Privacy Policy

Last Updated: June 13, 2023

At Millie, PBC (the “Millie,” “we,” or “us”), your privacy is very important to us. The purpose of this privacy policy (this “Policy”) is to provide you with a description of the types of information we collect about you when you visit Millie’s website located at, associated sub-domains and the related Millie mobile applications (collectively, the “Site”) and/or access the services of Millie that you have registered to use, including but not limited to our proprietary platform (the “Services”), and how we use that information. This Policy only applies to information collected while you are on the Site or you are accessing or using (or communicating with us about accessing or using) the Services.

1. Information We Collect.

We collect and store information that you voluntarily provide to us as well as data related to your use of the Site and the Services.

User-Provided Information

From users who sign-in to our Services we collect the following information:

Field - Notes

Email address - Required to sign-in to the Services

Name - Required

Phone number - Optional

Country - Required to sign-in to the Services

Zip Code - Required

Billing and payment information - Required to make a donation

Messages through our contact form, or with our sales or support teams - Required for customer support. We retain messages between you and our team members

Automatically Collected Information

We automatically collect certain aggregate information and analytical data related to your Site visit usage and use of the Services (see “Use of Cookies” below). Aggregate information is non-personally identifiable or anonymous information about you, and may include the date and time of your visit, page navigation, the IP address of your computer or mobile device, your computer or mobile device browser information, the Internet address that you visited prior to and after reaching the Site or Services, the name of the domain and host you used to access the Internet, the type of mobile device you use, your mobile device’s unique device ID and the features of our Site and Services which you accessed. IP addresses recorded by our log files are not linked to personal identifiers.

Third-Party Services

To the extent you use a third-party service to intact with our Site or Services, such as our credit card payment processor (currently Stripe) or integration with social media or other communications platforms (such as Slack), personal data will be collected by those providers and governed by their respective privacy policies.

Your Employer or Organization

Your employer or organization may subscribe to our Services, and in connection with their onboarding process may share information with us, such as your name, email address, and donation preferences.

2. How We Use Your Information.

We use collected information to make available and to improve our high standard of reliable services. We use such information for the following purposes:

  1. To provide you with access to the Site and the Services;
  2. To recommend charities to users for potential donations through the Site;
  3. To facilitate charitable donations pursuant to users’ requests submitted on the Site;
  4. To respond to inquiries and monitor such responses;
  5. To provide information about and market our products or services and third party services;
  6. To analyze visitors’ access to and use of the Site and the Services;
  7. To send you notices about the Site and Services;
  8. To resolve problems; and
  9. To improve and manage the Site and the Services.

If you have any questions regarding the foregoing, or our privacy practices, you may contact us at

3. How We Share Your Information.

We do not share personal data except as described here. We never rent or sell your personal data. We may disclose your personal data for the purposes described above.

Partners and Affiliates

We may disclose personal data to appropriate partners of Millie, including integration partners, to respond to a request for service or to provide information about available products or services, including third party services and products.

Charities You Donate To

We may disclose information about you to the Charities you select for their records, reporting, marketing, and recognition purposes.

Legal Compliance

We disclose information that we, in good faith, believe is appropriate to cooperate in investigations of fraud or other illegal activity. We disclose information in response to a subpoena, warrant, court order, levy, attachment, order of a court-appointed receiver or other comparable legal process, including subpoenas from private parties in a civil action. We may disclose information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you) when requested and authorized by the controller to do so..

Successors, or in Connection with Sale

As with any other business, it is possible that in the future we could merge with or be acquired by another company. If such an acquisition occurs, the successor company would have access to the information maintained by us, including customer account information, but would continue to be bound by this Policy unless and until it is amended.

Our Services Providers

We share information with companies that provide public relations and marketing services for us, and we also may share your information with our parent, subsidiaries and joint ventures to help coordinate any service we provide to you, enforce our terms and conditions, and promote trust and safety.

