At Timecounts, privacy is a priority. Nonprofits and volunteers trust us with important personal data, and we take that responsibility seriously. This overview explains, in simple terms, how we protect your information and the safeguards we have in place across the platform.
For full legal details, you can always refer to our Privacy Policy and Data Processing Agreement (DPA).
What data Timecounts collects
Timecounts collects only the data needed to provide the Services you use.
This can include:
Account information such as your name, email, and role
Details you share when you sign up for a volunteer opportunity
Activity within the platform, like shifts, messages, or availability
Data an organization collects through custom forms
Technical details like IP address and device type to keep the service secure
We do not sell or share your information for advertising purposes.
Who controls your data
In most cases:
Organizations that use Timecounts (festivals, charities, teams, schools, etc.) act as the Controller of volunteer data
Timecounts acts as the Processor, handling data on their behalf
This means the organization you participate with manages your volunteer profile and decides what information is collected.
Timecounts uses your data only to deliver the Services and support the organization you are working with.
How we protect your information
We use industry-standard security practices to help keep your data safe, including:
Encryption in transit and at rest
Role-based access controls
Secure infrastructure hosted with trusted providers
Continuous monitoring and logging
Backups and disaster recovery
Vendor and subprocessor review
Regular security updates and assessments
A detailed list of our technical and organizational measures appears in our Data Processing Agreement (DPA).
International data transfers
Timecounts is based in Canada, which the European Commission and United Kingdom recognize as providing an adequate level of data protection.
We also work with carefully selected subprocessors to deliver parts of the service.
When data is transferred internationally, we use approved safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, or other lawful transfer mechanisms.
You can view our full list of subprocessors here:
https://timecounts.org/subprocessors
Your privacy rights
Depending on where you live, you may have rights such as:
Accessing a copy of your data
Correcting inaccurate information
Requesting deletion
Exporting your data
Objecting to certain types of processing
Volunteers should contact the organization they volunteer with to manage their profile and personal information.
For help, our privacy team is here to assist at [email protected]
Our Data Processing Agreement (DPA)
Organizations using Timecounts can review our DPA at any time.
It outlines:
Our data protection obligations
How we process personal data on your behalf
Security measures
Subprocessor requirements
International transfer safeguards
View the DPA: https://timecounts.org/dpa
Have questions?
We’re here to help.
For privacy-related questions or requests, contact:
[email protected]