Privacy Policy
Your privacy, explained.
Jump to section
This Privacy Notice for Imperigo, LLC ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you visit imperigo.com, use Imperigo, or engage with us in other related ways.
Imperigo is a data platform that aggregates and organizes publicly available nonprofit and foundation information, including IRS Form 990 data, to help users research organizations, analyze funding activity, and identify potential opportunities. Imperigo does not provide financial, legal, or tax advice, and all data is sourced from publicly available records.
Questions or concerns? Contact us at hello@imperigo.com or visit our contact page.
We do not sell, rent, or trade your personal information to third parties for any commercial purpose.
What information do we collect?
Information you provide directly
We collect personal information that you voluntarily provide when you register on the Services, express an interest in our products, participate in activities, or contact us. This may include:
- Names and email addresses
- Usernames and passwords
- Contact or authentication data
- Phone numbers
Sensitive information: We do not process sensitive information (racial or ethnic origin, health data, etc.).
Payment data: If you make a purchase, payment instrument data is handled and stored by Stripe. We do not store your card details.
Information collected automatically
When you visit the Services, we automatically collect certain technical information that does not directly identify you, including:
- Log and usage data — IP address, browser type, pages viewed, date/time stamps, search queries, and crash reports
- Device data — hardware model, operating system, ISP or mobile carrier, and system configuration
This data is used primarily to maintain the security and operation of our Services and for internal analytics.
How do we process your information?
We process your personal information for the following purposes:
- To create and manage your account and authentication
- To deliver our Services and fulfill requests
- To respond to support inquiries
- To send administrative information such as policy updates
- To detect fraud and keep our Services secure
- To understand usage trends and improve our Services
- To protect a vital interest when necessary to prevent harm
We may also process your information for other purposes only with your prior explicit consent.
What legal bases do we rely on?
We only process your personal information when we have a valid legal reason to do so.
EU / UK (GDPR)
- Consent — where you have given permission for a specific purpose. You may withdraw consent at any time.
- Performance of a contract — to fulfill our contractual obligations to you.
- Legitimate interests — for analytics, fraud prevention, and service improvement, where our interests do not override your rights.
- Legal obligations — to comply with law or defend legal rights.
- Vital interests — to protect the safety of any person.
Canada (PIPEDA)
We rely on express or implied consent, or on statutory exceptions (fraud investigations, legal requirements, publicly available information, etc.) as permitted under applicable Canadian law.
When and with whom do we share your information?
We may share your personal information in the following limited situations:
- Service providers — vendors and contractors (including our cloud infrastructure provider, Amazon Web Services) who perform services on our behalf under written contracts.
- Business transfers — in connection with a merger, sale of company assets, financing, or acquisition.
We do not sell, rent, or trade your personal information to any third party for commercial purposes.
Cookies & tracking technologies
We use cookies and similar technologies only for essential site functions — keeping you logged in, preventing crashes, saving preferences, and maintaining security. We do not use third-party advertising or behavioral tracking cookies.
Most browsers accept cookies by default. You can configure your browser to remove or reject cookies, though doing so may affect certain features of the Services.
International transfers
Our servers are located in the United States. If you access the Services from the EEA, UK, Switzerland, or other regions, your information may be transferred to and processed in the US, which may have different data protection laws than your country.
Where required, we use the European Commission's Standard Contractual Clauses and similar safeguards to protect your information during international transfers.
How long do we keep your information?
We retain your personal information only for as long as it is necessary for the purposes described in this notice, unless a longer retention period is required by law. In practice, we keep account data for as long as you have an active account with us.
When we no longer have a legitimate business need to process your information, we will delete or anonymize it. If deletion is not immediately possible (e.g., backup archives), we will securely isolate it until it can be deleted.
How do we keep your information safe?
Our Services are hosted on secure cloud infrastructure (Amazon Web Services). We use industry-standard practices including encrypted data transmission (HTTPS), access controls, and regular security reviews.
However, no system is 100% secure. We cannot guarantee that unauthorized parties will never defeat our security measures. Transmission of personal information is at your own risk and you should only access the Services within a secure environment.
Do we collect information from minors?
We do not knowingly collect data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 years old.
If we learn that we have collected personal information from someone under 18, we will deactivate the account and delete the data. If you become aware of this, please contact us at hello@imperigo.com.
What are your privacy rights?
Depending on your location, you may have the following rights under applicable data protection law:
- Access and obtain a copy of your personal information
- Request rectification or erasure
- Restrict or object to processing
- Data portability (where applicable)
- Not be subject to solely automated decision-making with significant effects
- Withdraw consent at any time (without affecting prior lawful processing)
To exercise these rights, visit our contact page or email hello@imperigo.com.
Account information
You may review and update your account details at any time by logging in to your account settings. Upon requesting account termination, we will deactivate or delete your account from active systems, though we may retain certain information as required by law or to prevent fraud.
Do US residents have specific rights?
If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have additional privacy rights under state law.
Categories of personal information collected (past 12 months)
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Name, email, IP address, account name | Yes |
| B. CA Customer Records | Name, contact information, financial info | Yes |
| C. Protected classifications | Gender, age, race, national origin | No |
| D. Commercial information | Transaction history, financial details | No |
| E. Biometric information | Fingerprints, voiceprints | No |
| F. Internet / network activity | Browsing history, ad interactions | No |
| G. Geolocation data | Device location | No |
| H. Sensory information | Audio, video recordings | No |
| I. Professional information | Job title, employment history | No |
| J. Education information | Student records | No |
| K. Inferences | Profiles from collected data | No |
| L. Sensitive personal information | — | No |
We have not sold or shared any personal information to third parties for commercial purposes in the preceding 12 months and will not do so in the future.
Your state rights include
- Right to know whether we are processing your personal data
- Right to access and receive a copy of your personal data
- Right to correct inaccuracies
- Right to request deletion
- Right to non-discrimination for exercising your rights
- Right to opt out of targeted advertising, sale of personal data, or profiling
How to exercise your rights
Contact us via our contact page or email hello@imperigo.com. If we decline to act on your request, you may appeal by emailing us and, if still unresolved, submit a complaint to your state attorney general.
California "Shine the Light" Law
California Civil Code § 1798.83 permits California residents to request, once per year, information about categories of personal information (if any) we disclosed to third parties for direct marketing. Contact us using the details in Section 14 to submit such a request.
Do we make updates to this notice?
Yes. We may update this Privacy Notice from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top will reflect the most recent revision. For material changes, we may notify you by posting a prominent notice or sending you a direct notification.
How can you contact us?
If you have questions or comments about this notice, please reach out:
- Email: hello@imperigo.com
- Contact form: imperigo.com/contact
- Post: Imperigo, LLC · 205 Van Buren Street Suite 120, Herdon, VA 20170 · United States
How can you review, update, or delete your data?
Based on the applicable laws of your country or state, you may have the right to request access to, correct inaccuracies in, or delete your personal information. To submit a request, visit our contact page or email hello@imperigo.com. We will respond in accordance with applicable data protection law.