Your Privacy

if.then.fund is committed to respecting your privacy as we try to shape Congress. This page describes what happens to your information as you use the website.

The information we collect

Contributor information

When you use this website to make a campaign contribution, we ask for your name, address, occupation, employer, and contribution amount. When the campaign contribution is made (e.g. after a vote occurs), we must by law report this information to the recipients of your contribution (primary campaign committees) and to the Federal Election Commission, a government agency. The information becomes a part of the public record and will be searchable in online databases. We may also display your contributor information on this website either in aggregated or anonymized form.

Action information

We also ask you how you would vote on bills in Congress and how you would like to filter recipients. We may send this information to the recipients of your camapaign contributions, but this information is not sent to the Federal Election Commission and does not become a part of the public record. We may also display your action information on this website either in aggregated or anonymized form.

Payment information

We also ask for payment information: your credit card number, its expiration date, and its verification code. We store the last four digits of your credit card number, its expiration date, and a hashed (matchable but non-recoverable) form of your credit card number and expiration date. The other aspects of your payment information are used only transiently to authorize a charge. If you make your contribution contingent on the outcome of a future vote, we do not charge your credit card until after a vote in Congress occurs, and we store a random token associated with your credit card that allows us to make the future charge on your card when the vote occurs.

Standard logs, cookies

As with your visits to most other websites, the date and time of each resource you access, your computer’s IP address, where you came from, and web browser properties are stored for fraud prevention and analytics purposes. We also set a cookie, which let’s us remember who you are and is used for things such as keeping you logged in.

Accounts

If you create an account, we ask for your email address and a password to protect your account. Your password is stored only in hashed (matchable but non-recoverable) form. We will email you about your contributions and, if you’d like, about other ways to take action on this website.

We currently retain all data indefinitely.

Our security practices

The connection between your browser and our web server is encrypted. Check that your address bar looks like this to know for sure:

We additionally employ DNSSEC, PBKDF2+SHA256 hashing for passwords, and TLS with third-party services. This all keeps your information secure. If you can think of something else we should be doing, just let us know.

Where your information goes

We connect with the third-party services below to help us make if.then.fund work. Each of them may obtain some of the information listed above or other data concerning some aspects of your browsing history on this website.

Democracy Engine, our sister company owned by one of our co-founders, is our payment processor and routes your contributions to the recipient candidate committees.

The third-party services we use below are quite common on the Internet, and you almost certainly visit other websites using some of them on a regular basis:

Mixpanel, a web analytics company, helps us see how people are using the site so that we can understand where to make it better.

Our infrastructure is housed at Amazon Web Services, Digital Ocean, and WordPress.

CDYNE provides geolocation services. We send CDYNE your street address (but no other information) to determine what congressional district you live in.

Your browser will additionally fetch resources from Adobe TypeKit, Facebook, Google, and Twitter. We do not send these services any information about you, but your browser may reveal to these services that you have been visiting this website. These services may use cookies, web beacons, and similar technologies to provide measurement services to us and to target ads (opt out).

We are not in the business of selling your personal data.

About this page

Although this page is subject to change, we will post a clear list of changes here as they are made.

September 28, 2016. Removed Comodo third party and added a clarification about when credit cards are charged.

March 17, 2016. Added Google as a third-party embedded service.

September 20, 2015. Added Adobe TypeKit as a third-party embedded service; removed Bootstrap CDN and Google Hosted Libraries as we are no longer embedding these.

May 20, 2015. Added Facebook and Twitter as third-party embedded services and that they may use cookies.

Our initial privacy policy was posted on February 1, 2015.