Back

Privacy Policy

Last updated: March 8, 2026. Learn how we collect, use, and protect your personal information.

1. Introduction

[COMPANY_NAME], a company registered in Belgium, operates the GiveGetFunds platform ("Platform"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information in accordance with the EU General Data Protection Regulation (GDPR) and applicable Belgian data protection laws.

By accessing or using GiveGetFunds, you acknowledge that you have read and understood this Privacy Policy. Where required by applicable law, including GDPR, we will obtain your explicit consent before processing your personal data. You may withdraw your consent at any time by contacting us at [email protected]

2. Information We Collect

Account Information:

  • Name and email address โ€” required for account creation and communication
  • Password โ€” stored in encrypted format only, never in plain text
  • Phone number and country/location โ€” optional, used for account security and regional settings
  • Profile photo and bio โ€” optional, displayed publicly on your profile

Campaign Information:

  • Campaign details, photos, and videos โ€” required for publishing and displaying your campaign publicly
  • Payment account details (PayPal email, Stripe account ID, or cryptocurrency wallet address) โ€” required to receive donations directly. Note: GiveGetFunds does not store full payment credentials. Payment data is processed and secured by the respective third-party payment providers.

Donation Information:

  • Donor name and email address โ€” required to send donation confirmation and receipts
  • Donation amount โ€” required to process and record the transaction
  • Payment method type โ€” recorded for transaction purposes only. We do NOT store card numbers, CVV codes, or full payment credentials. All payment data is handled exclusively by PayPal, Stripe, or the respective blockchain network. For cryptocurrency donations, GiveGetFunds records the transaction amount and exchange rate at time of donation, but does not have access to wallet private keys or the ability to move funds.
  • Optional message or comment โ€” displayed publicly on the campaign page unless marked private

Important โ€” Email Sharing with Campaign Owners: During the donation process, you will be presented with an optional, explicit consent checkbox asking whether you agree to receive campaign updates and thank-you messages from the Campaign Owner. Your email address will only be shared with the Campaign Owner if you actively check this box. If you do not check this box, your email address will not be shared with the Campaign Owner for messaging purposes.

Where consent is given, Campaign Owners are strictly limited to a maximum of one (1) message per week and are prohibited from including hyperlinks or external URLs in their messages. Campaign Owners are prohibited from using your email address for any other purpose including unsolicited marketing, commercial promotion, or any communication unrelated to the campaign you supported. You may withdraw your consent and unsubscribe from Campaign Owner messages at any time by clicking the unsubscribe link in any message received, or by contacting us at [email protected]

Technical Information:

  • IP address and approximate location โ€” collected for security, fraud prevention, and legal compliance
  • Browser type, device information, and operating system โ€” collected to optimize Platform performance and user experience
  • Pages visited and time spent โ€” collected for analytics and Platform improvement purposes
  • Cookies and tracking technologies โ€” used for session management, authentication, and analytics. See Section 8 for full details on cookie usage and your choices.

Note: Under GDPR, IP addresses constitute personal data and are processed on the basis of our legitimate interests in Platform security and fraud prevention.

3. How We Use Your Information

  • Platform Operations: We process your personal data to create and manage your account, process Campaigns, and facilitate donations. Legal basis: Performance of contract (GDPR Article 6(1)(b)) โ€” processing is necessary to provide the services you requested.
  • Campaign Owner Messaging: Your email address will only be shared with the Campaign Owner if you have provided your explicit, freely given, and informed consent via the optional checkbox during the donation process. Where consent is given, the Campaign Owner may send you campaign-related updates or thank-you messages only, subject to the following strict limitations:
    • Maximum one (1) message per week per campaign
    • Messages must relate solely to the campaign you supported
    • Hyperlinks and external URLs are strictly prohibited in message content
    • Commercial promotion, solicitation, or unsolicited marketing is prohibited
    Legal basis: Explicit Consent (GDPR Article 6(1)(a)) โ€” consent is collected via a separate, unticked checkbox at the time of donation. You may withdraw your consent at any time by clicking the unsubscribe link in any message received, or by contacting [email protected]. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.
  • Service Communications: Donation confirmations, account updates, and customer support responses. Legal basis: Performance of contract (GDPR Article 6(1)(b))
    Marketing Communications: Platform updates, newsletters, and promotional content โ€” only with your explicit prior consent. Legal basis: Consent (GDPR Article 6(1)(a)). You may withdraw consent at any time by clicking "unsubscribe" or contacting [email protected]
  • Analytics: We analyze Platform usage data to understand user behavior and improve our services using tools including Google Analytics. Legal basis: Legitimate interests (GDPR Article 6(1)(f)). You may opt out of Google Analytics tracking at: tools.google.com/dlpage/gaoptout
  • Legal & Safety: We process your personal data to prevent, detect, and investigate fraud and illegal activities; comply with applicable legal obligations including AML and CTF laws; respond to lawful requests from authorities; and protect the rights, property, and safety of GiveGetFunds and our users. Legal basis: Legal obligation (GDPR Article 6(1)(c)) and Legitimate interests (GDPR Article 6(1)(f)).

