Privacy Policy

At Impactra, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our nonprofit ERP platform and website.

1. Information We Collect

1.1 Information You Provide

We collect information you voluntarily provide when you:

• Create an account or organization profile
• Request a demo or contact us
• Subscribe to our newsletter
• Use our platform features
• Communicate with our support team

This may include your name, email address, phone number, organization name, job title, and payment information.

1.2 Information Collected Automatically

When you access our platform, we automatically collect:

• Device information (browser type, operating system, device identifiers)
• Log data (IP address, access times, pages viewed)
• Usage data (features used, actions taken within the platform)
• Cookies and similar tracking technologies

1.3 Protected Health Information (PHI)

For organizations using our Program Management features, we may process Protected Health Information on your behalf. This data is encrypted using AES-256-GCM encryption and is subject to additional security measures as outlined in our Business Associate Agreement (where applicable).

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our platform
• Process transactions and send related information
• Send promotional communications (with your consent)
• Respond to your comments and questions
• Analyze usage patterns to improve user experience
• Protect against fraudulent or unauthorized activity
• Comply with legal obligations

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third parties that perform services on our behalf (hosting, payment processing, analytics)
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Legal Requirements: When required by law or to protect our rights
• With Your Consent: When you explicitly authorize us to share

4. Data Security

We implement industry-standard security measures including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Regular security audits and vulnerability assessments
• Access controls and authentication requirements
• Employee security training
• Incident response procedures

5. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes described in this policy. When you terminate your account, we will delete or anonymize your data within 90 days, unless retention is required by law.

6. Your Rights and Choices

Depending on your location, you may have the right to:

• Access and receive a copy of your personal data
• Correct inaccurate personal data
• Request deletion of your personal data
• Object to or restrict processing of your data
• Data portability
• Withdraw consent at any time

To exercise these rights, contact us at privacy@impactra.io.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.

8. Children's Privacy

Our platform is not intended for children under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us:

• Email: privacy@impactra.io
• Address: Lagos, Nigeria