logo

Privacy Policy

Last Updated: March 11, 2026

1. Introduction

This Privacy Policy describes how Servus Bonus ("we," "us," or "our") collects, uses, and shares your personal information when you use our volunteer management platform (the "Service"). This policy applies to all users of the Service, including administrators, owners, and volunteers.

The Service is intended for users located in the United States. By using the Service, you consent to the collection, use, and processing of your information as described in this policy.

If you have any questions about our privacy practices, please contact us at support@servusbonus.com.

2. Information We Collect

2.1 Personal Information

When you register for an account or are added to the Service by an organization administrator, we collect:

  • Contact Information: Name, email address, phone number, and physical address
  • Account Information: Username, password (stored in encrypted form), and account type
  • Profile Information: Profile photo (optional), timezone preferences
  • Billing Information: For paid subscriptions, payment details are collected and processed by Stripe, our third-party payment processor. We do not store your full credit card number on our servers.

2.2 Usage Information

When you use our Service, we automatically collect:

  • Log Data: IP address, browser type, operating system, page views, time spent on pages, and other usage statistics
  • Device Information: Information about the device used to access our Service
  • Cookies: We use cookies to maintain session information and Service functionality. We do not use cookies for advertising or cross-site tracking.

2.3 Volunteer Information

For volunteers added to the Service by organization administrators:

  • Schedule Information: Availability, assigned tasks, event participation history
  • Group Membership: Organizational groups and teams the volunteer belongs to
  • Communications: Substitution requests, schedule notifications, and other service-related communications

3. How We Use Your Information

We use the information we collect to provide, maintain, and improve the Service. Specifically:

3.1 Provide the Service

  • Create and manage user accounts
  • Process and fulfill subscription plans
  • Facilitate event scheduling and volunteer management
  • Enable communication between administrators and volunteers
  • Generate and distribute schedules

3.2 Improve and Develop the Service

  • Understand how users interact with the Service
  • Identify and fix technical issues
  • Develop new features and functionality
  • Analyze usage patterns to improve user experience

3.3 Communicate with You

  • Send service-related communications, such as schedule notifications and substitution requests ("Transactional Emails")
  • Provide customer support and respond to inquiries
  • Send updates about changes to the Service, policies, or terms

We do not send marketing or promotional emails. All communications from the Service are Transactional Emails necessary for the operation of the Service.

3.4 Ensure Security and Compliance

  • Protect the security and integrity of the Service
  • Verify accounts and activity
  • Prevent fraud and abuse
  • Comply with legal obligations

4. How We Share Your Information

4.1 Within Organizations

  • Organization owners and administrators have access to volunteer information within their organization
  • Volunteer information (such as name, contact information, and schedule) is visible to administrators and, in limited form, to other volunteers within the same organization

4.2 With Service Providers

We share information with the following third-party service providers who help us operate the Service:

  • Stripe (stripe.com): Processes subscription payments. Stripe receives your billing information directly. See Stripe's privacy policy at stripe.com/privacy.
  • Google Analytics (analytics.google.com): Collects anonymized usage data to help us understand how the Service is used. See Google's privacy policy at policies.google.com/privacy.
  • Sentry (sentry.io): Monitors application errors to help us identify and fix technical issues. Sentry does not receive personally identifiable information. See Sentry's privacy policy at sentry.io/privacy.

We do not sell your personal information to any third party.

4.3 For Legal Reasons

We may disclose your information:

  • In response to a lawful request by public authorities, including to meet national security or law enforcement requirements
  • To protect the rights, property, and safety of the Service, our users, or the public
  • In connection with a business transfer, such as a merger, acquisition, or asset sale, in which case you will be notified of the transfer and any changes to this Privacy Policy

5. Data Storage and Retention

5.1 Data Location

Your data is stored and processed in the United States using cloud infrastructure provided by Amazon Web Services (AWS).