4. How We Share Your Information

Public Information: The following information is visible to all users and visitors worldwide:

  • Campaign Owners: Name, profile photo, location, campaign title, description, photos, videos, fundraising goal and amount raised
  • Donors: Name (unless you choose to donate anonymously), donation amount (unless you choose to hide it), and any public message or comment left on the campaign

Private Campaigns: Campaign Owners may choose to set their Campaign as private. Private Campaigns are not publicly displayed on the Platform and are accessible only to individuals who possess the direct Campaign link. However, basic campaign information remains stored on our servers and is subject to this Privacy Policy. GiveGetFunds is not responsible for unauthorized sharing of private Campaign links by third parties.

Important: Once information is made public, GiveGetFunds cannot control how third parties may access, copy, or use it.

Service Providers: We share your data with trusted third-party service providers solely to operate the Platform:

  • Payment Processors (PayPal, Stripe): To process donations and platform fees. Subject to their own privacy policies and GDPR-compliant data processing agreements.
  • Cloud Hosting & Email Services: To host the Platform and send transactional emails. All providers are contractually bound to protect your data.
  • Analytics (Google Analytics): To analyze Platform usage. Data may be transferred to Google servers outside the EU under Standard Contractual Clauses (SCCs).

All service providers are prohibited from using your data for any purpose other than providing services to GiveGetFunds.

Legal Requirements: We may disclose your personal data to authorities or third parties when required by applicable law, regulation, or legal process; ordered by a competent court or regulatory authority; necessary to prevent or investigate fraud or illegal activity; or required to protect the rights, property, or safety of GiveGetFunds, our users, or the public. Where permitted by law, we will endeavor to notify you before disclosing your data to authorities. All such disclosures are logged and recorded for accountability.

What We Do NOT Share:

  • We DO NOT sell, rent, or trade your personal information to any third party for commercial purposes, ever.
  • We DO NOT share your payment card details โ€” we never store or have access to your full card information.
  • We DO NOT share your password โ€” it is stored in encrypted format and inaccessible even to our staff.
  • We DO NOT share your data with advertisers or data brokers.
  • We DO NOT use your data for automated decision-making or profiling without your explicit consent.

5. Data Security

We implement the following security measures to protect your data:

  • Encryption: All data transmission is protected via HTTPS/TLS. Sensitive data is encrypted at rest and in transit.
  • Secure Storage: Personal data is stored in encrypted databases with restricted access.
  • Access Controls: Only authorized personnel with a legitimate need can access personal data.
  • Regular Security Audits: We conduct periodic security reviews to identify and address vulnerabilities.

Data Breach Notification: In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected users without undue delay, in accordance with GDPR Article 33 and 34.

While we implement industry-standard security measures, no system is 100% secure against all threats. GiveGetFunds cannot guarantee absolute security of your data.

Your responsibilities:

  • Keep your password confidential and do not share it with anyone
  • Use a strong and unique password for your GiveGetFunds account
  • Log out after each session on shared or public devices
  • Notify us immediately at [email protected] if you suspect unauthorized access to your account

6. Your Rights and Choices

Right of Access & Rectification: Under GDPR Article 15 and 16, you have the right to request a copy of all personal data we hold about you, correct any inaccurate or incomplete personal data, and update your information directly through your account settings or by contacting [email protected]. We will respond to all access and rectification requests within 30 days of receipt.

Right to Erasure (Right to be Forgotten): Under GDPR Article 17, you have the right to request deletion of your personal data by contacting [email protected]. We will process your request within 30 days. Please note the following exceptions where data may be retained:

  • Public campaign content that has been shared or donated to may remain visible to preserve donor records
  • Financial and transaction records required by law (retained for up to 7 years)
  • Data necessary to resolve ongoing disputes or enforce our Terms
  • Data retained for fraud prevention and legal compliance purposes

Right to Object to Marketing: Under GDPR Article 21, you have the absolute right to object to the processing of your personal data for direct marketing purposes at any time. You may opt out through:

  • Clicking "unsubscribe" in any marketing email you receive
  • Adjusting your notification preferences in your account settings
  • Contacting us directly at [email protected]

We will process your opt-out request immediately. Note: You will still receive essential service communications such as donation confirmations and account notifications.

Cookie Management: Under GDPR and the EU ePrivacy Directive, you have the right to control how cookies are used on your device. Essential cookies cannot be disabled as they are necessary for the Platform to function. Analytics and third-party cookies require your consent and may be disabled at any time through your browser settings or cookie preferences. See Section 8 for full details.

7. Data Retention

We retain your personal data only for as long as necessary for the purposes outlined in this Policy, in accordance with GDPR's Storage Limitation principle:

  • Account data: Retained for the duration of your account and deleted within 30 days of account deletion request
  • Transaction and donation records: Retained for 7 years to comply with Belgian financial and tax regulations
  • Campaign data: Retained for the duration of the campaign and up to 2 years after closure
  • Technical logs and IP addresses: Retained for a maximum of 12 months for security purposes
  • Marketing preferences: Retained until you withdraw consent

Upon account deletion:

  • Personal account data will be permanently deleted within 30 days of your request
  • Backup copies may be retained for up to 90 days before permanent deletion for system integrity purposes
  • Anonymized and aggregated data may be retained indefinitely for analytics purposes as it can no longer identify you
  • Data subject to legal retention obligations will be retained for the required period and then permanently deleted
  • You will receive a confirmation email once your data has been permanently deleted

8. Cookies and Tracking

Essential Cookies (Always Active): These cookies are strictly necessary for the Platform to function and cannot be disabled: session management, authentication, security, and cookie consent preferences. Legal basis: These cookies do not require consent under EU ePrivacy Directive as they are essential for the service you requested.

Analytics Cookies (Require Consent): These cookies help us understand how visitors use the Platform, including Google Analytics which tracks pages visited, time spent, and user behavior. Legal basis: Consent (GDPR Article 6(1)(a)) โ€” these cookies are only activated with your explicit consent. You may opt out at any time via your cookie preferences, tools.google.com/dlpage/gaoptout, or your browser settings.

Third-Party Cookies (Require Consent): Set by payment providers (PayPal, Stripe) to process payments securely and prevent fraud, and by social media platforms when campaigns are shared. GiveGetFunds has no control over third-party cookies. We recommend reviewing the privacy policies of:

Managing Your Cookie Preferences: Upon your first visit, you will be presented with a cookie consent banner allowing you to accept or reject non-essential cookies. You may also manage cookies through your browser:

  • Chrome: Settings โ†’ Privacy โ†’ Cookies
  • Firefox: Settings โ†’ Privacy โ†’ Cookies
  • Safari: Preferences โ†’ Privacy โ†’ Cookies
  • Edge: Settings โ†’ Privacy โ†’ Cookies

You may withdraw your cookie consent at any time by clearing your browser cookies or contacting [email protected]. Note: Disabling essential cookies may affect Platform functionality. Disabling analytics or third-party cookies will not affect your ability to use the Platform's core features.

9. Children's Privacy

GiveGetFunds is strictly intended for users who are 18 years of age or older. In accordance with GDPR Article 8 and applicable Belgian law, we do not knowingly provide services to or collect personal data from individuals under the age of 18. By using this Platform, you confirm that you are at least 18 years of age.

We do not knowingly collect, process, or retain personal data from individuals under the age of 18. If we become aware that a minor has provided personal data without verifiable parental consent, we will:

  • Immediately suspend the account pending verification
  • Delete all associated personal data within 72 hours of discovery
  • Notify the relevant supervisory authority if required by law

If you believe a minor under the age of 18 has provided personal data on our Platform, please contact us immediately at [email protected]. Please include the username or campaign link if known, the reason you believe the user is a minor, and any supporting information. We will investigate all reports within 48 hours and take immediate action to delete the data if confirmed, in accordance with GDPR Article 8 and applicable child protection laws.

10. International Data Transfers

As a Platform operating globally, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure all international transfers comply with GDPR Chapter V through the following mechanisms:

  • Standard Contractual Clauses (SCCs): All transfers to third-party service providers outside the EEA are governed by EU-approved Standard Contractual Clauses.
  • Adequacy Decisions: Where the European Commission has determined that a country provides adequate data protection, we rely on this adequacy decision.
  • US Transfers: Data transferred to US-based providers (including Google Analytics, PayPal, Stripe) is protected under Standard Contractual Clauses or equivalent safeguards.

You have the right to obtain a copy of the safeguards we use for international transfers by contacting [email protected]

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You have the right to request disclosure of: the categories of personal information we collect; the purposes for which we collect your information; the categories of third parties with whom we share your data; and the specific pieces of personal information we hold about you. We will respond to verified requests within 45 days as required by CCPA.
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions required by law. We will respond to verified requests within 45 days.
  • Right to Opt-Out: We do NOT sell, rent, or trade your personal information to any third party. You have the right to direct us not to sell your personal information at any time.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your CCPA rights, contact us at [email protected]. We may need to verify your identity before processing your request.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have the following rights under GDPR. All requests can be submitted to [email protected] and will be responded to within 30 days:

  • Right of Access (Article 15): Obtain a full copy of all personal data we hold about you
  • Right to Rectification (Article 16): Correct any inaccurate or incomplete personal data
  • Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations
  • Right to Restriction (Article 18): Request that we restrict processing of your data in certain circumstances
  • Right to Data Portability (Article 20): Receive your personal data in a structured, machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent (Article 7): Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing

Right to Lodge a Complaint: You have the right to lodge a complaint with the Belgian Data Protection Authority (Autoritรฉ de protection des donnรฉes / Gegevensbeschermingsautoriteit) at dataprotectionauthority.be if you believe we have violated your GDPR rights.

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time at our sole discretion. Minor updates will be effective immediately upon posting.

For material changes that significantly affect your rights or how we process your personal data, we will provide a minimum of 15 days prior notice through email notification to your registered email address and a prominent notice on the Platform, in compliance with the EU Digital Services Act (DSA).

Your continued use of the Platform following the posting of any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree to the modified Policy, you must immediately discontinue your use of the Platform and may request account deletion by contacting [email protected]

14. Contact Us

For privacy-related questions or to exercise your rights:

Response Time: We aim to respond to all privacy-related requests within 30 days as required by GDPR.

Supervisory Authority: If you are unsatisfied with our response, you have the right to lodge a complaint with the Belgian Data Protection Authority at dataprotectionauthority.be

15. Acknowledgment

BY ACCESSING OR USING THE GIVEGETFUNDS PLATFORM IN ANY WAY, YOU ACKNOWLEDGE THAT YOU HAVE READ, FULLY UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY AND ALL APPLICABLE DATA PROTECTION LAWS INCLUDING GDPR.

IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU ARE NOT AUTHORIZED TO ACCESS OR USE THE PLATFORM IN ANY MANNER WHATSOEVER.

Last Updated: March 8, 2026

Report Campaign

Help us keep GiveGetFunds safe. Your report is confidential and will be reviewed by our team within 48 hours.

Your identity will remain confidential. All reports are reviewed within 48 hours.
โœ…
Report Submitted Successfully

Thank you for helping keep GiveGetFunds safe. Our team will review your report within 48 hours. If the campaign is found to violate our Terms of Service, appropriate action will be taken.

๐ŸŒ Select Language