Privacy Policy

Last updated: July 2, 2026

Who we are

MissionFlow is volunteer and grant management software for small Canadian nonprofits. This policy describes how we collect, use, and protect personal information under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

Information we collect

  • Account details: name, email, password (stored hashed)
  • Organization profile: charity name, address, optional CRA registration number
  • Volunteer records: contact info, emergency contacts, certifications, shift signups
  • Donor records: contact info and donation history you enter
  • Usage and audit logs for security and troubleshooting

How we use it

We use your data to operate the service: scheduling, grant tracking, donor records, billing, and email notifications you configure. We do not sell personal information. Payment processing is handled by Stripe under their own privacy policy.

Your rights

Organization owners and admins can export all organization data from Settings → Privacy & data. Owners may request permanent deletion of the organization and associated records. Volunteers and donors whose data your organization stores may contact you directly; your organization is responsible for responding to access and correction requests about volunteer and donor records you maintain in MissionFlow.

Retention & security

Data is stored on servers you configure for your deployment. Access is limited to authenticated users in your organization according to role. When you delete your organization, associated records are permanently removed from our database.

Contact

Questions about this policy or a data request: use the export or deletion controls in Settings, or contact your MissionFlow administrator.