Non-Personal Data

We are not limited in our use of non-personal data that does not permit direct association with any specific individual, or non-identifiable aggregate information about our users (such as the number of users of our services, the geographic distribution of our users, the amount of information located and/or removed, etc.). We may share aggregate (non-personally identifiable) information with certain third parties such as advertisers, national industry organizations, and prospective affiliates.

4. Other Matters

Opt-in for Receiving Marketing Materials

When customers sign up with Millie PBC, account admins are agreeing to opt-in to receive periodic emails and other promotional and marketing materials from us. You can unsubscribe at any time.

Our marketing communications may include:

Announcements of new features or services

Updates on special offers and promotions

Event invitations and reminders

Admins can opt out of receiving marketing communications from us at any time by following the unsubscribe instructions included in every email, or by contacting us directly.

We value your privacy and take your data security seriously. Your personal information will never be shared with third parties for their marketing purposes.

Links to Third Party Sites

Our Site includes links to other websites whose privacy practices may differ from those of Millie. If you submit personal data to any of those websites, your information will be governed by their privacy policies. We encourage you to carefully read the privacy notice of any website you visit.

General Data Protection Regulation (“GDPR”) Compliance.

We take our responsibility as a GDPR processor very seriously and acknowledge that we process personal data on behalf of our customers who are the Controllers. It is our commitment to comply with all GDPR requirements and ensure that personal data is processed in a lawful, fair, and transparent manner. Our obligation as a processor includes the following:

  • We use personal data only as instructed and for the specific purposes mentioned in the contract we have with the Controller.
  • We implement appropriate technical and organizational measures to ensure the security of personal data and ensure that all personnel involved in the processing are bound by confidentiality obligations.
  • We assist and cooperate with our customers in fulfilling their GDPR obligations, such as responding to data subject requests and reporting personal data breaches.
  • We engage sub-processors only with the authorization of our customers and ensure that they are obligated contractually to provide adequate guarantees to implement suitable technical and organizational measures that meet GDPR requirements.
  • We maintain a record of all processing activities carried out on behalf of Controllers.

Working with our customers who are the Controllers, we aim to meet these obligations and ensure that their personal data is processed safely and securely.

The Company’s Site and Services are operated in the United States. If you are a resident of or are located in the European Economic Area (“EEA”), you may also have certain rights under the GDPR regarding the use and transfer of your personal data. If you are located in the EEA or elsewhere outside the United States, any information that you provide, including your personal data, to Millie in connection with your use of the Site or the Services will be transferred to the United States. We may also transfer your personal data to third parties acting on our behalf for the purposes of data processing, storage, maintenance, and improvements to the Site and Services with authorization from the Controller. By providing any information to us, you consent to the transfer, processing, and storage of such information in the United States. In general, under the GDPR, data subjects may make the following requests to Controllers:

  • Request access to your personal data;
  • Request that incomplete or incorrect data be corrected;
  • Request your personal data be deleted;
  • Request the suspension or restriction of the use of your personal data, or withdraw your consent for Controllers or Processors to use your personal data; and
  • Request a copy of your personal data.

Should you request a copy of your personal data, we will forward the request to the Controller. We will then cooperate with the Controller however necessary to fulfill the request under the direction of the Controller.

When we receive requests directly from Controllers, we cooperate with the Controller however necessary to fulfill the request under the direction of the Controller.

When we receive requests from Controllers regarding the deletion of data, we will take commercially reasonable steps to do so as soon as practicable, although your right to have your personal data deleted is subject to exceptions, such as, for example, compliance with a legal obligation or for the establishment, exercise or defense of legal claims.

Use of Cookies.

