Love & Luck
Support & Join

Data Collection Policy

Generous Data Collection Guidelines & Policy

1. Purpose

This policy explains how Generous collects, uses, and manages personal and organisational data. It ensures that only necessary information is collected, that it is obtained fairly and transparently, and that supporters and cause partners can trust our fundraising platform.

2. Scope

This policy applies to all data collected through the Generous platform, websites, applications, and related services. It covers:

  • Donor and supporter information
  • Cause partner organisation details
  • Payment and transaction information
  • Platform usage and analytics data

3. Principles of Data Collection

Generous adheres to the following core principles when collecting data:

  • Minimal Collection: We only collect the data that is necessary to deliver our fundraising services.
  • Purpose Limitation: Data is collected for specific, legitimate purposes (e.g., processing donations, issuing receipts, providing reporting to cause partners).
  • Transparency: Supporters are informed about what data is collected and why, at the time of collection.
  • Consent: Where required, explicit consent is obtained before data is collected or used.
  • Lawfulness: All collection activities comply with the Australian Privacy Principles (APPs) and relevant laws.

4. Types of Data Collected

  • Personal Information: Name, email address, phone number, and billing/shipping address (as required for donation receipts or supporter engagement).
  • Payment Information: Payment card details are not stored by Generous. All payment data is collected and processed securely by Stripe, a PCI-DSS Level 1 certified provider.
  • Donation Information: Donation amounts, frequency, selected campaign or cause.
  • Organisational Information: Details of cause partners required to facilitate fundraising campaigns.
  • Technical & Analytics Data: Device type, browser, IP address, and platform usage patterns. Where analytics data is used (via Amplitude and Segment), it is anonymised and aggregated to ensure no personally identifiable information (PII) is shared.

5. How Data Is Collected

  • Directly from Supporters: Through donation forms, account creation, or communication with Generous.
  • Through Cause Partners: As part of onboarding, campaign setup, and reporting.
  • Automatically: Via cookies and analytics tools (Amplitude/Segment), always anonymised for usage insights and platform improvements.

6. Use of Collected Data

Collected data is used only for purposes directly related to fundraising and platform operations, including:

  • Processing donations securely via Stripe
  • Providing donation receipts and acknowledgements
  • Enabling reporting to cause partners
  • Communicating with active supporters
  • Detecting and preventing fraud
  • Improving platform functionality and supporter experience (through anonymised analytics)

7. Sharing of Data

  • Generous does not sell or trade personal data.
  • Donor information is only shared with the cause to which the supporter has donated.
  • Payment card details are never accessible to Generous and are handled entirely by Stripe.
  • Anonymised, aggregated usage data may be processed by trusted third-party providers (Amplitude and Segment) for analytics and performance optimisation.

8. Data Subject Rights

Supporters and partners have the right to:

  • Access the data Generous holds about them
  • Request corrections to their data
  • Request deletion of their data, subject to legal and financial obligations
  • Withdraw consent for certain uses of their data

Requests can be made by contacting support@generous.co.

9. Retention

  • Personal and donation data is retained only as long as necessary for legal, financial, and operational purposes.
  • Payment data is never stored by Generous; it is processed and retained securely by Stripe under their PCI-DSS compliant framework.
  • When data is no longer required, it is securely deleted or anonymised.

10. Review and Updates

This policy is reviewed annually, or sooner if legal, regulatory, or operational changes require it. Updates will be communicated to stakeholders as needed.

11. Contact

For questions or requests regarding this policy, please contact:

Simon Collins - Data Protection Officer

support@generous.co