Privacy Policy

Last Updated: December 31, 2025

PRIVACY NOTICE

This Privacy Policy explains how GiveAuction collects, uses, discloses, and protects your personal information. By using our Platform, you consent to the data practices described in this policy. If you do not agree with our practices, please do not use the Platform.

1. Introduction

GiveAuction ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform, including our website, mobile applications, and services.

Platform Facilitator Notice: GiveAuction operates as a marketplace platform connecting nonprofit organizations with donors and bidders. We are not responsible for the privacy practices of Fundraisers, sellers, bidders, or any third parties you interact with through the Platform. When you provide information to other users, their use of that information is governed by their own privacy practices.

Scope: This Privacy Policy applies to information collected through the GiveAuction platform. It does not apply to information collected by third parties, including Fundraisers, payment processors, or linked websites.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Registration: Name, email address, password, phone number
  • Profile Information: Display name, profile photo, biography, preferences
  • Verification Information: Identity documents, nonprofit documentation (for Fundraisers)
  • Transaction Data: Bid history, donation records, purchase history, payment methods
  • Shipping Information: Physical addresses for item delivery
  • Communications: Messages sent through the Platform, support inquiries, feedback
  • User Content: Auction listings, item descriptions, photos, campaign descriptions (for Fundraisers)

2.2 Information Collected Automatically

  • Device Information: IP address, device type, browser type, operating system, unique device identifiers
  • Usage Data: Pages viewed, features used, time spent, click patterns, search queries
  • Location Data: Approximate location based on IP address; precise location if you grant permission
  • Cookies and Tracking: Cookies, web beacons, pixels, and similar technologies
  • Log Data: Access times, error logs, referring URLs

2.3 Information from Third Parties

  • Authentication Providers: Information from Google, Apple, or other OAuth providers if you sign in using those services
  • Payment Processors: Transaction status, partial payment information from Stripe and other processors
  • Analytics Providers: Aggregated usage data from analytics services

3. How We Use Your Information

We use your information for the following purposes:

  • Provide Services: Operate the Platform, process transactions, facilitate auctions and donations
  • Account Management: Create and manage your account, authenticate users
  • Transactions: Process payments, facilitate shipping, generate tax receipts
  • Communications: Send transactional emails, notifications about bids, auction updates, donation confirmations
  • Personalization: Customize your experience, provide recommendations
  • Safety and Security: Prevent fraud, detect abuse, protect users and the Platform
  • Legal Compliance: Comply with legal obligations, respond to legal requests
  • Analytics: Analyze usage patterns, improve our services
  • Marketing: Send promotional communications (with your consent)

3.1 Artificial Intelligence and Automated Processing

We use artificial intelligence and automated systems to:

  • Generate auction item descriptions from photos
  • Provide personalized recommendations and search results
  • Detect and prevent fraudulent activity
  • Power the AI Chat Assistant feature
  • Analyze content for policy compliance
  • Estimate shipping costs and item values

4. Information Sharing and Disclosure

4.1 Sharing with Other Users

When you use the Platform, certain information is shared with other users:

  • Public Profile: Username, profile photo, and any information you make public
  • Bid Information: Your bids on auctions are visible to other bidders and the Fundraiser
  • Leaderboards: Donation amounts may appear on campaign leaderboards (you may opt for anonymous donations)
  • Transaction Information: Winning bidders' shipping addresses are shared with Fundraisers for fulfillment

4.2 Sharing with Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Payment Processing: Stripe and other payment processors handle financial transactions
  • Cloud Hosting: Server infrastructure and data storage providers
  • Email Services: Transactional and marketing email delivery
  • Analytics: Usage analysis and performance monitoring
  • Shipping: Shipping label generation and tracking services
  • AI Services: Third-party AI providers for content generation and analysis

4.3 Other Disclosures

We may disclose your information:

  • Legal Requirements: When required by law, court order, or government request
  • Safety: To protect the rights, safety, and property of GiveAuction, our users, or the public
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Consent: With your explicit consent for other purposes
  • Aggregated Data: Anonymized or aggregated data that cannot identify you

5. Payment Information

5.1 Payment Processing: All payments are processed by third-party payment processors, primarily Stripe. When you add a payment method, your card information is transmitted directly to and stored by Stripe. GiveAuction does not store complete payment card numbers on our servers.

5.2 What We Store: We retain limited payment information, such as card type, last four digits, and expiration date, for display purposes and transaction records.

