Last updated July 10, 2026
Privacy Policy
1. Overview and Scope
Mainn Co ("Mainn," "we," "us," or "our") operates a school fundraising and community commerce platform. This Privacy Policy explains what personal information we collect, how we use it, when we share it, and the choices and rights you have.
This Policy applies to mainn.co, the school sites we host (for example, [schoolname].mainn.co), campaign pages, checkout and donation flows, the Shop Local module, and our administrative dashboards (together, the "Services").
This Policy covers the personal information of everyone who uses the Services: supporters, school and PTO administrators, business users, and participants. What this Policy cannot do is control what other, independent organizations do with information after they lawfully receive it. For those situations:
- Schools and PTOs ("Organizations"). Organizations receive supporter reports through the Services. Their further handling of that information is governed by their own policies, though our Terms of Service contractually limit Organizations to using it for their own fundraising, operations, and communications, and prohibit selling it.
- Business Partners. When information is shared with a business at your direction (see Section 4), the business's own privacy practices govern its use, though our agreements limit each business to the purpose disclosed to you at the time.
- Stripe. Payment card information goes directly to Stripe, Inc., our payment processor, under Stripe's privacy policy (stripe.com/privacy).
- Mainn Fund. Mainn Fund is a separate 501(c)(3) organization. Donations to Mainn Fund are governed by its own policies.
2. Information We Collect
2.1 Information You Provide
- Contact and account information: name, email address, mailing address, phone number, and login credentials if you create an account.
- Transaction information: the organization you support, donation amounts, items purchased, any preference you express about the use of funds, your choice to give anonymously, and any optional add-on contribution.
- Information you provide about others: gift recipient name and contact information (for gifted offers), and student recognition details (a student's first name and last initial only) if you choose to recognize a student with your donation or purchase. You may instead credit a class, grade, or other school group without providing any student information, and we do not request or accept any other student information in connection with recognition. Provide information about another person, especially a student, only with permission (see Section 7.3).
- Content and communications: campaign content, posts, ideas, requests submitted through the Services, and messages you submit, and your correspondence with us.
- Student participation information (where offered): for supervised student participation features such as student campaign pages, request submissions, or activity logging (for example, books or pages read during a read-a-thon), we collect the minimum information the feature needs, under the consent and supervision rules in Section 7.2.
2.2 Payment Information
Your card number and payment credentials are collected and processed directly by Stripe. Mainn does not receive or store full card numbers. We receive limited transaction metadata (such as amount, date, card brand, last four digits, and payment status) needed for receipts, reporting, and fraud prevention.
2.3 Information Collected Automatically
When you use the Services we collect device and usage information: IP address, browser and device type, pages viewed, referring pages, and timestamps, using cookies and similar technologies. We use this for operation, security, and analytics. You can control cookies through your browser settings.
2.4 Information from Organizations
An Organization may enter contact information (for example, to invite supporters or manage volunteers). The Organization is responsible for having the right to share that information with us.
3. How We Use Information
- Provide the Services: process donations and purchases, generate receipts (including QR redemption codes and fair market value disclosures), and provide Organizations with real-time reporting.
- Fulfill offers: pass fulfillment details to the business providing a product or offer you purchased.
- Verify redemptions and prevent fraud and abuse, together with Stripe's fraud tools.
- Support you: respond to questions, correct errors, and administer refunds where applicable.
- Communicate: send transactional messages, and marketing messages subject to your opt-out rights (Section 5).
- Celebrate fundraising: include student recognition in the reports available to the Organization and, where the Organization enables it, in celebration features such as leaderboards or recognition by grade or class, in reduced form as described in Section 7.3.
- Improve the Services: understand usage, fix problems, and develop features.
- Comply with law and enforce our Terms of Service.
We do not use your personal information to train artificial intelligence models, and we do not engage in profiling that produces legal or similarly significant effects.
4. When We Share Information
4.1 With the Organization You Support
When you donate to or purchase in support of an Organization, we make available to that Organization's authorized administrators a report that includes your name, contact information, transaction details, and any student recognition details you provided, unless you choose an anonymous option where offered. Organizations agree to use this information only for their own fundraising, operations, and communications, and never to sell it.
