We believe in data privacy & security
We feel strongly about privacy, security and transparency. At every level of what we do, we take appropriate steps to protect data, undertaking with our partners to keep privacy and security a top priority in our operations.
Data Privacy & Security
Rights we respect
We never sell, rent or lease personal or business details to any third parties. Never. When we share data with nonprofits and partners, it is always in keeping with our Privacy Policy.
Standards we protect
We never charge a card, digital wallet or bank account without authorization. Our security safeguards protect all purchases and payments, ensuring that confidential information is never vulnerable.
Practices we expect
When faced with unanticipated tech issues or security concerns, we react. We mobilize immediately to tackle the issues and find responsible solutions.
Priorities we project
We support values that make the world a better place. We terminate uses of our tech that we deem to be in violation of our values, as stated in our Terms of Use.
The Full Story
How is private data handled so that everyone can be sure it stays private?
Nothing is more significant to us than the goodwill of donors and vitality of the nonprofits they support. That is why we spare no effort to ensure data privacy in accordance with the law, best practices and what is right.
First and foremost, we and our nonprofit members never directly see or store any donor payment information. (Saved payment details are captured by and stored securely in a third-party payment processor without passing through our servers. Upon request, we can work with the payment processor to delete that data.)
With any data we do collect and retain, we take every reasonable action to protect against its loss or misuse, both in transit and at rest. While in transit, it is protected using end-to-end encryption and SSL protected web pages (see more below). At rest, it resides in encrypted databases. Most importantly, we only store data for as long as required, and, critically, we will never sell, rent or lease it to third parties.
We are however obligated to disclose some personal data to nonprofit members receiving donations and to third-party partners who help process those donations, as fully described in our Privacy Policy. With nonprofits, we share donor first and last name, email address and any other provided information.
Other personal payment data may be passed through to partners for the purpose of processing donations.
For more about individual nonprofits’ privacy policies and how they use and protect personal data, contact the nonprofits directly. For more about some of our partners, see more about our partners’ security below.
These details aside, we acknowledge and respect donors’ right to control their data. With that in mind, we will always abide by any donor’s wish to delete personal data, when requested. And, while we are exempt from the California Consumer Privacy Act, we are in compliance with the stricter standards of the European Union’s General Data Protection Regulation (GDPR), which governs data protection and privacy. Although GDPR officially applies only to EU citizens, we set store by the spirit of it and have adjusted our data protection policies to suit. For more regarding this, see our Master Service Agreement, Terms of Use, and Privacy Policy.
In terms of hardware, our website and technology are hosted by Amazon Web Services (see more below), a robust and reliable platform that ensures continuous operations, round-the-clock support and top-quality security, including firewalls, encryption, monitoring, penetration testing and more. Learn more about AWS security.
Industry-standard safe practices
What kinds of measures ensure the complete security of Give Lively’s fundraising technology?
All our web-based tools and widgets are hosted on pages with a hyperlink starting “HTTPS," meaning the page is completely secure. Even when our widgets are embedded on pages that do not include “HTTPS,” our widgets are still secure.
“HTTPS” stands for Hypertext Transfer Protocol Secure, which is a combination of the Hypertext Transfer Protocol (HTTP) – a basic mechanism that allows for data exchange on the web – and an extra Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocol. TLS is an authentication and security process widely used by web browsers and servers. SSL allows for the transfer of encrypted data.
More specifically, our data in transit is TLS-protected through Amazon Cloudfront, which connects to our servers securely via SSL/TLS, and Heroku, which encrypts data from its server to its Postgres database using TLS.
PCI compliance refers to adherence to the Payment Card Industry Data Security Standard (PCI DSS), a global security standard for account data protection. Compliance involves conformity with numerous security requirements, such as quarterly network scans and annual compliance assessments with stringent validation requirements. Visit the PCI Security Standards Council for more information.
Stripe and PayPal, two industry-leading payment processors trusted by thousands of companies and nonprofits, are what we use to process donations made using Give Lively's fundraising technology. Stripe and PayPal are PCI Level 1 compliant, which means they maintain the highest level of data security when it comes to protecting payment information. Learn more about Stripe’s PCI compliance and PayPal’s PCI compliance. Give Lively is required to complete a PCI Self-Assessment Questionnaire A and Attestation of Compliance, which we do on an annual basis and can provide on request.
System and Organization Controls (SOC) is a suite of reports that look at system-level controls at a service organization. The SOC 1 report focuses on financial matters, while SOC 2 addresses operations and compliance.
As Give Lively’s technology is hosted on Amazon Web Services (see below), see the AWS SOC reports about platform operations. Our payment processors' information security policies and controls are also certified to SOC 1 and SOC 2 standards and guidelines.
More about our tech partners’ security
Stripe
Our required payment processor

