Privacy Policy

Last updated: February 23, 2026

Introduction

Lattia ("we," "our," or "us") operates the lattia.org platform, which provides nonprofit organizations with tools to create storefronts and donation pages. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

We are committed to protecting your privacy and handling your data in an open and transparent manner. Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the site or use our services.

Information We Collect

Information You Provide to Us

We collect information you voluntarily provide when using our services:

  • Organization Account Information: When a nonprofit registers for Lattia, we collect organization name, contact name, email address, phone number, and tax identification number (EIN).
  • Donor/Customer Information: When you make a donation or purchase through an organization's page, we collect your name, email address, phone number (if provided), billing address, and shipping address (if applicable).
  • Payment Information: Lattia does not collect or store any payment card information. When you make a payment, you are redirected to Stripe's secure checkout page where all payment details are entered and processed directly by Stripe. We only receive transaction confirmations—never card numbers, expiration dates, or CVVs.
  • Communications: If you contact us directly, we may collect your name, email address, and the contents of your message.

Information Collected Automatically

When you access our platform, we automatically collect certain information:

  • Log Data: IP address, browser type, operating system, referring URLs, pages viewed, and access times.
  • Device Information: Information about the device you use to access our services.
  • Analytics Data: We collect aggregated analytics data such as page views and transaction counts to help organizations understand their performance.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process donations and purchases on behalf of nonprofit organizations
  • Send transaction confirmations, receipts, and year-end tax statements
  • Communicate with you about your account or transactions
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage trends to improve user experience
  • Detect, prevent, and address technical issues or fraudulent activity
  • Comply with legal obligations

How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

We may share your information in the following circumstances:

With Nonprofit Organizations

When you make a donation or purchase, your information (name, email, phone, address) is shared with the nonprofit organization you transacted with. This enables them to fulfill orders, send receipts, provide tax documentation, and communicate with you about your contribution. Each organization is responsible for their own use of this data in accordance with their privacy practices.

With Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Stripe: Our payment processor, which handles all payment transactions. Stripe's privacy policy governs their use of your payment information.
  • Email Service Providers: To send transactional emails such as receipts and confirmations.
  • Hosting Providers: To store and serve our platform securely.

For Legal Reasons

We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using SSL/TLS
  • Secure storage of data on protected servers
  • Limited access to personal information by authorized personnel only
  • Regular security assessments and updates

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Transaction records are retained to comply with tax and legal requirements, typically for a minimum of seven years.

Organizations using our platform may retain donor and customer data in accordance with their own policies and legal obligations.

Your Rights and Choices

Access and Correction

You may request access to the personal information we hold about you or request corrections to inaccurate information by contacting us at the email address below.

Deletion

You may request deletion of your personal information, subject to certain legal exceptions (such as transaction records required for tax purposes). To request deletion, please contact us.

Email Communications

Transactional emails (such as receipts and order confirmations) are necessary for our services and cannot be opted out of. If an organization sends you marketing communications, please contact that organization directly to manage your preferences.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, our business purposes for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
  • Right to Opt-Out of Sale: We do not sell your personal information. Therefore, we do not offer an opt-out for the sale of personal information.

To exercise your California privacy rights, please contact us using the information provided below. We may need to verify your identity before processing your request.

Categories of Personal Information Collected: Identifiers (name, email, phone, address), commercial information (transaction history), and internet activity (log data, analytics).

We Do Not Sell Personal Information: Lattia does not sell, and has not sold in the preceding 12 months, any personal information to third parties.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate our platform and enhance your experience:

  • Essential Cookies: Required for the platform to function, including session management and security.
  • Analytics: We may use analytics services to understand how visitors interact with our platform. This data is aggregated and does not personally identify you.

Most web browsers allow you to control cookies through their settings. However, disabling certain cookies may affect the functionality of our platform.

Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information. If you believe we may have collected information from a child under 13, please contact us.

Third-Party Links

Our platform may contain links to third-party websites or services, including nonprofit organization websites and payment processors. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

International Users

Lattia is based in the United States, and your information is processed and stored in the United States. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the updated policy on this page with a new "Last updated" date. Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Lattia
Email: hello@lattia.org

For California residents exercising CCPA rights, please include "CCPA Request" in the subject line of your email.