logo

Privacy Policy

Last Updated: April 24, 2026

Servus Bonus is a volunteer scheduling platform built for communities — churches, schools, non-profits, and neighborhood organizations — where trust between administrators and volunteers is essential. We designed this platform to support that trust, and we apply that same principle to how we handle your data.

This Privacy Policy explains what information we collect, how we use it, and what rights you have over it. We've written it to be readable, not just legally defensible. If something is unclear, please email us at support@servusbonus.com.

Our Commitments to You

Before the details, here is what we believe:

  • We collect only what we need. We don't ask for information that isn't necessary to operate and improve the Service.
  • We do not sell your data. We never have, and we have no plans to. Your information is not a product.
  • Your organization controls volunteer data. If an administrator added you to the platform, they — not us — are responsible for that data. We process it only on their behalf.
  • You can ask us to delete your data. Anytime. We will permanently remove your personal information within 30 days of your request.
  • We do not send marketing emails. The emails you receive from us are operational — about your schedule, your account, coordination messages from your organization, or important changes to the platform. We do not send newsletters, promotions, or advertising.

1. Who This Policy Covers

This Privacy Policy applies to everyone who uses Servus Bonus: organization administrators (owners), and volunteers who are invited to or added to the platform. If you were added by an organization administrator, you are covered by this policy and can exercise the rights described in §6 by contacting support@servusbonus.com.

The Service is intended for users located in the United States. By using the Service, you agree to the collection and use of information as described here.

2. Information We Collect

2.1 Personal Information

When you register or are added to the Service by an organization administrator, we collect:

  • Name and email address — to identify you and communicate with you about your schedule
  • Phone number and address — if provided; used for organization coordination purposes
  • Username — for login and relay email purposes; cannot be changed once set
  • Password — stored in hashed form using a one-way algorithm; we cannot read it
  • Profile photo — optional; stored securely and accessed via time-limited links that expire after 24 hours. Only authenticated members of your organization can generate these links.
  • Timezone and language preference — used to display dates, times, and content in your local format
  • Calendar feed token — a randomly generated unique identifier that creates a private URL for subscribing to your schedule in a calendar app (see §4.3)
  • Billing information — for paid subscriptions, payment details are collected and processed directly by Stripe. We never store your full credit card number.

2.2 Usage and Technical Information

When you use the Service, we automatically collect limited technical information to keep things running:

  • Session data — when you log in, we store a session record containing your IP address, browser and device type (user agent), and an encrypted session identifier. Session data is removed when you log out or your session expires. We do not use session data for advertising or cross-site tracking.
  • Application logs — error and diagnostic logs are retained by our monitoring provider (Sentry) for 90 days. Web access logs are handled by our infrastructure provider (Cloudflare) according to their standard retention practices.
  • Push notification tokens — if you enable push notifications (Pro and Premium plans), we store the endpoint URL and encryption keys for your device, along with your browser and device identifier. This data is deleted when you disable notifications or close your account.

2.3 Volunteer Scheduling Information

For volunteers added to the platform by an organization:

  • Availability and block dates — dates you have marked as unavailable
  • Task and event assignments — what you are scheduled to do and when
  • Group memberships — organizational groups or teams you belong to
  • Substitution history — requests you have made or accepted to swap schedule slots

2.4 Our Role as Data Processor

When an organization adds volunteer data to the Service, a legal distinction applies: the organization is the data controller — the party that decides why and how that personal data is used. Servus Bonus is the data processor — we handle that data only as the organization instructs and as described in this policy.

Organizations are responsible for having a proper basis to collect volunteer data and for obtaining any necessary consents before adding volunteers to the platform.

If you are a volunteer who was added by an organization administrator and you have questions about your data, your first point of contact should be that administrator.

3. How We Use Your Information

3.1 To Run the Service

  • Create and manage user accounts
  • Generate and distribute volunteer schedules
  • Process subscription payments
  • Enable communication between administrators and volunteers (schedule notifications, substitution requests, reminders)
  • Provide push notifications when enabled

3.2 To Improve the Service

  • Identify and fix technical problems (using anonymized error data)
  • Understand how features are being used so we can make them better
  • Develop new capabilities based on how organizations and volunteers use the platform

3.3 To Communicate with You

All emails from the Service are operational — related to your schedule, your account, or important changes to the platform. We do not send newsletters, promotions, or advertising. If you receive an email from us, it's because your schedule changed, your account needs attention, or the platform itself changed in a way that affects you.

