Security & Trust
A transparency platform has to earn trust twice: once for the money, and once for the data. Here is exactly how we handle both.
We never touch the money
Donations go straight from the donor to the fundraiser's own Stripe account. Donation Transparency never holds, routes, or has access to the funds. Stripe is a PCI DSS Level 1 certified payment processor, the highest level of certification in the payments industry.
Your card data is never stored on our servers
Card details are entered on Stripe's secure checkout and processed entirely by Stripe. We never see or store your full card number.
Bank connections are read-only, via Plaid
Fundraisers verify their spending by connecting a bank account through Plaid, the same service used by apps like Venmo and American Express. The connection is read-only: we can see transactions, we can never move money.
Sensitive financial credentials are never stored on our servers. They are handled directly by Plaid and Stripe, who maintain SOC 2 and PCI DSS compliance. A fundraiser's bank login goes to Plaid, never to us.
The ledger comes from the bank, not the fundraiser
Every transaction on a public ledger is pulled directly from the connected bank account. Fundraisers cannot type in, upload, or edit their own numbers. That is the integrity model the whole platform is built on: if it is on the ledger, the bank said so.
The Donation Transparency Guarantee
If a donation you made doesn't appear on the campaign's public bank-verified ledger, we'll refund it.
To make a claim, email support@donationtransparency.org with your donation receipt. We reply within 1 business day.
Everything is encrypted in transit
All traffic between your browser, our servers, Stripe, and Plaid is encrypted with HTTPS/TLS.
Questions or concerns
Found something that looks wrong, or want to report a suspicious campaign? Email support@donationtransparency.org. For the full legal detail, read our Privacy Policy and Terms of Service.