4.2 With Business Partners, at Your Direction
Your information reaches a business only when you explicitly choose to share it. The sharing option is never pre-selected, and declining an optional share never prevents you from completing your donation or purchase. There are two situations where we offer this choice, both disclosed at the time:
- Offer fulfillment. If you purchase an offer that the business must fulfill (for example, an introductory offer or a gifted item), you choose at checkout whether to share the purchaser or recipient information needed to fulfill it. If you decline, the business receives only confirmation that a valid purchase was made and a unique redemption identifier tied to the offer, not to you, and you redeem the offer by presenting that identifier (for example, the QR code on your receipt). Some offers cannot be fulfilled without your information (for example, an offer that is delivered to you or booked in your name). Where that is the case, the offer says so before you pay, completing the purchase or redemption is your explicit opt-in to share the information the offer requires, and nothing is shared beyond what the offer needs.
- Sponsored campaigns you opt into. Some campaigns and offers are sponsored by a business that pays for leads. Where that is the case, you may choose to share your contact information with the sponsor, including through a lead form specific to that business, and the financial relationship between the sponsor, Mainn, and the school is disclosed where you make the choice. If we pre-fill a form with information from your account, the pre-filled information is visible to you before you submit, and nothing is shared unless you submit it. You can decline and still complete your purchase, and you can withdraw consent later by contacting the sponsor or emailing hello@mainn.co.
Because sponsoring businesses pay Mainn to run these campaigns, your choice to share information with a sponsor may be considered a "sale" of personal data under Colorado law. We only share on this basis with your consent, and you may opt out at any time (Section 6).
4.3 Coupon Redemptions: What We Do Not Share
When you redeem a Shop Local coupon, we do not share your personal information with the business unless you explicitly choose to share it through an option we offer. By default, the business learns that a valid coupon was redeemed, not who redeemed it.
4.4 Service Providers
We use service providers to operate the Services, including payment processing (Stripe), application hosting and infrastructure, content delivery, email delivery, and analytics. They are permitted to use personal information only to provide services to us.
4.5 Legal and Safety
We may disclose information to comply with law or legal process, to protect the rights, safety, or property of Mainn, our users, schools, or the public, or to detect and prevent fraud or security issues.
4.6 Corporate Transactions
If Mainn is involved in a merger, acquisition, financing, or sale of assets, personal information may be transferred as part of that transaction, subject to this Policy's commitments.
4.7 Aggregated and De-Identified Data
We may use and share aggregated or de-identified data that cannot reasonably be linked to you, and we commit not to attempt to re-identify it.
4.8 What We Never Do
- We never sell donor lists.
- We never share personal information with third-party advertising networks for cross-site targeted advertising.
- We never share your personal information with a business unless it is needed to fulfill something you purchased or you explicitly choose to share it (including at coupon redemption).
- We never use student information for marketing or advertising, and we never sell it.
5. Your Choices
- Anonymous giving. Where offered, you can keep your name out of the reports available to the Organization you support.
- Marketing email. Use the unsubscribe link in any marketing email, or email hello@mainn.co.
- Text messages. We text you only with your separate consent. Reply STOP to cancel at any time.
- Sponsor sharing. Decline the sharing option at checkout, or withdraw consent afterward via the sponsor or hello@mainn.co.
- Cookies. Manage cookies through your browser settings.
- Global Privacy Control. We honor Global Privacy Control (GPC) signals as a valid request to opt out of the sale of personal data and targeted advertising, as required by Colorado law.
6. Your Privacy Rights
We extend the following rights to all users of the Services, whether or not a particular state privacy law applies to your data. If you are a Colorado resident, these rights are provided consistent with the Colorado Privacy Act.
- Access: confirm whether we process your personal data and obtain a copy of it in a portable format.
- Correction: correct inaccurate personal data.
- Deletion: delete personal data concerning you, subject to legal retention requirements (for example, transaction and tax records).
