NPYouNPYou

Privacy Policy

Last updated: May 9, 2026

1. Information We Collect

Account Information

When you create an account, our authentication provider (Clerk) collects your email address and name. This information is used to create and manage your account on the Platform.

Profile Information

You may optionally provide additional profile information stored in our database, including: phone number, and mailing address (street address, city, state, ZIP code). These fields are entirely optional and can be added, edited, or removed at any time through your User Settings.

Organizational Membership Data

When you join or are invited to an organization, we store your membership status, role (admin, facilitator, or member), and the dates associated with your membership actions (request, approval, denial).

Meeting & Attendance Data

When you attend a meeting (either checked in by a facilitator or via self-check-in with a code), we record your attendance, the method of attendance (in-person or virtual), and a timestamp.

Voting Data

When you cast a vote on a poll item, we record your vote value (yes, no, or abstain) along with your user identity and a timestamp. This data is used for governance audit purposes. See "Vote Privacy Model" below for details on who can access this information.

Guest Check-In Data

Non-members who check in to a meeting as guests provide their name and email address. This information is associated with the specific meeting and managed by the organization's administrators.

To request removal of your guest check-in records, contact the organization directly using the contact email shown on its public profile. The organization is the data controller for these records; NPYou hosts the platform but does not manage individual guest data on behalf of the organization.

Organization Assets

Organization administrators may upload a logo image. Logos are stored on a third-party image hosting service (Cloudinary) and displayed publicly on the organization's profile.

Automatically Collected Information

We use cookies and similar technologies for authentication session management (provided by Clerk). We do not use tracking cookies or third-party analytics at this time. Standard web server logs may record IP addresses, request timestamps, and browser information.

2. How We Use Your Information

We use the information we collect to:

  • Authenticate you and maintain your session
  • Display your name and role within organizations you belong to
  • Record and display meeting attendance for organizational records
  • Record votes and calculate aggregate tallies for organizational governance
  • Send you in-app notifications about events relevant to your memberships (poll openings, membership status changes, poll results)
  • Enable organization administrators to manage their members and organizational activities

3. Vote Privacy Model

Voting privacy is a core design principle of NPYou. The following controls are enforced at the application and database level:

  • During active voting: only aggregate tallies (total yes, no, and abstain counts) are displayed on live voting panels. No individual votes are visible to anyone during voting.
  • After voting closes: per-voter audit data (which user voted which way on each item) is accessible only to organization administrators through a dedicated, access-controlled audit view. This supports the accountability and transparency requirements of nonprofit governance.
  • Your own votes: you can always view your complete vote history across all organizations through your personal dashboard.
  • Facilitators (non-admin staff) can see aggregate tallies but cannot access per-voter audit data.
  • Other members cannot see how any other member voted.
  • Account deletion: when you delete your account, your votes on closed polls are anonymized — the link between the vote record and your identity is permanently removed. Aggregate tallies are preserved to maintain the integrity of completed governance decisions. Votes on open polls are deleted entirely.

4. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with the following third-party service providers as necessary to operate the Platform:

  • Clerk — authentication and session management
  • Neon (PostgreSQL) — database hosting
  • Cloudinary — organization logo image storage
  • Hostinger — application hosting

Each provider processes data only as necessary to provide their service. We do not share your voting data, attendance records, or profile details with any party outside of the organizations you belong to.

5. Data Retention

We retain your data for as long as your account is active. When you delete your account:

  • Your profile information, memberships, attendance records, and notifications are permanently deleted
  • Votes on closed polls are anonymized (your identity is removed but the vote values are preserved for aggregate tallies)
  • Organizations you created are not automatically deleted — you should transfer admin rights or delete the organization before deleting your account

Organization administrators may delete their organization at any time, which permanently removes all associated data including member records, meetings, attendance, polls, and votes.

6. Your Rights

You have the right to:

  • Access your personal data through your User Settings and dashboard
  • Correct your profile information at any time through User Settings
  • Delete your account and associated data through the User Settings page
  • Export your vote history via the vote history page on your dashboard

To exercise any rights not available through the Platform interface, contact us at support@npyou.app.

7. Security

We take reasonable measures to protect your information. Authentication is handled by Clerk, a dedicated identity provider with industry-standard security practices. Data is transmitted over encrypted connections (HTTPS). Database access is restricted to authorized application processes. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Children's Privacy

NPYou is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, you will be asked to review and accept the updated policy before continuing to use protected areas of the Platform. The "Last updated" date at the top of this page indicates when the policy was last revised.

10. Contact

If you have questions about this Privacy Policy or how your data is handled, contact us at support@npyou.app.