Privacy Policy

Version 3 — effective July 6, 2026

Privacy Policy

Effective Date: June 27, 2026 · Last Updated: July 6, 2026

Who we are. This Privacy Policy is provided by Givfi, Inc. ("Givfi," "we," "us," or "our") — the for-profit operator of the Givmo platform, the entity responsible for this notice, which collects consumer personal information and determines the purposes and means of processing it. It also describes the role of Givmo Charitable Fund ("GCF"), the Internal Revenue Code §501(c)(3) donor-advised-fund sponsor that receives your donation as donee for its own charitable and tax-recordkeeping purposes. Together, Givfi and GCF are referred to in this policy as "Givmo." Givfi and GCF are separate entities; GCF is a charitable affiliate that receives donor information from Givfi, not a co-controller of the platform.

This Privacy Policy explains how we collect, use, and disclose information about you. It applies when you use our websites and mobile applications that link to this Privacy Policy (collectively, our "Services"), contact our customer service team, engage with us on social media, or otherwise interact with us.

We may change this Privacy Policy from time to time. If we make changes, we will notify you by updating the Effective Date / Last Updated date at the top of this policy and, in some cases, we may provide you with additional notice (such as adding a statement to our website or sending you a notification). We retain prior versions of this policy in a version-controlled record so we can identify which version applied at a given time. We review this Privacy Policy at least once every twelve (12) months. We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.

Collection of Information

Information You Provide to Us. We collect information you provide directly to us. For example, you share information directly with us when you create an account and profile, fill out a form, submit or post content through our Services, make a donation, communicate with us via third-party platforms, request customer support, or otherwise communicate with us. The types of personal information we may collect include your name, email address, phone number, photo or image, and financial information (including credit card and financial-institution information), and any other information you choose to provide. In keeping with best practices, credit card information is collected via our payment processing partner's PCI-compliant forms to ensure that it never touches Givmo's database.

Information We Collect Automatically When You Interact with Us. When you access or use our Services or otherwise interact with us, we automatically collect certain information, including:

- Transactional Information: When you donate or make a donation request, we collect information about the transaction, such as the amount donated or requested, and the date and location of the transaction. - Device and Usage Information: We collect information about how you access our Services, including data about the device and network you use, such as your hardware model, operating system version, mobile network, IP address, unique device identifiers, browser type, and app version. We also collect information about your activity on our Services, such as access times, pages viewed, links clicked, and the page you visited before navigating to our Services. - Information Collected by Cookies and Similar Tracking Technologies: We (and those that perform work for us) use limited tracking technologies, such as cookies, to operate our Services. Cookies are small data files stored on your hard drive or in device memory that help us operate the Services and your experience, such as keeping you signed in, remembering your preferences, and counting visits to understand which areas and features of our Services are used. We do not use advertising cookies, web beacons, or tracking pixels. For more information about cookies and how to disable them, see the Your Choices section below.

Information We Collect from Other Sources. We obtain information from third-party sources. For example, we may collect information about you from the financial institutions from which you choose to make donations. If you interact with us on social media, we will collect information about you, such as your username, profile information, and any additional information you choose to provide. Additionally, if you create or log into your Givmo account through a third-party platform (such as Google), we will have access to certain information from that platform, such as your name and profile picture, in accordance with the authorization procedures determined by that platform.

Information We Derive. We may derive information or draw inferences about you based on the information we collect. For example, we may make inferences about your location based on your IP address, or infer charities or causes that you might be interested in based on your prior donations.

Use of Information

We use the information we collect to administer your account and facilitate donations. We also use the information we collect to:

- Provide, maintain, and improve our products and services; - Process transactions and send you related information, including confirmations, receipts, invoices, and customer-experience surveys; - Personalize and improve your experience on our Services; - Send you technical notices, security alerts, and support and administrative messages; - Respond to your comments and questions and provide customer service; - Communicate with you about products, services, and events offered by Givmo and others and provide news and information that we think will interest you (see the Your Choices section below for information about how to opt out of these communications at any time); - Monitor and analyze trends, usage, and activities in connection with our Services; - Facilitate contests, sweepstakes, and promotions and process and deliver entries and rewards; - Detect, investigate, and prevent security incidents and other malicious, deceptive, fraudulent, or illegal activity and protect the rights and property of Givmo and others; - Debug to identify and repair errors in our Services; - Comply with our legal and financial obligations; and - Carry out any other purpose described to you at the time the information was collected.