- Opt out: opt out of the sale of personal data, targeted advertising, and profiling in furtherance of decisions that produce legal or similarly significant effects. As described in Section 4.2, the only "sale" we engage in is consent-based sponsor sharing you choose at checkout.
How to exercise these rights. Email hello@mainn.co with the subject line "Privacy Request," or write to Mainn Co, 155 North College Avenue, Suite 208, Fort Collins, CO 80524. We will verify your request using information associated with your account or transactions, respond within 45 days, and extend once by 45 days where reasonably necessary with notice to you. Exercising a right will never result in discriminatory treatment.
Appeals. If we decline your request, you may appeal by replying to our decision with the subject line "Privacy Appeal." We will respond within 45 days. If you are a Colorado resident and are dissatisfied with the outcome, you may contact the Colorado Attorney General at coag.gov.
Authorized agents. Where applicable law permits, an authorized agent may submit an opt-out request on your behalf; we will verify the agent's authority.
7. Children and Students
7.1 Accounts and Payments Are for Adults
Accounts, donations, and purchases are for adults 18 and older. Outside the supervised participation features described in Section 7.2, we do not knowingly collect personal information from children under 13, and if we learn that we have, we will delete it. Parents or guardians with concerns can contact hello@mainn.co.
7.2 Student Participation Features
Where the Services offer student participation features (for example, student campaign pages, request submissions, or activity logging such as read-a-thon tracking), they operate under supervision and consent controls: children under 13 participate only through a parent, guardian, or school acting on the child's behalf; participants 13 to 17 require verifiable parent or guardian consent and their school's authorization; and the school or PTO controls review, approval, and publication. For these features we collect the minimum information the activity needs, we retain it only as long as the activity requires, we never use student information for marketing or advertising or engage in targeted advertising to minors, we never sell it, and we never share it with Business Partners. Parents and guardians may review, correct, or delete their child's information and withdraw consent at any time by emailing hello@mainn.co.
7.3 Student Recognition
A supporter may recognize a student when donating or purchasing by providing the student's first name and last initial only. A supporter may instead credit a class, grade, or other school group without providing any student information. We do not request or accept a student's full name, grade, teacher, or any other student information in connection with recognition. Supporters must have permission from the student's parent or guardian to recognize a student. Recognition information appears in the reports available to the school or PTO and, where the school or PTO enables celebration features such as leaderboards, is displayed only under that Organization's settings and never in more detail than was provided. A parent, guardian, or Organization can have a student's recognition information removed or excluded from display at any time by emailing hello@mainn.co.
7.4 Content Posted by Schools
Campaign pages managed by schools and PTOs may include names or images of students that the Organization chooses to post. That content is controlled by the Organization under its own school and district policies. Requests about student content should be directed to the school or PTO, and we will assist with prompt removal on request.
8. Data Retention
We retain personal information for as long as needed to provide the Services and for legitimate business and legal purposes: account information while your account is active; transaction records as required for tax, accounting, and audit purposes; and correspondence as needed to resolve issues. When information is no longer needed, we delete or de-identify it. We maintain a written retention schedule, and we honor verified deletion requests as described in Section 6.
9. Security
We use reasonable administrative, technical, and physical safeguards, including encryption of data in transit, access controls, and payment processing through Stripe, which is PCI-DSS certified. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If a security breach affects your personal information, we will notify you and regulators as required by law, including Colorado's breach notification statute.
10. Do Not Track and GPC
We honor Global Privacy Control signals as described in Section 5. Other than GPC, our Services do not currently respond to browser "Do Not Track" signals, for which no common standard exists.
11. Third-Party Links
The Services link to businesses, schools, and other third-party sites. Their privacy practices are their own. Review their policies before providing personal information.
12. Changes to This Policy
We may update this Policy as the Services evolve. If we make a material change, we will give notice by email or by a prominent notice on the Services at least 30 days before the change takes effect, where practicable. The effective date at the top of this Policy shows when it was last revised.
13. Contact Us
Privacy questions or requests: legal@mainn.co, subject line "Privacy Request." Mail: Mainn Co, 155 North College Avenue, Suite 208, Fort Collins, CO 80524.