Managing Your Data and Privacy
Equipoise is committed to data transparency and your privacy rights. This guide explains how to manage your personal data across all organizations you interact with.
My Connections Dashboard
The My Connections page is your central hub for managing data privacy.
Accessing My Connections
- Log in to your account
- Click your profile icon
- Select My Connections
What You'll See
- All organizations you've interacted with
- Summary of purchases and donations per organization
- Your subscription status with each organization
- Total activity metrics
Viewing Organization Details
Click any organization to see:
- When you became connected
- Purchase history with that organization
- Donation history
- Communication preferences
- Engagement level
Activity History
Click Full Activity to see your complete history:
- All purchases with dates, amounts, and status
- All donations with dates and amounts
- Pagination for large histories
Communication Preferences
Each organization has separate preferences:
- Email: Receive email communications
- Marketing: Promotional content
- Physical Mail: Printed materials
- SMS: Text messages
Toggle each option and click Save Preferences.
Disconnecting from Organizations
If you no longer want to receive communications:
- Go to the organization's detail page
- Scroll to Disconnect section
- Click Disconnect
- Confirm your choice
This:
- Stops all communications
- Preserves your transaction history
- Allows reconnection via future purchases
Downloading Your Data
GDPR requires that you can export your data.
How to Export
- Go to My Connections
- Click Download My Data
- Click Download My Data button
- Save the JSON file
What's Included
- Contact information
- All organization connections
- Complete purchase history
- Complete donation history
- Email history
- Communication preferences
Deleting Your Account
You have the right to be forgotten.
Before Deleting
- Download your data first (you can't recover it later)
- Understand that some records are anonymized, not deleted, for legal compliance
Deletion Process
- Go to My Connections
- Click Delete My Account
- Review what will happen
- Select a reason (optional)
- Confirm deletion
What Happens
- Personal information is anonymized
- You're unsubscribed from all organizations
- Recurring donations are cancelled
- Email history is deleted
- Account access is removed
- Anonymized transaction records retained for accounting
Your Privacy Rights
Under GDPR, CCPA, and other privacy laws:
| Right | How to Exercise |
|---|---|
| Access | Download My Data |
| Rectification | Update profile settings |
| Erasure | Delete My Account |
| Portability | JSON export |
| Objection | Communication preferences |
| Restrict | Disconnect from organizations |
Data Security
Your data is protected by multiple layers of security.
Encryption at Rest (AES-256-GCM)
The following personal information is encrypted in our database:
- Email addresses - Encrypted but searchable for login
- First and last names - Encrypted for privacy
- Phone numbers - Fully encrypted
- Physical addresses - Mailing, shipping, and billing addresses
- IP addresses - From logins and transactions
- Private notes and messages - All communications
- API keys and authentication tokens
What Is Not Encrypted
Some data remains unencrypted for legitimate reasons:
- Organization/business names - Public business information
- Public content - Event names, product descriptions you create
- Transaction amounts - Required for financial reporting
- Timestamps - Dates and times for sorting
Why Not Encrypt Everything?
We balance security with functionality:
- Search: Encrypted data can't be searched with partial matching
- Public data: Encrypting publicly displayed content adds overhead
- Reporting: Financial totals need to be readable for analytics
The key protection is on data that could identify or harm you—contact details,
location data, and authentication credentials are all encrypted.
Payment Security
We never store credit card numbers. All payments are processed by our
PCI-DSS Level 1 certified payment processor (the highest security standard).
Encryption in Transit
All data transmitted between your browser and our servers is protected by
TLS 1.3 encryption—the current industry standard.
Additional Protections
- Role-based access controls
- Comprehensive audit logging
- Regular security assessments
- Rate limiting on authentication
Contact Us
For privacy questions:
- Email: legal@equipoi.se
- Response time: Within 30 days