Trust Center

Built for charities that take data seriously.

How we store, protect and use the data your charity uploads — written in plain language for trustees, leadership teams and operations staff.

GDPR & data privacy

Privacy is part of the operating model.

We design the workspace so that charities can run AI-powered reporting without compromising on the data principles their funders, donors and beneficiaries expect.

How charity data is stored

Datasets and reports are stored inside your private workspace on managed UK/EU cloud infrastructure. Records are tied to your organisation's account and isolated from other tenants by row-level access controls.

How uploaded files are processed

Spreadsheets and CSV exports are parsed into structured KPIs used to generate dashboards and AI summaries inside your workspace. Files are not shared with other customers and are not used for advertising.

Workspace access controls

Each workspace is scoped to authenticated users from your organisation. Datasets, reports and Copilot conversations are only visible to signed-in members of that workspace.

Secure authentication

Sign-in is handled through managed authentication with hashed credentials, session tokens and optional Google sign-in. We never store passwords in plain text.

Data retention and deletion

You can delete uploaded datasets and generated reports from your workspace at any time. On request we will permanently remove your account data from our systems.

GDPR-conscious design principles

We follow data-minimisation, purpose-limitation and least-privilege principles. We do not ask charities to upload personal donor identifiers unless their analysis genuinely requires it.

Security & data handling

Cloud-grade security, charity-friendly explanations.

Charity AI Solutions runs on managed cloud infrastructure with the same controls used by financial and healthcare SaaS — without the jargon.

Secure cloud infrastructure

Hosted on enterprise-grade managed cloud services with hardened network controls, automated patching and provider-level certifications.

Encrypted data storage

Data is encrypted at rest and in transit using industry-standard TLS and managed encryption keys.

Authenticated workspaces

Every read and write to your workspace passes through authenticated, row-level access policies — there is no public access path to your operational data.

Secure file handling

Uploads are validated, parsed in isolated workers and bound to your account. Original files and derived KPIs remain inside your workspace.

User-owned data principles

Your data belongs to your charity. You decide what to upload, what to keep and when to remove it. We do not sell or share charity data.

AI transparency

How our AI actually works.

We use AI to draft reports faster, not to replace charity expertise. Here's how it interacts with your data.

How AI-generated reports work

AI models read the structured KPIs derived from your uploads and produce narrative summaries, board-style commentary and recommended actions grounded in that dataset.

What we use your data for

Uploaded data is used solely to power analysis inside your workspace — dashboards, reports and Copilot answers for your team. It is not used to train shared AI models.

You control exports and reports

Reports, PDFs and Copilot conversations stay inside your workspace until you choose to download or share them.

Always review AI outputs

AI summaries are a drafting aid for senior staff and trustees. Review and verify any figures, recommendations or risk language before using them in formal reporting to funders, regulators or boards.

A note for trustees: AI outputs are drafts. Treat them like a junior analyst's first pass — useful, fast and worth reviewing before anything is signed off for funders, the Charity Commission or your board.
FAQ

Common questions from charity leadership teams.

The questions trustees and operations leads ask most often when reviewing the platform.

Where is our data stored?

On managed UK/EU cloud infrastructure within your private workspace. It is logically isolated from other organisations using the platform.

Can we delete reports?

Yes. You can delete individual reports and datasets from your workspace at any time. Account-level deletion is available on request.

Is donor data secure?

Donor data sits inside your authenticated workspace, encrypted at rest and in transit, and accessible only to signed-in members of your organisation. We recommend uploading the minimum personal data needed for your analysis.

Does AI train on our data?

No. Your uploaded data is used to generate insights inside your workspace. It is not used to train shared or third-party AI models.

Who can access uploaded reports?

Only authenticated members of your workspace. Our team only accesses workspace data when you explicitly request support.

Can trustees export reports?

Yes. Reports can be exported as PDFs for board packs, funders and regulators directly from the workspace.

Is the platform GDPR aligned?

We design the platform around GDPR principles — data minimisation, purpose limitation, secure storage and deletion on request. We do not claim formal certification, and we recommend reviewing our handling against your own DPIA.

Can teams collaborate inside the workspace?

Yes. Multiple authenticated users from your organisation can work in the same workspace, share datasets and revisit reports and Copilot conversations.

Have a question we haven't answered? hello@charityaisolutions.co.uk