5.3 Stripe Privacy: Stripe's collection and use of your information is governed by Stripe's Privacy Policy at stripe.com/privacy.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal obligations (tax records are typically retained for 7 years)
  • Resolve disputes and enforce our agreements
  • Prevent fraud and abuse

When you delete your account, we will delete or anonymize your personal information within 90 days, except for information we are required to retain by law or for legitimate business purposes (such as transaction records and tax documentation).

7. Data Security

We implement reasonable technical and organizational security measures to protect your information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication mechanisms
  • Access controls and monitoring
  • Regular security assessments

No Guarantee: However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information. You use the Platform and provide information at your own risk.

Your Responsibility: You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

8. Your Privacy Rights

8.1 General Rights

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request access to your personal information we hold
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your information (subject to legal exceptions)
  • Portability: Request a copy of your data in a portable format
  • Opt-Out: Unsubscribe from marketing communications
  • Object: Object to certain types of processing
  • Restrict: Request limited processing of your data

8.2 GDPR Rights (European Union)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Withdraw Consent: Withdraw your consent to data processing at any time
  • Right to Lodge a Complaint: File a complaint with your local data protection authority
  • Automated Decision-Making: Right to object to automated decision-making and profiling that produces legal effects
  • Data Protection Officer: Contact our DPO at hello@oz3an.com

Legal Basis for Processing: We process your data based on: (1) your consent, (2) performance of our contract with you, (3) compliance with legal obligations, and (4) our legitimate business interests.

International Transfers: Your data may be transferred to and processed in the United States. We use Standard Contractual Clauses and other appropriate safeguards for such transfers.

8.3 CCPA Rights (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights:

  • Right to Know: Request disclosure of categories and specific pieces of personal information collected, sources, purposes, and third parties with whom we share data
  • Right to Delete: Request deletion of personal information (with certain exceptions)
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt-out of the sale or sharing of personal information
  • Right to Limit Use: Limit use and disclosure of sensitive personal information
  • Right to Non-Discrimination: Exercise privacy rights without discriminatory treatment

Do Not Sell/Share Notice: GiveAuction does not sell your personal information as defined by CCPA. We may share data with service providers for business purposes as described in this policy.

Authorized Agent: You may designate an authorized agent to make requests on your behalf. Agents must provide written proof of authorization and we may verify your identity directly.

8.4 How to Exercise Your Rights

To exercise any of these rights, contact us at:

We will respond to verified requests within 30 days (or 45 days for CCPA requests if we notify you of the extension). We do not charge fees for processing requests unless they are excessive, repetitive, or manifestly unfounded. We may request additional information to verify your identity before fulfilling requests.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for the Platform to function (authentication, security)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how users interact with the Platform
  • Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can control cookie preferences through your browser settings. Note that disabling certain cookies may limit Platform functionality.

10. Children's Privacy

Age Restriction: The Platform is not intended for users under 18 years of age (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children under 13.

COPPA Compliance: GiveAuction complies with the Children's Online Privacy Protection Act (COPPA). If we discover that a child under 13 has provided us with personal information, we will delete it promptly.

Parental Notice: If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at hello@oz3an.com.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States. These countries may have different data protection laws than your country.

By using the Platform, you consent to such transfers. We take steps to ensure that your information receives adequate protection in accordance with this Privacy Policy and applicable law, including the use of Standard Contractual Clauses for transfers from the EEA.

12. Platform Facilitator Disclaimer

CRITICAL PRIVACY NOTICE

GiveAuction operates solely as a marketplace platform. We cannot control how Fundraisers, sellers, or other users handle your information once it is shared through the Platform.

We are not responsible for:

  • How Fundraisers or sellers handle, store, or use buyer/donor information
  • Privacy practices of individual Fundraisers or users
  • Fundraiser compliance with data protection laws
  • Privacy practices of third-party websites linked from the Platform
  • Unauthorized sharing of information between users
  • Data breaches or security incidents at third-party services

13. Third-Party Links and Services

The Platform may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party services before providing your information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

We will notify you of material changes by posting the updated policy on the Platform, updating the "Last Updated" date, and/or sending you an email notification. Your continued use of the Platform after changes constitutes acceptance of the updated policy.

15. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our privacy practices, contact us at:

PRIVACY ACKNOWLEDGMENT

BY USING GIVEAUCTION, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR INFORMATION AS DESCRIBED HEREIN. GIVEAUCTION OPERATES AS A PLATFORM FACILITATOR ONLY AND IS NOT LIABLE FOR PRIVACY BREACHES, DATA MISUSE, OR SECURITY INCIDENTS INVOLVING USER-TO-USER INTERACTIONS OR THIRD-PARTY SERVICES.

Terms of ServiceBidding Guidelines