We rely on Stripe to process and disburse donations. By connecting an activated Stripe account to Give Lively – a necessary step for Give Lively membership – nonprofits grant us permission to process donations, transfer funds and deliver donor data through their Stripe account.
However, much like an account with Facebook, a Stripe account is entirely independent of Give Lively. We selected Stripe because it is PCI Level 1 compliant, which means the company maintains the highest level of data security when it comes to protecting payment information. Learn more about Stripe's PCI compliance and privacy practices.
PayPal
Our optional additional payment processor

PayPal is an optional donation-processing and disbursement method available to our nonprofit members, but only for one-time donations. By using it in conjunction with Give Lively, a nonprofit allows us to process donations, transfer funds and deliver donor data through its PayPal account.
Just like a bank account, however, a PayPal account is not at all connected to Give Lively. We place confidence in PayPal because of its PCI Level 1 compliance, placing it at the highest level of data security when protecting payment information. Learn more about PayPal's PCI compliance and privacy practices.
Plaid
Facilitator of donations via bank (direct debit/ACH)

We use Plaid to facilitate and process debit/ACH/bank transactions. To accomplish this, Plaid receives financial information, which remains shielded from us – we don’t see any bank information – and subject to powerful information security measures. Learn more about Plaid security and its privacy practices.
Twillio
Communication platform that powers Text-to-Donate

We work with Twilio, a cloud communication platform, to power our Text-to-Donate technology. Twilio allows donors to text our shortcode with a nonprofit-specific text code and, in return, receive a link to that nonprofit’s campaign. Learn more about Twilio's privacy practices.
Amazon Web Services
Cloud services platform that hosts our website and tech

Amazon Web Services (AWS) is the cloud services platform that Give Lively uses to host its website and all of its technology. Security at AWS is an extremely high priority, built to levels demanded by the most security-sensitive organizations, complete with firewalls, encryption, monitoring, penetration testing and more. Learn more about AWS security.
Heroku
Cloud platform we use to build and monitor our apps

As a platform for its technology, Give Lively uses Heroku, a PCI Level 1-compliant cloud service for building, delivering, monitoring and scaling apps. Heroku’s security-conscious operations include constant threat monitoring, automatic and seamless vulnerability patching, and 24-hour support. This extends to data synchronization with Salesforce. Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes Amazon Web Service technology. Learn more about Heroku security.
Mandrill
Email service that send receipts and other notifications

Mandrill is a transactional email service, run by MailChimp, through which Give Lively sends receipts. Although no personal data is permanently filed with Mandrill, what passes through it – donation information, not including bank or card details – is stored for 30-90 days and carefully safeguarded in keeping with legal data protection requirements, as well as laws against spam. Learn more about Mailchimp's data security and privacy and its anti-spam requirements.
Salesforce
CRM used internally and as an external integration for nonprofits
We use Salesforce internally to record relationships with member organizations and contacts, as well as to track the status and usage of our various offerings. Our nonprofit members who use Salesforce can install our Salesforce app to automatically sync donation information. Learn more about data privacy and security at Salesforce.

