Privacy Policy
Effective — 2026-04-24
Data we collect
DonorLink collects identifying information (name, email, phone, national ID, postal address) and donation records. Identity data is used to link donations to the correct person; financial records are retained for legal compliance.
How long we keep your data
Financial records are retained for the period prescribed by the law of the organisation's jurisdiction. The retention period applies from the end of the financial year containing your last transaction.
| Country | Years | Law |
|---|---|---|
| Denmark | 5 | Bogføringsloven |
| United Kingdom | 6 | HMRC Gift Aid |
| Germany | 10 | HGB § 257 |
| France | 10 | Code de Commerce L123-22 |
| Sweden | 7 | Bokföringslagen |
| Norway | 5 | Bokføringsloven |
| Netherlands | 7 | Fiscal retention rules |
| Canada | 6 | CRA record-keeping |
| Australia | 7 | Corporations Act 2001 |
| Other / default | 7 | — |
Your rights
Under GDPR you have the following rights (subject to legal obligations for financial record retention):
- Right of access (Article 15) — download all data we hold on you.
- Right to rectification (Article 16) — correct inaccurate data.
- Right to erasure (Article 17) — subject to the legal-obligation exception for financial records.
- Right to restriction (Article 18).
- Right to data portability (Article 20) — the export bundle is JSON.
- Right to object (Article 21).
Shadow accounts
An organisation may create a record from an imported donation before you sign up. If you later register with a matching email or phone, the records will be linked after you confirm the match. Unclaimed shadow records are automatically cleaned up after 90 days.
Audit logs
We keep an audit log of significant actions (logins, changes, deletions). Your email address is removed from the log when your account is fully deleted.
Contact
The data controller is the organisation you donated to. DonorLink (Allegro IT ApS, Denmark) is the data processor. The supervisory authority in Denmark is Datatilsynet.
Cookies
DonorLink uses only essential session cookies for authentication. No analytics, no third-party trackers.