Privacy Policy

1. Who is responsible for your data

Proficio is the controller of personal information collected through the Service. You can contact us at support@joinproficio.com with any privacy questions or requests.

2. What we collect

2.1 You give us

• Account info — your name, email, password (stored hashed), and optionally a profile photo if you sign in with Google.
• Commitment data — the title and description of each commitment, the deadline, the stake amount, the cause you chose, and any peer reviewer you nominated.
• Communications — messages you send to support, feedback you submit, and reviewer responses tied to your commitments.

2.2 Collected automatically

• Usage data — pages visited, features used, approximate timestamps, error logs, and basic device/browser info.
• Cookies & similar — a session cookie to keep you logged in, and a small number of functional cookies. We do not use third-party advertising cookies.

2.3 From third parties

• Payments — when you activate a commitment, our processor (Stripe) collects your card details directly. We never see or store your full card number; we receive a token, the last 4 digits, brand, and the result of the charge.
• OAuth providers — if you sign in with Google, we receive your email, name, and profile picture.
• Email infrastructure — delivery and bounce status for transactional emails (verification, deadline reminders, completion receipts).

3. How we use your information

• Operate the Service — create and manage your account, run commitments, charge stakes, issue refunds, batch and remit donations, and send transactional notifications.
• Honor the commitment loop — schedule deadline reminders, run countdowns, capture peer reviewer decisions, and record outcomes.
• Trust & safety — detect and prevent fraud, abuse, and policy violations; investigate disputes and chargebacks.
• Improve the Service — understand how features perform in aggregate, prioritize fixes, and shape new features.
• Comply with the law — meet our tax, accounting, anti-money-laundering, and other legal obligations.

4. Legal bases (for users in the EEA / UK)

We process your personal data on the following bases:

• Contract — to deliver the Service you signed up for.
• Legitimate interests — to operate, secure, and improve the Service, and to communicate with you about it.
• Consent — for any optional communications, where required.
• Legal obligation — to comply with applicable law.

5. Who we share your data with

We do not sell your personal information. We share it only as needed:

• Payment processor (Stripe) — to authorize charges, issue refunds, and route donation funds.
• Charity partners — when a commitment is missed and the donation is remitted, we may share aggregate amounts and, where charity policies require it, a donor identifier. We do not share commitment titles or descriptions with charity partners.
• Peer reviewers you nominate — receive your name, the commitment title, the deadline, and your completion claim. They do not see your stake amount, payment information, or other commitments.
• Service providers — hosting, transactional email, error monitoring, and analytics, all under contract and limited to operating the Service.
• Legal & safety — when required by law, court order, or to protect users, the public, or Proficio.
• Successors — in connection with a merger, acquisition, or asset sale, subject to this Policy continuing to apply.

6. International transfers

Our service providers may be located outside your country. When personal data moves across borders, we rely on appropriate safeguards (such as Standard Contractual Clauses) to keep it protected.

7. How long we keep data

• Account & commitment records — for as long as your account is active, plus a reasonable archive period for tax, accounting, and dispute purposes (typically up to 7 years).
• Payment records — retained as required by law and our payment processor.
• Logs & analytics — retained for shorter periods, typically up to 12 months.

8. Your rights

Depending on where you live, you may have the right to:

• access the personal information we hold about you;
• correct inaccurate or incomplete data;
• delete your account and associated data, subject to legal retention;
• export a copy of your data in a portable format;
• object to or restrict certain processing;
• withdraw consent where processing is based on consent.

To exercise any of these rights, email support@joinproficio.com. We may need to verify your identity before acting on a request.

9. Security

We use industry-standard measures to protect your information, including encryption in transit, hashed passwords, scoped access to production data, and monitoring of unusual activity. No system is perfectly secure; if we discover a breach affecting your personal data, we’ll notify you in line with applicable law.

10. Children

The Service is not intended for anyone under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact support@joinproficio.com and we will delete it.

11. Third-party links

The Service may link to third-party sites (for example, charity partners). Their privacy practices are their own; we encourage you to review them before sharing information.

12. Changes to this Policy

We may update this Policy from time to time. If a change is material, we’ll notify you by email or through the Service before it takes effect. The “ Last updated” date at the top tells you when the latest version became effective.

13. Contact

Questions or requests about this Policy? Email support@joinproficio.com.