Sharing of Information

We share personal information to conduct our operations and provide you with our Services, including in the following circumstances or as otherwise described in this policy:

- We share personal information with vendors, service providers, and consultants that need access to personal information in order to perform services for us, such as companies that assist us with web hosting, payment processing, financial services in connection with your contributions, fraud prevention, customer service, and marketing. - Affiliate sharing with Givmo Charitable Fund (GCF). When you make a donation, Givfi shares your donation and related identifying and tax-substantiation information with GCF, the §501(c)(3) donor-advised-fund sponsor that receives your donation as the donee. GCF uses this information for its own charitable and tax-recordkeeping purposes, including issuing your tax-donation receipt, maintaining donor-advised-fund records, and meeting its own legal and recordkeeping obligations. - We share personal information to complete transactions you request, including with the recipients of your contributions. - If you create a profile or otherwise share content on our Services, we share this information with other users of our Services unless you make your profile private via settings. If you choose to make your profile public via the settings on our Services, we also share this information publicly. - If you choose to use integrations we offer on our Services, we may share certain information with the integration partners. - We may disclose personal information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law-enforcement requirements. - We may share personal information if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Givmo, our affiliates, our users, the public, or others. - We share personal information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests. - We may share personal information in connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company. - Personal information may be shared between and among Givfi, GCF, and our current and future parents, affiliates, and subsidiaries and other companies under common control and ownership. - We share personal information with your consent or at your direction. - We also share aggregated or de-identified information that cannot reasonably be used to identify you.

We do not sell your personal information, and we do not share your personal information with advertising or analytics partners to personalize advertising. The sharing we do is limited to the operational purposes described above — including the affiliate data-sharing with Givmo Charitable Fund for charitable and tax-recordkeeping purposes, which is not a sale and not advertising.

Advertising and "selling"/"sharing" of your information

Givmo does not engage in cross-context behavioral advertising. We do not sell your personal information, and we do not share it with advertising or analytics partners to personalize ads on other platforms, apps, or websites. The Givmo app does not use advertising identifiers (such as the iOS IDFA), does not include advertising-network, attribution, or data-broker software, and does not display third-party advertising. We do not use advertising cookies, web beacons, or tracking pixels; any cookies or local storage we use are limited to operating the service (for example, keeping you signed in and remembering your preferences). Because we do not sell or share your personal information for advertising, there is no "Do Not Sell or Share My Personal Information" choice to offer for that purpose.

We share certain donation-related information with Givmo Charitable Fund (GCF), the 501(c)(3) donor-advised-fund sponsor that receives your donation, so GCF can issue your tax receipt and maintain its charitable and tax records. This is an affiliate data-sharing for charitable and tax-recordkeeping purposes — it is not a sale of your information and not advertising.

If we ever introduce advertising or begin selling or sharing personal information for advertising, we will update this policy and provide the choices the law then requires before doing so.

Health and Fitness Data (Steps Competitions)

If you choose to join a walking competition, Givmo (operated by Givfi, Inc.) reads your daily step totals from Apple Health (iOS) or Health Connect (Android), with your explicit permission, and only after you join a competition and consent.

What we collect. Only daily step totals for the dates of a competition you have joined. We do not collect step timestamps, individual step samples, GPS or location data, routes, heart rate, sleep, workouts, or any other health or fitness information. Steps you entered manually into Apple Health or Health Connect are excluded and do not count.

Sources. We read daily step totals only from your device's health store (Apple Health or Health Connect), and only with your permission.

How we use it. Solely to display competition leaderboards and determine the winner, whose chosen charity receives the sponsoring company's prize donation. Your visibility reflects both your own setting (public or private) and the competition's setting (open to any signed-in Givmo user, or limited to your employer's participants); the more restrictive of the two always applies. If your participation is private, others see only an anonymous rank and step count — not your name, avatar, or chosen charity. One exception: if a private participant wins, the public celebration post names the sponsoring company and the winning charity — but never the winner's name, avatar, or identity.

How we share it. We do not sell your health data or share it with third parties. We do not use it for advertising, marketing, or analytics. Your sponsoring employer's competition admins can view participant rows only to run the competition, under a contract that binds them as our processor. Daily step totals are sent only to Givmo's servers to run the competition and are transmitted securely (encrypted in transit).

Retention and deletion. We keep your step data only while it is needed to run a competition you have joined. If you withdraw, your row is removed immediately. If you delete your Givmo account, your individual step entries are deleted. Completed competitions may retain aggregate results that do not require your individual daily step records.

Your rights and control. You may at any time withdraw your consent; confirm whether we hold your step data and access it; and request deletion of your step data (which we will pass on to anyone we have shared it with). We respond within 45 days and remove step data from active systems, and from backups the next time they are cycled (within six months). To exercise these rights, contact support@givmocharitable.org. On your device, you can revoke Givmo's access to Apple Health or Health Connect at any time in your system settings. Washington and Nevada residents: see our Consumer Health Data Privacy Policy at https://givmocharitable.org/consumer-health-data for state-specific consumer-health-data disclosures.

Sensitive personal information (California). Givfi collects certain sensitive personal information (including daily step totals for Steps Competitions, which we treat as health information). We use and disclose this information only to provide the services you request — for Steps Competitions, solely to run the competition you joined — and not for any purpose that would require us to offer a "Limit the Use of My Sensitive Personal Information" choice under Cal. Civ. Code § 1798.135. We do not sell or share your sensitive personal information.

