Why do you require personal information such as my address, birth date, and the last four digits of my SSN?

Since we are an online platform that collects, processes, and distributes money in the form of donations from supporters to organizations, we fall under certain regulations that we are required to abide by in order to remain compliant. In particular, for US-based organizations, we abide by compliance laws that are part of Know Your Customer, the Customer Due Diligence Rule, and the Patriot Act.

In short, we need to verify that the individual who is representing the organization collecting donations (i.e. the signer) is who they say they are and is authorized to do so. This is in addition to verifying that they are representing a legitimately registered corporation.

Collecting this information helps us streamline donation processing and payouts with our underlying payment processor (Stripe) and the financial institutions that they work with.

Additionally, and most importantly, we have a duty to our users that when they choose to support a cause with a monetary gift, that money is going where they expect it to go!

Where is this data stored after I submit it?

We pass this information securely over to our payment processor Stripe who securely stores this information in a PCI Level I compliant data center.  You can read more about their security levels, privacy policy, and terms here:

https://stripe.com/help/security

https://stripe.com/us/privacy

https://stripe.com/us/terms

What do they do with this data?

Our payment processor Stripe leverages an industry-standard tool to verify who you are and that you have the right to act on behalf of the organization either as an employee, board member, representative, or other verified member.

No credit checks are performed.

Where can I learn more about Know Your Customer, the Patriot Act, the Customer Due Diligence Rule, and the information required for compliance?

We have collected a variety of resources for you to read through to learn more about Know Your Customer, the Patriot Act, and the Customer Due Diligence Rule.

Every nonprofit on GiveGab that collects donations opens an account with Stripe through the GiveGab interface. Stripe calls these accounts Managed Accounts, as GiveGab manages these accounts on the nonprofit’s behalf. This simply means GiveGab will handle all issues or questions the nonprofit might have regarding their Stripe account and we will work with Stripe directly to resolve any questions that come up. The resource below explains the process in which Stripe verifies Managed Accounts, and why we collect the information we collect:

What is the Process for Verifying Managed Accounts?

The following documents are from agencies of the US Government. These documents outline the rules and regulations behind Know Your Customer (KYC), Customer Identification Program (CIP), and the Customer Due Diligence Rule.

From the Federal Financial Institutions Examination Council (FFIEC):

Customer Identification Program—Overview

Please see Header ‘Customer Information Required’, then hover over Footnote 48.

From the Department of the Treasury:

Customer Identification Programs for Banks, Savings Associations, and Credit Unions

The second paragraph on page 14 outlines what a bank must obtain to open a new account

From the Financial Crimes Enforcement Network:

Information on Complying with the Customer Due Diligence (CDD) Final Rule

If you have any questions about this process or are still hesitant about adding this information for donation payouts, please reach out to a member of our Customer Success Team at customersuccess@givegab.com.

Did this answer your question?