Because these messages are how the platform keeps you coordinated with your team, they cannot be disabled while your account is active. We keep them focused and to the point.

3.4 Automated Schedule Generation

The Service includes an automated scheduling engine that assigns volunteers to time slots based on event settings, task requirements, volunteer availability, block dates, and group memberships. This engine is designed to distribute assignments more equitably over time — so that no volunteer is systematically over-assigned or overlooked due to how they appear in a list. Scheduling results depend on the accuracy and completeness of the data your organization provides.

No automated assignment is final. Organization administrators have full authority to review, adjust, or override any assignment at any time before a schedule is published. Volunteers may flag conflicts or request substitutions through the platform. The scheduling engine is a tool to assist administrators, not a decision-maker that operates without human review.

3.5 Security and Legal Compliance

  • Detect and prevent fraud, abuse, and unauthorized access
  • Comply with applicable legal requirements
  • Respond to lawful government or law enforcement requests

3.6 Future Features

As the Service grows, we may introduce additional features — such as in-app messaging, a mobile application, or enhanced scheduling tools. If any new feature requires collecting new types of information or materially changes how we use existing information, we will update this Privacy Policy and notify you before those changes take effect.

4. Who Can See Your Information

4.1 Within Your Organization

Understanding who can see what is important in a volunteer coordination context. Here is how visibility works within the platform:

Organization administrators can see:

  • All volunteer profiles within their organization, including name, email address, phone number, and profile photo (via time-limited secure links)
  • Each volunteer's assigned tasks, event participation, schedule history, and substitution request history
  • Group memberships and block dates for every volunteer in the organization
  • Billing and subscription information for the organization's account

Volunteers can see:

  • Their own profile, schedule, assignments, and block dates in full
  • Published schedules for events they participate in, including the names and assigned tasks of other volunteers on the same schedule — so they know who they're serving alongside
  • Volunteers do not see each other's contact information (email, phone, address), personal profiles, or block dates

This design is intentional: we give administrators the access they need to coordinate their teams, while protecting the personal details of individual volunteers from unnecessary exposure.

4.2 With Our Service Providers

We share data with carefully chosen third-party providers who help us operate the Service:

  • Stripe (stripe.com) — Processes subscription payments. Stripe handles your billing information directly under their own privacy policy. We do not see or store your full card number.

  • Mailgun (mailgun.com) — Sends and receives email on our behalf. All notification emails are transmitted through Mailgun's servers. Each volunteer also has a relay email address at @relay.servusbonus.com — inbound replies to that address are processed and forwarded by Mailgun. Mailgun receives recipient email addresses, names, and message content. See mailgun.com/privacy-policy.

  • Cloudflare (cloudflare.com) — Our hosting platform (Laravel Cloud) uses Cloudflare to provide content delivery, DDoS protection, and web application firewall services. All HTTP requests to the platform pass through Cloudflare's network before reaching our servers. Cloudflare receives IP addresses, request headers, and request metadata for every visit to the Service. Profile photos and uploaded files are stored on Cloudflare R2, a US-based object storage service. See cloudflare.com/privacypolicy.

  • Google reCAPTCHA (google.com/recaptcha) — Used on login and registration forms to detect automated bot traffic. Google receives your IP address and interaction data to assess whether you are human. See google.com/policies/privacy.

  • Umami (umami.is) — Provides privacy-focused, cookieless web analytics. Umami collects anonymized usage data (pageviews, referrers, browser type, device type, country) to help us understand how the platform is used. No cookies are set, no fingerprinting is used, and no personally identifiable information is collected. See umami.is/privacy.

  • Sentry (sentry.io) — Monitors application errors. Sentry receives technical diagnostic information (error messages, stack traces, request context) only. It is configured to not automatically include personally identifiable information. See sentry.io/privacy.

  • Amazon Web Services (aws.amazon.com) — Our application servers and managed database run on Amazon Web Services (AWS) in the us-east-2 (Ohio) region, provisioned through Laravel Cloud. AWS processes all application data stored in the Service. See aws.amazon.com/privacy.