5.2 Retention Periods

We retain your personal information for as long as your account is active or as needed to provide you with the Service. We may retain certain information:

  • As necessary to comply with our legal obligations
  • To resolve disputes
  • To enforce our agreements
  • For backup, archival, or audit purposes

When an organization administrator removes a volunteer, the information may be retained for a reasonable period before being permanently deleted to allow for recovery if the removal was made in error.

5.3 Account Deletion

You may delete your account at any time through the account settings in the Service. Upon deletion, we will remove your personal information within thirty (30) days, except where retention is required by law.

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

  • Access the personal information we have about you
  • Correct inaccurate or incomplete information
  • Request deletion of your personal information
  • Export your data in a portable format

To exercise these rights, please contact your organization administrator or us directly at support@servusbonus.com.

6.2 Account Information

If you are a volunteer whose account was created by an organization administrator, some of your information is controlled by that organization. In such cases, you should direct your privacy requests to your organization administrator first.

6.3 Communications

We do not send marketing communications. We send you Transactional Emails necessary to operate the Service, such as schedule confirmations, updates, changes, reminders, substitution requests, and important service alerts. You cannot opt out of Transactional Emails while using the Service.

6.4 Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. However, some parts of the Service may not function properly without cookies.

6.5 Do Not Track

The Service does not currently respond to "Do Not Track" (DNT) browser signals. We do not track users across third-party websites and therefore do not use DNT signals.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. However, no internet-based service can be 100% secure, and we cannot guarantee the absolute security of your information.

7.1 Security Measures

Our security practices include:

  • Encryption of passwords and sensitive data
  • Secure SSL/TLS connections for all data transmission
  • Regular security assessments
  • Access controls and authentication requirements
  • Strict mode database protections to prevent unauthorized data access

7.2 Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify affected users and applicable state authorities within thirty (30) days of discovering the breach, as required by Washington state law (RCW 19.255.010) and other applicable state breach notification laws.

7.3 Your Responsibility

You are responsible for maintaining the security of your account credentials and for any activity that occurs under your account. If you believe your account has been compromised, please contact us immediately at support@servusbonus.com.

8. Children's Privacy

Our Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA). If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at support@servusbonus.com so that we can delete such information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we make material changes, we will notify you by posting the updated policy on the Service and, where appropriate, by sending a Transactional Email.

You can see when this Privacy Policy was last updated by checking the "Last Updated" date at the top of this page. Your continued use of the Service after any modification to this Privacy Policy will constitute your acceptance of such modification.

10. Contact Information

If you have questions about this Privacy Policy or our privacy practices, or if you wish to exercise your rights regarding your personal information, please contact us at:

Servus Bonus Kirkland, WA Email: support@servusbonus.com

11. US State Privacy Rights

11.1 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, our business purpose for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: You may request that we delete the personal information we have collected from you.
  • Right to Correct: You may request that we correct inaccurate personal information.
  • Right to Opt-Out of Sale or Sharing: We do not sell personal information and we do not share personal information for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

Categories of Personal Information Collected: Identifiers (name, email, phone number, IP address), commercial information (subscription plan, billing history), internet or electronic network activity (usage data, log data), and professional or employment-related information (organization role, volunteer schedule).

Categories of Personal Information Disclosed to Service Providers: Identifiers and commercial information (to Stripe for payment processing), internet or electronic network activity (to Google Analytics for usage analysis and to Sentry for error monitoring).

We do not sell personal information. We honor Global Privacy Control (GPC) signals. If we begin selling or sharing personal information in the future, we will provide required notices and a "Do Not Sell or Share My Personal Information" mechanism.

To exercise your rights, contact us at support@servusbonus.com. We will respond to verifiable consumer requests within forty-five (45) days.

11.2 Other US State Privacy Rights

Residents of Virginia, Colorado, Connecticut, Texas, Oregon, Montana, and other states with comprehensive privacy laws may have similar rights to access, correct, delete, and opt out of certain processing of their personal information. To exercise these rights, contact us at support@servusbonus.com.

Where we rely on your consent to process your personal information, you have the right to withdraw your consent at any time by contacting us at support@servusbonus.com.