“Cookies” are simple text files stored on your computer for use by a browser. Certain Site or Service features may only be available through the placement of a cookie. We may use “cookies” to assist in data collection and to track visitor Site and Services usage and trends to help us better serve you. The use of cookies is a standard practice among Internet websites; most Internet browsers permit a user to accept, decline or delete cookies. We may use persistent cookies to make it easier for you to navigate the Site and our Services. Specifically, we may use persistent cookies to track whether you are logged into the Site or our Services. A persistent cookie may remain on your local device for an extended period of time. You can remove persistent cookies by following the directions provided in your Internet browser’s “help” file. We may set a persistent cookie to store how you came to the Site and what items you interact with. Persistent cookies also enable tracking and targeting the interests of our users to enhance their experience on the Site. If you reject cookies, you will still be able to view the Site, but your ability to use some areas of the Site may be limited. Some of our business partners (e.g., analytical tracking software providers) may use cookies and tracking technologies on the Site. We have no access to or control over these cookies or tracking technologies. This Policy covers the use of cookies on and the Company platform by us only and does not cover the use of cookies or tracking technologies by any such business partner.

When you use the Site or Services, we may employ clear gifs (a.k.a. Web Beacons) which are used to track the online usage patterns of our users anonymously. No personal information from your account is collected using these clear gifs. In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened by recipients. The information is used to enable more accurate reporting, improve the effectiveness of our marketing, and make the Site or Services better for our users.

Cookies we use.

Data Security.

We follow generally accepted industry standards to protect the personal data submitted to us, both during transmission and once we receive it. Our Site uses Secure Sockets Layer (SSL) encryption on all web pages where personal data is required and to make online donations you must use an SSL-enabled browser in order to protect the confidentiality of your personal and credit card information while it’s transmitted over the Internet.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet, or method of electronic storage, is 100% secure and we cannot guarantee its absolute security. In the event of an inadvertent disclosure of your personal data, we will take commercially reasonable steps to limit and remedy the disclosure as required by applicable law. If you have any questions about the security of our Site and our Services, you can contact us via email at or telephone at (339) 364-2018.

Data Retention.

For EU residents, we will retain personal data about you only for the period necessary and authorized by the Controller. We retain this personal data to perform the Services for you and for the purposes outlined in this Policy and agreed upon in the terms of the contract with the Controller. Notwithstanding this, for all U.S users, we may retain your personal information for the purposes of offering the Services, other listed purposes in this policy,  and compliance with legal or regulatory requirements to which we are subject.

Age Limitation.

This Site and the Services are not directed to persons under the age of 13 (collectively, “Children” and, each, a “Child”). We do not knowingly collect or solicit information from, market to or perform services for Children. If we become aware that a Child has provided us with personal data, we take steps to remove such information. If you become aware that your Child has provided us with personal data without your consent, please contact us at or (339) 364-2018.

Effective Date; Policy Changes.

Each time you use the Site and our Services, the current version of the Policy will apply. Accordingly, when you use the Site or our Services, you should check the date of this Policy (which appears at the top of the Policy) and review any changes since the last version. Our business changes frequently and this Policy is subject to change from time to time. You are encouraged to check the Site regularly for any changes to this Privacy Policy. Unless stated otherwise, our current Policy applies to all information that we have about you. We will not materially change our policies and practices to make them less protective of customer information collected in the past without the consent of affected customers.

Governing Law.

This Policy is governed by the laws of the Commonwealth of Massachusetts, U.S.A. without giving effect to any principles of conflict of law.

Your California Privacy Rights.

California Civil Code Section 1798.83 permits customers who are California residents and who have provided Millie with “personal information” (as that term is defined in Section 1798.83) to request certain information about the disclosure of that information to third parties for their direct marketing purposes. Requests may be made only once a year and are free of charge. If you are a California resident with questions regarding this issue, please contact us at or (339) 364-2018 or at Millie PBC, 991 Providence Hwy #1132 Norwood, MA 02062.

California Do Not Track Signals.

We do not currently take actions to respond to “Do Not Track” (DNT) signals because a uniform technological standard has not yet been developed. We continue to review new technologies and may adopt a DNT standard once one is created. For information about DNT, please visit:

Contact Us.

To contact us with your questions or comments regarding this Policy or the information collection and dissemination practices of the Site, please email us at