  • HelpScout (helpscout.com) — Provides our customer support inbox and knowledge base. When you submit a support request through the platform, HelpScout receives your name, email address, and the content of your message. HelpScout is GDPR-compliant, SOC 2 Type II certified, and ISO 27001 certified. See helpscout.com/privacy-policy.

We do not use advertising networks, data brokers, or marketing platforms. We will update this list when providers change. Platform administration: The founder of Servus Bonus may access organization data for support, troubleshooting, and platform maintenance purposes. This access is limited to what is necessary and is not shared with third parties.

4.3 Public Schedule Feed (iCal)

Volunteers on Pro and Premium plans can subscribe their schedule to a calendar application (Google Calendar, Apple Calendar, Outlook, etc.) using a private calendar feed URL. This URL:

  • Contains a randomly generated 128-bit token unique to your account
  • Exposes your name, organization name, assigned event names, dates, times, tasks, and locations to any calendar application that subscribes to it
  • Is accessible by anyone who has the URL — keep it private
  • Can be regenerated in your account settings at any time (Settings → Add to Your Calendar → Regenerate Link)

Minors under 18 do not have a calendar feed available.

4.4 Volunteer Data Exports

Organization administrators can export volunteer rosters, schedules, and participation reports as CSV files. These exports contain names, email addresses, phone numbers (if provided), event assignments, and work history. Exported files are generated on demand and are not retained by us — they are downloaded directly to the administrator's device.

4.5 Relay Email Addresses

Each volunteer is assigned a relay email address in the format username@relay.servusbonus.com. This address allows organization administrators to contact volunteers without exposing the volunteer's personal email address. When a message is sent to your relay address, it is processed by Mailgun and forwarded to your primary email. Your relay address is permanently tied to your username (which cannot be changed) and cannot be altered or deleted independently.

4.6 For Legal or Safety Reasons

We may disclose information when we believe in good faith that disclosure is necessary to:

  • Respond to a lawful request from government or law enforcement authorities
  • Protect the rights, property, or safety of the Service, our users, or the public
  • In the event of a merger, acquisition, or sale of assets — in which case you will be notified before your data becomes subject to a different privacy policy

5. Data Storage and Retention

5.1 Where Your Data Lives

All data is stored and processed in the United States. Our hosting platform (Laravel Cloud) runs application servers on Amazon Web Services (AWS) in the us-east-2 (Ohio) region. Profile photos and uploaded files are stored on Cloudflare R2 (also US-based). All network traffic is routed through Cloudflare's global network as described in §4.2.

5.2 How Long We Keep It

Data Category How Long We Keep It
Account and profile information While your account is active, plus 30 days after a deletion request (recovery window)
Schedule and volunteer assignment records While your account is active. After deletion, personal details are removed within 30 days. Aggregated scheduling statistics (assignment counts per schedule, with no identifying information) may persist within the organization's schedule records for the lifetime of the organization's account.
Application error logs 90 days (Sentry)
Web access logs Per Cloudflare's standard retention practices (typically 30–90 days)
Session data Until you log out or the session expires
Billing records 7 years from the transaction date (required by tax law)
Push notification tokens Until you disable notifications or close your account

We keep billing records longer because tax and financial regulations require it — not because we want to.

Aggregated scheduling statistics: when you delete your account, your personal information is permanently removed. Aggregated assignment counts embedded in the organization's schedule records may persist for the lifetime of that organization's account. These are used to support equitable distribution of volunteer assignments. They contain no information that identifies you.

5.3 Closing Your Account

You can request account deletion at any time through your account settings or by contacting support@servusbonus.com. When you do:

  • Your account is immediately deactivated and inaccessible to you and your organization
  • During a 30-day recovery window, the account can be restored by contacting us
  • After 30 days: all personal information — name, email, phone, address, date of birth, password, and profile photo — is permanently and automatically deleted
  • Aggregated scheduling statistics (assignment counts with no identifying information) may persist within the organization's schedule records for the lifetime of that organization's account
  • Billing records required by law are retained for their legally required period

If you are an organization administrator, deleting your account also deletes all volunteer accounts, events, schedules, and data belonging to your organization after the same 30-day window.

6. Your Rights and Choices

6.1 What You Can Request

Regardless of where you live, you can ask us to:

  • Show you what we have — we'll tell you what personal information we hold about you
  • Fix something incorrect — we'll correct inaccurate or incomplete information
  • Delete your data — we'll remove your personal information within 30 days of your request
  • Give you your data — we can provide a summary of your personal information upon verified request

To make any of these requests, email us at support@servusbonus.com or contact your organization administrator. We aim to respond within 45 days of receiving a verifiable request; complex requests may take up to 90 days with prior notice.

6.2 Volunteers Added by Organizations

If an organization administrator created your account, some of your information is under that organization's control. In those cases, your best first step is to contact your administrator. We will always cooperate with legitimate individual rights requests, but the organization may need to be involved in fulfilling them.

6.3 Emails from the Service

We do not send marketing, advertising, or promotional messages. Every email from the Service is operational — a schedule notification, a substitution request, a volunteer coordination message from your organization, a reminder, or a notice about your account. Because the platform depends on these messages to keep volunteers coordinated and schedules functioning, they cannot be disabled while your account is active.

We keep them relevant and infrequent. If you feel you are receiving messages that don't belong in that category, contact us and we will look into it.

6.4 Cookies

The Service uses cookies to maintain your login session and support core functionality. You can configure your browser to block or alert you to cookies, but doing so may affect how the Service works.

We do not use cookies for advertising, behavioral tracking, or cross-site data collection.

6.5 Do Not Track

The Service does not respond to "Do Not Track" (DNT) browser signals. We do not track users across third-party websites, which is the concern DNT was designed to address.

7. Security

We take the security of volunteer and organizational data seriously. Here is what we do to protect it:

  • Passwords are never stored in readable form. We use a one-way hashing algorithm, which means even we cannot see your password.
  • All data in transit is encrypted. Every connection between your browser and our servers uses HTTPS/TLS — the same standard used by banks and healthcare providers.
  • Your organization's data is isolated from other organizations. At the application level, every data query is scoped to your organization. Administrators can only access data that belongs to their organization.
  • Volunteers see only their own information. Contact details and personal profiles are not visible between volunteers.
  • Error monitoring excludes personal data. Sentry, our error monitoring tool, receives technical diagnostics only — no names, emails, or volunteer records.
  • We keep our software current. We regularly apply security patches and dependency updates to the platform.

No internet-based service can guarantee absolute security, and we won't pretend otherwise. But we hold ourselves to a high standard, and if something goes wrong, we will tell you.

7.1 If There Is a Breach

If a security breach compromises your personal information, we will notify affected users and applicable regulatory authorities as required by applicable law. Notification timing and scope will depend on the nature of the breach, the jurisdiction of affected users, and any law enforcement needs. We will act as quickly as reasonably practicable and in compliance with all applicable state breach notification requirements, which vary by jurisdiction.

7.2 Your Part

Please keep your password secure and do not share your account with others. If you think your account has been compromised, contact us immediately at support@servusbonus.com.

8. Minor Volunteers

8.1 Age-of-majority designation

For the purposes of this policy, we treat any volunteer whose organization-supplied date of birth places them under 18 years of age as a minor. Your organization, as data controller, is solely responsible for the accuracy of volunteer dates of birth. We do not verify age independently. If no date of birth is recorded for a volunteer, the platform defaults to adult routing — meaning that volunteer receives all communications directly.

8.2 Communication routing for minor volunteers

When a volunteer is identified as a minor, all outbound email, push notifications, and SMS from the Service that would otherwise be sent to that volunteer are instead routed to the designated head of the family hub to which the minor is assigned. The minor volunteer never receives external electronic communications directly from Servus Bonus. Minor volunteers retain the ability to log in and view their personal schedule within the application.

8.3 Minor in-app access

Within the application, minor volunteers operate in a view-only mode. They can see their assigned schedule, event details, and basic profile information. They cannot make changes to their settings, join or leave groups, subscribe to calendar feeds, or register for push notifications. These restrictions exist to comply with applicable safe-environment requirements and to ensure that all communications pass through a parent or guardian.

8.4 Data retention for minor volunteers

Personal data collected about minor volunteers is retained for the same periods described in §5 above. The platform does not apply different retention rules based on age. Upon reaching 18 years of age, a minor volunteer automatically becomes an adult user, and all communication routing reverts to direct delivery.

8.5 Parental and guardian access rights

Parents or guardians who serve as the head of a family hub may request copies of all personal data held about any minor under their hub by contacting support@servusbonus.com. We will respond to verifiable requests within 30 days.

8.6 Children under 13 and COPPA

The Service is a business-to-business platform used by organizations — churches, schools, non-profits — to coordinate volunteers. We do not knowingly collect personal information from children under 13 without appropriate parental authorization.

As the platform operator, we take our obligations under the Children's Online Privacy Protection Act (COPPA) seriously. Any data about a volunteer under 13 reaches the Service because an organization has chosen to add that person. We operate in reliance on the organization — which is in direct relationship with the minor and their family — to provide parents or guardians with notice of what data will be collected and how it will be used, and to obtain verifiable parental consent before adding any volunteer under 13. Organizations are contractually required to do this before adding any such volunteer (see Terms of Use §25.5).

If you are a parent or guardian with questions about your child's data on the platform, your first point of contact is the organization that added them. You may also contact us directly at support@servusbonus.com and we will assist you.

9. Changes to This Policy

We may update this Privacy Policy when our practices change, when legal requirements change, or when we introduce new features. When we make material changes, we will post the updated policy on the Service and, where appropriate, send you a notice by email.

You can always see when this policy was last updated at the top of this page. Continuing to use the Service after a policy change means you accept the updated policy.

10. Contact Us

If you have questions about this policy, want to exercise your rights, or just want to understand something better, we are reachable at:

Servus Bonus Kirkland, WA Email: support@servusbonus.com

We read every message.

11. US State Privacy Rights

11.1 California (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • Right to Know — request disclosure of the categories and specific pieces of personal information we have collected, the sources, our business purpose, and the third parties we share it with
  • Right to Delete — request deletion of personal information we have collected
  • Right to Correct — request correction of inaccurate personal information
  • Right to Opt-Out of Sale or Sharing — we do not sell personal information and do not share it for cross-context behavioral advertising
  • Right to Non-Discrimination — we will not treat you differently for exercising any of these rights

Categories of personal information collected: Identifiers (name, email, phone number, username, IP address, device identifiers); professional or organizational information (role, schedule assignments, task history, group memberships); commercial information (subscription plan, billing history); internet or electronic network activity (session data, usage logs); scheduling and availability data (event assignments, block dates); age-related information (date of birth, used for minor protection routing).

Disclosed to service providers: Identifiers and contact information (Mailgun, for email delivery); identifiers and billing information (Stripe, for payment processing); internet activity and device information (Cloudflare, for CDN and infrastructure; Umami, for anonymized cookieless usage analytics; Sentry, for error monitoring); interaction data (Google reCAPTCHA, for bot detection).

We do not sell personal information and have no plans to do so. To exercise your rights, contact us at support@servusbonus.com. We will respond to verifiable requests within forty-five (45) days.

11.2 Other US States

Residents of states with comprehensive privacy laws — including Virginia, Colorado, Connecticut, Texas, Oregon, Montana, Iowa, Indiana, Tennessee, Delaware, New Hampshire, New Jersey, Nebraska, Maryland, and others — have similar rights to access, correct, delete, and opt out of certain processing of their personal information. The number of states with active privacy laws continues to grow; we apply equivalent protections to all users regardless of state. To exercise these rights, contact us at support@servusbonus.com.

Where we rely on your consent to process your personal information, you may withdraw that consent at any time by contacting us at support@servusbonus.com.

12. A Note for Volunteers

If you were invited to this platform by an organization you volunteer with, your organization administrator accepted our Terms of Use and Privacy Policy on the organization's behalf. By creating your account and using the Service, you acknowledge that your scheduling data will be handled as described in this Privacy Policy.

Your organization administrator is responsible for the accuracy of the information entered about you, including your date of birth. If you believe any information is incorrect, contact your organization administrator or reach us at support@servusbonus.com.