Data Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect the personal information we hold against unauthorized or unlawful access, use, alteration, disclosure, loss, or destruction, appropriate to the nature of the information. As noted above, credit card information is collected through our payment processing partner's PCI-compliant forms so that it never touches Givmo's database. No method of transmission over the internet or method of electronic storage is completely secure, however, so we cannot guarantee absolute security.

Children's Privacy

Our Services are intended for adults. Our Terms of Service require users to be at least 18 years of age, and our Services are not directed to children. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information. If you believe a child under 13 has provided us with personal information, please contact us using the details in the Contact Us section below.

Your Choices

Account Information. You may update and correct certain account information at any time by logging into your account on our website or in our mobile application, or by contacting us using the details in the Contact Us section below. If you wish to delete your account, please contact us, but note that we may retain certain information as required by law or for our legitimate business purposes (including donation and tax-substantiation records that the law requires GCF and/or Givfi to keep).

Cookies. Most web browsers are set to accept cookies by default. If you prefer, you can usually adjust your browser settings to remove or reject browser cookies. Please note that removing or rejecting cookies could affect the availability and functionality of our Services.

Advertising. We do not use your information for interest-based advertising and do not share it with advertising partners, so there is no advertising opt-out to offer; see the Advertising and "selling"/"sharing" of your information section above.

Communications Preferences. You may opt out of receiving promotional emails from Givmo by following the instructions in those communications or by contacting us using the details in the Contact Us section below. If you opt out, we may still send you non-promotional emails, such as those about your account or transactions.

Mobile Push Notifications. With your consent, we may send push notifications to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.

Contact Us

Givfi, Inc. is responsible for this Privacy Policy. If you have any questions about it, or to exercise any choice described above, please contact us at:

Givfi, Inc. — Attn: Privacy Email: support@givfi.com Mail: 322 Culver Blvd., Unit V415, Playa del Rey, CA 90293

(All privacy questions and requests are handled through this single Givfi channel.)

APPENDIX — Your California Privacy Rights (CCPA/CPRA)

FORWARD-LOOKING / PRE-COVERAGE — NOT CURRENTLY OPERATIVE. Givfi, Inc. is not currently a "business" subject to the California Consumer Privacy Act (CCPA), as amended by the CPRA, because it does not currently meet any of the statute's coverage thresholds. The disclosures, rights, links, and mechanisms in this Appendix are provided on a forward-looking basis and will be activated if and when Givfi becomes a covered business. They are staged here so they are ready to take effect, and do not represent that Givfi is presently covered. This Appendix will be reviewed as the platform scales.

Categories of personal information we collect, sources, purposes, and recipients. When activated, Givfi will disclose, mapped to the CCPA's statutory categories, for the preceding 12 months: the categories of personal information and sensitive personal information collected (note that financial-account information is "sensitive personal information" under the statute); the categories of sources; the business or commercial purpose for each category; and the categories of third parties / recipients to whom personal information is disclosed, sold, or shared.

No sale; no sharing for cross-context behavioral advertising. Givfi does not sell personal information, and Givfi does not "share" personal information for cross-context behavioral advertising (Givmo does not engage in cross-context behavioral advertising, as described in Advertising and "selling"/"sharing" of your information above). If Givfi ever sells or shares personal information for advertising in the future, it will provide the disclosures and opt-out mechanisms the law then requires before doing so.

Your California privacy rights. When activated, California consumers will have the rights to: know/access the categories and specific pieces of personal information collected; know what personal information is sold or shared and to whom; delete personal information; correct inaccurate personal information; opt out of the sale or sharing of personal information; limit the use and disclosure of sensitive personal information; data portability; and non-discrimination for exercising these rights.

Opt-out mechanisms (to be activated). If and when Givfi sells or shares personal information such that an opt-out is required, it will provide a "Do Not Sell or Share My Personal Information" link and a "Limit the Use of My Sensitive Personal Information" link (or a single combined link), and/or honor opt-out-preference signals including the Global Privacy Control (GPC).

Retention. When activated, Givfi will disclose the retention period — or the criteria used to set it — for each category of personal and sensitive personal information. Donation, donor-advised-fund, and tax-substantiation records are retained as required by law; a deletion request does not require deletion of records we are legally required to keep.

Submitting a request. When activated, you may submit a verifiable consumer request by at least two methods — email to support@givfi.com and a designated web request form — and you may use an authorized agent to submit a request on your behalf. We will verify your identity before fulfilling a request and will respond within the timeframes the law requires.

Other states / universal opt-out. Residents of other states may have additional rights (for example, a right to appeal a decision on a privacy request, and opt-in consent for sensitive-data processing in certain states), and we intend to honor recognized universal opt-out mechanisms.

Your Privacy Choices

Givmo uses Google Analytics 4 to understand how visitors use this site. No personal information is sold. You can opt out of analytics tracking by: