Privacy Policy

Last updated: March 2026

MyGiveKit (“we,” “our,” or “us”) is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information We Collect

We collect information in the following ways:

  • Account information: When you sign up, we collect your email address and organization name.
  • Profile information: Your full name as entered during onboarding.
  • Event and auction data: Items, bidders, bids, and results you create while using the platform.
  • Bidder information: Names and email addresses of event attendees who register to bid. This data is entered by you (the organization) and subject to your own privacy practices.
  • Billing information: Payment is processed by Stripe. We store only the Stripe customer ID and subscription status — we never see or store your full card number.
  • Usage data: Pages visited, features used, and error logs to help us improve the product.

2. How We Use Your Information

  • To provide and operate the MyGiveKit platform
  • To send magic link authentication emails and transactional notifications
  • To send winner notification emails to bidders on your behalf
  • To process billing and manage your subscription
  • To respond to support requests
  • To improve the product through aggregated usage analytics

We do not sell your data. We do not use your data for advertising.

3. Data Storage and Security

Your data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure with encryption at rest and in transit. Authentication is handled by Supabase Auth.

Transactional emails (magic links, winner notifications) are sent via Resend. Payment processing is handled by Stripe. We recommend reviewing their respective privacy policies for information on how they handle data.

Access to your organization’s data is protected by row-level security (RLS) — users can only access data belonging to their own organization.

4. Bidder Data

As the organization running an event, you are the data controller for your bidders’ personal information. You are responsible for obtaining any necessary consents from your bidders and complying with applicable privacy laws in your jurisdiction.

We act as a data processor for bidder information you collect through the platform. Bidder data is used solely to support your event and is not shared with or sold to any third party.

5. Data Retention

We retain your account and event data for as long as your account is active. If you close your account, we will delete your data within 90 days, except where we are required to retain it for legal or financial compliance purposes.

6. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to certain types of processing

To exercise any of these rights, contact us at hello@mygivekit.com.

7. Cookies

We use cookies only for authentication (session management). We do not use third-party tracking or advertising cookies.

8. Changes to This Policy

We may update this policy from time to time. We will notify active users of material changes via email. Continued use of the platform after changes constitutes acceptance of the updated policy.

9. Contact Us

Questions about this privacy policy? Contact us at hello@mygivekit.com.

Privacy Policy — MyGiveKit | MyGiveKit