you connect a bank account, our bank-linking partner Plaid provides us with your bank account's transaction history (merchant name, amount, date) and a Plaid access token used to retrieve ongoing transactions.

We do not see or store your bank account number, routing number, or login credentials. Your bank credentials are entered directly into Plaid's interface and never pass through our servers. Your Plaid access token is stored encrypted using AES-256-GCM encryption.

Payment Information (via Stripe)

Donation disbursements to organizations are processed via Stripe Connect. We store your Stripe account ID but do not store raw payment card data. All payment data is handled directly by Stripe.

Transaction Data

We store records of transactions used to calculate donation amounts, donation amounts and dates, destination organizations, and donation batch history. This data is retained to support donor tax records and organizational reporting.

Communications

Email: if you opt in to email marketing, we collect your email address for that purpose
SMS: if you opt in to text message communications from an organization you support, your phone number is used to send infrequent service-related or organizational updates. Message and data rates may apply. You may opt out at any time by replying STOP.

Automatically Collected Information

When you visit our website, we may collect browser type, device type, IP address, pages visited and time spent (via Google Analytics), and referral source.

3. How We Use Your Information

Purpose	Legal Basis
Create and manage your account	Contract performance
Calculate and process micro-donations	Contract performance
Sync bank transactions via Plaid	Contract performance
Disburse donations via Stripe	Contract performance
Send transactional emails (receipts, alerts)	Contract performance
Send email marketing (opt-in only)	Consent
Send SMS updates from organizations (opt-in only)	Consent
Improve and analyze platform usage	Legitimate interest
Comply with legal obligations	Legal obligation

We do not sell your personal information.

4. How We Share Your Information

We share data only with the following third parties, solely to operate the Service:

Third Party	Purpose	Data Shared
Plaid	Bank account linking and transaction retrieval	Plaid access token, transaction data
Stripe	Donation processing and payouts	Stripe account ID, payment amounts
SendGrid	Transactional email delivery	Name, email address
Email/SMS marketing platform	Email and SMS marketing (opt-in only)	Name, email, phone
Google Analytics	Website usage analytics	Anonymized usage data

We may disclose your information if required by law, court order, or to protect the rights and safety of our users or the public.

5. Data Retention

Data Type	Retention Period
Donor accounts and transaction history	3 years after account closure
Organization accounts and records	1 year after account closure
Marketing opt-in records	Duration of consent + 1 year
Server logs	90 days

Why 3 years for donors? Donation records may be needed for tax purposes. Donors may reference transaction history when filing charitable deduction claims, and IRS audit windows typically extend 3 years. We retain this data to protect both donors and the organizations they support.

After the applicable retention period, your data is permanently deleted from our systems.

6. Your Rights

Regardless of where you live, you may:

Access the personal data we hold about you
Correct inaccurate data
Delete your account and associated data (subject to retention periods above)
Withdraw consent for marketing emails or SMS at any time
Opt out of SMS by replying STOP to any text message

To exercise any of these rights, contact us at privacy@microgive.co.

7. California Residents: CCPA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following additional rights:

Right to Know: you may request a list of the personal information we have collected about you in the past 12 months, the categories of sources, and the purposes for collection
Right to Delete: you may request deletion of your personal information, subject to legal retention requirements
Right to Opt Out of Sale: we do not sell personal information
Right to Non-Discrimination: we will not discriminate against you for exercising any CCPA right

Categories of personal information collected:

Identifiers (name, email, phone, IP address)
Financial information (transaction history, donation amounts via Plaid)
Commercial information (donation records)
Internet activity (usage data via Google Analytics)

To submit a CCPA request, contact us at privacy@microgive.co. We will respond within 45 days.

8. Data Security

We implement industry-standard security measures including:

AES-256-GCM encryption for stored Plaid access tokens
Bcrypt hashing for passwords (never stored in plaintext)
HTTPS for all data in transit
Access controls limiting who can access production data

No method of transmission or storage is 100% secure. In the event of a data breach affecting your rights, we will notify you as required by applicable law.

9. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us data, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this policy as our practices evolve. We will notify you of material changes via email or a notice on the platform. The "Last Updated" date at the top reflects the most recent revision. Continued use of the Service after changes constitutes acceptance.

11. Governing Law

This policy is governed by the laws of the State of Texas, United States, without regard to conflict-of-law principles.

12. Contact Us

For privacy questions, data requests, or to exercise your rights:

Christian Esqueda, dba MicroGive
Email: privacy@microgive.co