Skip to main content
All CollectionsHelp ArticlesGiveGab Fundraising RequirementsBecoming a verified nonprofit
Why do you require personal information to enable donations?
Why do you require personal information to enable donations?

Learn why GiveGab requires this information to set up ACH direct deposit transfers of all donations you receive through the platform

Katrina Grein-Topken avatar
Written by Katrina Grein-Topken
Updated over 2 months ago

Why do you require personal information such as my address, birth date, and SSN?

Since we are an online platform that collects, processes, and distributes money in the form of donations from supporters to organizations, we fall under certain regulations that we are required to abide by in order to remain compliant. In particular, for US-based organizations, we abide by compliance laws that are part of Know Your Customer, the Customer Due Diligence Rule, and the Patriot Act.

In short, we need to verify that the individual who is representing the organization collecting donations (i.e. the signer) is who they say they are and is authorized to do so. This is in addition to verifying that they are representing a legitimately registered organization.

Collecting this information helps us streamline donation processing and payouts with our underlying payment processor (Stripe) and the financial institutions that they work with.

Additionally, and most importantly, we have a duty to our users that when they choose to support a cause with a monetary gift, that money is going where they expect it to go!

Where is this data stored after I submit it?

Organization representative information is entered directly into Stripe via a secure portal. Stripe, GG Pay's underlying payment processor, is a PCI Level 1 Compliant payment processor. This is the highest level of compliance a payment processor can receive. Once information is in Stripe, it is fully encrypted and at rest. You can read more about their security levels, privacy policy, and terms here:

What do they do with this data?

Our payment processor Stripe leverages an industry-standard tool to verify who you are and that you have the right to act on behalf of the organization either as an employee, board member, representative, or other verified member.

No credit checks are performed.

Where can I learn more about Know Your Customer, the Patriot Act, the Customer Due Diligence Rule, and the information required for compliance?

We have collected a variety of resources for you to read through to learn more about Know Your Customer, the Patriot Act, and the Customer Due Diligence Rule.

Every nonprofit on GiveGab that collects donations opens an account with Stripe through the GiveGab interface. Stripe calls these accounts Managed Accounts, as GiveGab manages these accounts on the nonprofit’s behalf. This simply means GiveGab will handle all issues or questions the nonprofit might have regarding their Stripe account and we will work with Stripe directly to resolve any questions that come up. The resource below explains the process in which Stripe verifies Managed Accounts, and why we collect the information we collect:

The following documents are from agencies of the US Government. These documents outline the rules and regulations behind Know Your Customer (KYC), Customer Identification Program (CIP), and the Customer Due Diligence Rule.

From the Federal Financial Institutions Examination Council (FFIEC):

Please see Header ‘Customer Information Required’, then hover over Footnote 48.

From the Department of the Treasury:

The second paragraph on page 14 outlines what a bank must obtain to open a new account

From the Financial Crimes Enforcement Network:

Did this answer your question?