Double the Donation
Taps into matching gift programs through donors’ companies
We work with Double the Donation to help nonprofit organizations raise more money and improve donor engagement by tapping into the matching gifts programs available through donors’ companies. To do this, we share a limited amount of information with Double the Donation. Learn more about Double the Donation's privacy policy and security.
Donation Disbursement
We believe all money donated to nonprofits should get to those nonprofits as quickly as possible. The speed of disbursement is in part a function of the form of payment and whether the nonprofit is a Give Lively member.
For full details about transaction fees and donation disbursement, click below.
No matter the circumstances, Give Lively’s commitment to the nonprofit community remains the same.
Our commitment to working with and for the nonprofit community is unwavering. We are fully confident of our ability to continue supporting our nonprofit members through turbulent times. Their work is never more critical than when health, welfare and economic vulnerabilities expand into new populations in the face of unexpected disruption.
To ensure our uninterrupted operations during times of crisis, we’ve taken the following steps as part of our Business Continuity plan:
As a function of circumstance, our staff is capable of delivering Give Lively services from almost anywhere.
The robustness of our technical, support and communications systems has been reviewed to accommodate this remote work. Our operations will continue to be secure and monitored as regularly as always.
Our service providers' continuity plans
Importantly, as our platform rests on the strong shoulders of several service providers, we urge our nonprofit members to proactively check our technology partners' continuity plans:
What happens when something goes wrong?
While we do everything we can to keep data secure and operations seamless, there is no such thing as 100% secure and error-free systems. Unfortunately, service interruptions and failures happen, as do unexpected and very rare instances of fundraising tech misuse.
Whatever the event, we respond to any and all concerns as quickly and thoroughly as possible. Our engineering and membership teams search for solutions, communicate how long they may take, recommend workarounds, if needed, and then advise of fixes once they have been implemented. Followup monitoring, proactive communication with all nonprofit members affected by the interruption, after-the-fact diagnostics and systemwide improvements are all part of the process.
If there is ever any reason to believe that Give Lively and its technology are not doing what they should or that the security of an account has been compromised, please contact us immediately at support@givelively.org.
Remember: Give Lively is unable to issue refunds on behalf of our nonprofit members, due to our Terms of Use. Refunds can only be made by the nonprofit named on the donation receipt.
What are the values that Give Lively holds dear?
We support values that inspire nonprofits to tackle tough challenges and complex issues such as gender equality, LGBTQ+ rights, social and environmental justice and more. Accordingly, we work to terminate all uses of our technology that promote activities not in alignment with our values.
Unacceptable uses include:
Discrimination on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation or military status in any activities, programs or operations
Advocating against or denying the rights of women
Advocating against or denying the rights or existence of anyone on the basis of their sex, gender, gender expression or sexual orientation, including transgender and gender nonconforming people
Advocating against or denying the rights of historically underrepresented groups, including Black, brown, AAPI and Indigenous people
Advocating against or denying environmental or social sustainability practices, especially with regard to renewable energy; land, water and air rights and use; and the growing climate emergency
Advocating for the sale, ownership and/or civilian use of assault weapons, weapons of war, high capacity magazines, automatic weapons or any mechanism that can convert a firearm into an automatic weapon
Disseminating hate speech or dangerous speech, promoting or inciting violence online or offline.
We have included this here (and in our Terms of Use) because we place great significance on the safety of the space we are proud to share with donors and our nonprofit members.
We have some answers that will help you
We believe that nonprofits, no matter their size, should not sacrifice their means to satisfy their missions. So we built and support a powerful and practical fundraising platform that’s free for nonprofits and intuitive for donors.
We understand and sympathize with your concern about what “free” means today. We've experienced the same “free” service offers with hidden gotchas. And we know that some services claim to be "free" as a way to justify selling your data.
We pledge to be different.
What free means to us
We do not charge nonprofits for use of our fundraising platform — no setup fees, no platform fees, no membership or subscription fees, no annual or monthly fees, no hidden Give Lively fees.
We also never sell, rent or lease any data — just one aspect of our comprehensive approach to data privacy and security. Nor do we charge donors to give through our platform.
Learn more about why we’re free for nonprofits.
How is free possible?
Our founders are committed philanthropists. In keeping with their goodwill vision of digital fundraising, they cover our operating costs so that we don’t have to charge nonprofits or donors.
They see Give Lively as a technological remedy to the complexity of fundraising, as well as a way to make strategic, efficient and impartial decisions about how to support the nonprofit community. In Give Lively, they identified a mechanism for sustainably leveraging their resources to help meet the development needs of a very broad group of potential beneficiaries.
That mechanism is our superpower. We call it the Give Lively Effect: a proven way of democratizing and leveling the digital fundraising playing field, guiding nonprofits into the digital age, helping them hit their fundraising goals and freeing them to devote more resources to their critical work.
Learn more about our founders’ rationale, the Give Lively Effect and our impact.
Membership is for U.S. based 501c3 public charities (not private foundations) who have applied and align with Give Lively’s values statement.
Membership is a nonprofit’s ticket to full access to our powerful, practical and free platform and all the fundraising tools within the platform, including Digital, Event and Peer-Based Fundraising Solutions.
The Give Lively membership application process can be completed in a few minutes, provided you have a few essential details at hand. Membership approval takes 7-10 business days as we manually review all applications to ensure alignment with our values statement.
- the EIN of your U.S. public charity (not private foundation) with 501(c)(3) status so that it can located it in the GuideStar database
- the name and email address of the person who will oversee the Give Lively account -- Note that, for faster approval, the email address should be associated with the nonprofit’s website. Otherwise, be prepared to verify the account holder's association with the nonprofit. The email address can be the login for a Give Lively User Portal donor account; when starting the membership application for your nonprofit, follow the prompts to sign in to the existing user account you wish to associate with the nonprofit.
- knowledge of your nonprofit’s basic fundraising objectives
- a Stripe account for your nonprofit
Our member nonprofits and their donors are central to everything we do. With that in mind, we maintain a robust set of tools -- online resources, a live Member Support team and a product feedback facility for members -- all put in place to help our users succeed.
Our online resources
We have two online resources: these FAQs and our Resource Hub.
- FAQs: Our FAQs are structured to help donors and prospective members find their way to helpful answers about us, about our platform and about membership, with additional lists of resources for nonprofits and tools for donors, as well as information about applying for membership.
- Resource Hub: Our Resource Hub is designed for members, but open to all, as a growing one-stop shop for information and instruction about how to use our powerful, practical and free fundraising technology.
Our Member Support team
Our Member Support team is outstanding. We pride ourselves on its effectiveness and its human touch when tech support can sometimes feel automated. Our tight-knit team will work with you to resolve queries via email and chat. Normal live chat support hours are 9am-5pm ET and support via email hours are 8am-6pm ET, Monday through Friday. Learn more about how to contact Give Lively, including customer support best practices.
Our product feedback facility
Give Lively’s dedicated team of advocates and technologists is proud to collaborate directly with nonprofits of all sizes as we improve our platform to better serve their needs and desires. Our product development is based primarily on proactive outreach to and advice from our nonprofit members and their donors. To facilitate this, our nonprofit members have access to a shared transparent feedback tool through which they make requests and upvote others’ suggestions, as well as gauge our progress on projects we undertake.
Give Lively uses UTC to note the time and date of a completed donation.
What is UTC?
UTC, which stands for Coordinated Universal Time, is used as the 24-hour time standard across the entire planet. UTC today is what people referred to as Greenwich Mean Time (or GMT) up until 1972, when GMT became the name of a time zone, not a time standard.
The local time anywhere on the planet can be calculated against UTC. For example, Eastern Standard Time (EST) in the U.S. is always UTC-5 (or UTC minus 5), meaning 16:00 UTC is 11:00am EST.
What does it mean that Give Lively uses UTC?
When a donor completes a donation, the time and date of the completed donation is recorded in UTC. A donor’s local timezone is not presently gathered or stored.
This means that donation dates and times are noted in UTC on a donor’s receipt and within donor data reports.
The use of UTC also affects how nonprofits view data in the Giving Basket Reports Portal. When a nonprofit filters donations by date, the results are determined by the donation time in the nonprofit's timezone, but only if one is specified in the Core Profile of a member nonprofit or if an address is specified in the GuideStar profile of nonprofits receiving donations through the Giving Basket. If there is no timezone specified in either location, results are set to Coordinated Universal Time (UTC).
Why is this important?
In some cases, donors may have been attempting to complete donations before a tax deadline — such as before midnight on December 31. The receipt may not immediately look like the deadline was met, but it is accurate in UTC and can be confirmed as valid with a tax expert or accountant when filing taxes.
For example, a donor based in San Francisco who completes a donation at 7pm PST on December 31 will see it as having been completed at 03:00 UTC on January 1. That is not a mistake. Since PST is UTC-8, the UTC time is 8 hours later, or 3am. But the receipt, although it shows it in UTC, accurately reflects a donation time of 7pm on December 31 for a person located in Pacific Standard Time.