Managing Your Data and Privacy

Equipoise is committed to data transparency and your privacy rights. This guide explains how to manage your personal data across all organizations you interact with.

My Connections Dashboard

The My Connections page is your central hub for managing data privacy.

Accessing My Connections

  1. Log in to your account
  2. Click your profile icon
  3. Select My Connections

What You'll See

  • All organizations you've interacted with
  • Summary of purchases and donations per organization
  • Your subscription status with each organization
  • Total activity metrics

Viewing Organization Details

Click any organization to see:

  • When you became connected
  • Purchase history with that organization
  • Donation history
  • Communication preferences
  • Engagement level

Activity History

Click Full Activity to see your complete history:

  • All purchases with dates, amounts, and status
  • All donations with dates and amounts
  • Pagination for large histories

Communication Preferences

Each organization has separate preferences:

  • Email: Receive email communications
  • Marketing: Promotional content
  • Physical Mail: Printed materials
  • SMS: Text messages

Toggle each option and click Save Preferences.

Disconnecting from Organizations

If you no longer want to receive communications:

  1. Go to the organization's detail page
  2. Scroll to Disconnect section
  3. Click Disconnect
  4. Confirm your choice

This:

  • Stops all communications
  • Preserves your transaction history
  • Allows reconnection via future purchases

Downloading Your Data

GDPR requires that you can export your data.

How to Export

  1. Go to My Connections
  2. Click Download My Data
  3. Click Download My Data button
  4. Save the JSON file

What's Included

  • Contact information
  • All organization connections
  • Complete purchase history
  • Complete donation history
  • Email history
  • Communication preferences

Deleting Your Account

You have the right to be forgotten.

Before Deleting

  • Download your data first (you can't recover it later)
  • Understand that some records are anonymized, not deleted, for legal compliance

Deletion Process

  1. Go to My Connections
  2. Click Delete My Account
  3. Review what will happen
  4. Select a reason (optional)
  5. Confirm deletion

What Happens

  • Personal information is anonymized
  • You're unsubscribed from all organizations
  • Recurring donations are cancelled
  • Email history is deleted
  • Account access is removed
  • Anonymized transaction records retained for accounting

Your Privacy Rights

Under GDPR, CCPA, and other privacy laws:

Right How to Exercise
Access Download My Data
Rectification Update profile settings
Erasure Delete My Account
Portability JSON export
Objection Communication preferences
Restrict Disconnect from organizations

Data Security

Your data is protected by multiple layers of security.

Encryption at Rest (AES-256-GCM)

The following personal information is encrypted in our database:

  • Email addresses - Encrypted but searchable for login
  • First and last names - Encrypted for privacy
  • Phone numbers - Fully encrypted
  • Physical addresses - Mailing, shipping, and billing addresses
  • IP addresses - From logins and transactions
  • Private notes and messages - All communications
  • API keys and authentication tokens

What Is Not Encrypted

Some data remains unencrypted for legitimate reasons:

  • Organization/business names - Public business information
  • Public content - Event names, product descriptions you create
  • Transaction amounts - Required for financial reporting
  • Timestamps - Dates and times for sorting

Why Not Encrypt Everything?

We balance security with functionality:

  • Search: Encrypted data can't be searched with partial matching
  • Public data: Encrypting publicly displayed content adds overhead
  • Reporting: Financial totals need to be readable for analytics

The key protection is on data that could identify or harm you—contact details,
location data, and authentication credentials are all encrypted.

Payment Security

We never store credit card numbers. All payments are processed by our
PCI-DSS Level 1 certified payment processor (the highest security standard).

Encryption in Transit

All data transmitted between your browser and our servers is protected by
TLS 1.3 encryption—the current industry standard.

Additional Protections

  • Role-based access controls
  • Comprehensive audit logging
  • Regular security assessments
  • Rate limiting on authentication

Contact Us

For privacy questions: