Skip to main content

GDPR Compliance

Goodworld’s commitment to data privacy and security

Raagini Sarkar avatar
Written by Raagini Sarkar
Updated over 3 weeks ago

Goodworld is committed to ensuring the privacy, security, and transparency of personal data in accordance with the General Data Protection Regulation (GDPR). As a platform that supports nonprofits, businesses, and donors across the globe, we prioritize protecting user information and upholding the rights of individuals under European privacy law.

This article outlines how Goodworld complies with key provisions of the GDPR, including how data is collected, used, secured, and transferred.

We protect your data

  • Transparency – Users are informed clearly and fully about what personal data is collected and how it is used.

  • Control – Data subjects are empowered with rights to access, correct, delete, and control their personal data.

  • Security – Technical and organizational safeguards are in place to protect personal data from misuse or unauthorized access.

  • Lawful Use – All data processing activities are grounded in clear legal bases as required by the regulation.

We follow the law

Lawful Basis for Processing (Articles 6–7)

Goodworld processes personal data only under valid legal bases:

  • Consent – When users actively agree to share data.

  • Contract – To fulfill services or agreements entered into with the user.

  • Legitimate Interest – For activities reasonably expected in the context of a user relationship.

  • Legal Obligation – When required to comply with legal or regulatory responsibilities.

Transparency and User Information (Articles 12–14)

Our Privacy Policy and Terms of Service clearly explain:

  • What types of data are collected (e.g., contact information, donation history).

  • Why the data is collected and how it is used.

  • Contact information for further questions or concerns.

Data Subject Rights (Articles 15–22)

Users have full control over their personal data. Goodworld supports:

  • Right to Access – Request and receive a copy of the personal data held.

  • Right to Correct – Request corrections to inaccurate or incomplete data.

  • Right to Delete – Request permanent deletion of personal data.

  • Right to Restrict or Object – Limit processing or object to data use.

  • Right to Data Portability – Request a transferable copy of their data.

International Data Transfers (Articles 44–49)

Goodworld may transfer personal data to servers in the United States. To ensure compliance:

  • We implement Standard Contractual Clauses (SCCs) or equivalent safeguards.

  • Users are informed of cross-border transfers in our policy documentation.

Security and Data Retention (Articles 5, 24, 32)

Goodworld uses reasonable and appropriate measures to protect data:

  • Technical and organizational safeguards secure user information.

  • Personal data is retained only as long as necessary for its purpose.

  • We adhere to data minimization principles, collecting only what is needed.

Children’s Data (Article 8)

  • Goodworld is designed for users aged 18 and older.

  • We do not knowingly collect personal data from children.

  • If an underage user is identified, their account and associated data will be permanently deleted.

Contact and Redress (Articles 13–14, 77)

  • Our Privacy Policy includes contact details for data-related inquiries.

  • Users are informed of their right to file a complaint with a supervisory authority if they believe their data rights have been violated.

Your Trust Matters

At Goodworld, we understand the importance of protecting user data and respecting global privacy standards. GDPR compliance is not only a legal responsibility—it’s a commitment to building trusted relationships with our users.

If you have questions about your data or how it is handled under GDPR, please contact us at hello@goodworldnow.com or schedule a call with our team.

Did this answer your question?