Privacy Policy - CHERRY

We understand that the information you share with us is important to you. We are grateful that you trust us to collect, use, and share your information in a respectful and professional manner. This Privacy Policy describes the types of information that we may collect from you or that you may provide (“Personal Information”) in the Cherry Application/Platform (“Application”) and any of its related products and services (collectively, “Services”), and our practices for collecting, using, maintaining, protecting, and disclosing that Personal Information. It also describes the choices available to you regarding your use of your Personal Information and how you can access and update it.

This Privacy Policy is a legally binding agreement between you (“User”, “you” or “your”) and Cherry, LLC (“Cherry”, “we”, “us” or “our”), and any of our affiliates. If you are entering into this agreement on behalf of a business or other legal entity, you represent that you have the authority to bind such entity to this agreement, in which case the terms “User”, “you” or “your” shall refer to such entity. If you do not have such authority, or if you do not agree with the terms of this agreement, you must not accept this agreement and may not access and use the Application (e.g., platform, website, or mobile application) and Services. By accessing and using the Application and Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. Your use also confirms that you are consenting to the practices and procedures described in this Privacy Policy. This Privacy Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

Collection Of Personal Information

We receive, collect, store, and analyze any information that you provide to us, including the information you enter into the Application and Services. This information includes but is not limited to Identifying Information such as your name, address, email addresses, phone numbers, username, age, gender; Payment Information, such as credit card numbers, names of your financial institutions and their related banking information; Product Information you viewed in the Application or our Services; and Device Information such as device type, log files, configurations, and credentials.

Automatic Collection Of Personal Information

When you use the Application and Services, our servers automatically receive, collect, store, and analyze information that your device sends or transmits. This information may include information such as your device’s internet protocol (“IP”) address and location, device name and version, operating system type and version, language preferences, information you search for in the Application, access times and dates, and other statistics.

We may also use digital or device identifiers, cookies, and other applications on your device to collect the Personal Information.

Use Of Automatically Collected Personal Information

Automatically collected Personal Information is used only to identify potential cases of abuse and establish statistical information regarding the usage of the Application and Services. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the Application and Services.

User Choices

We respect your right to choose what Personal Information you want to share with us. As such, you can access and use some of the features of the Application and Services without telling us who you are or revealing any information by which someone could identify you as a specific, identifiable individual. If you choose not to provide us with your Personal Information, you may not be able to take advantage of some of the features in the Application and Services. Attempts to access some of the features offered in the Application require you to provide certain Personal Information (for example, your name and e-mail address). Users who are uncertain about what information is mandatory are welcome to contact us.

Privacy Of Children

We do not knowingly collect any Personal Information from children under the age of 18. If you are under the age of 18, please do not submit any Personal Information through the Application and Services.

If you have reason to believe that a child under the age of 18 has provided Personal Information to us through the Application and Services, please contact us to request that we delete that child’s Personal Information from our Services.

We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Privacy Policy by instructing their children never to provide Personal Information through the Application and Services without their permission. We also ask that all parents and legal guardians overseeing the care of children take the necessary precautions to ensure that their children are instructed to never give out Personal Information when online without their permission.

Use And Processing Of Collected Personal Information

We use Personal Information to operate, provide, develop, and improve the Mobile Application and Services that we offer you. The uses and processing of collected Personal Information include:

(i) Connecting donors and charities,
(ii) process payments (e.g., donations and service fees),
(iii) communicate with you,
(iv) provide recommendations,
(v) comply with our legal obligations,
(vi) potentially provide personalized advertisements,
(vii) create and manage user accounts,
(viii) send product and service updates, or
(ix) respond to inquiries and offer support—Run and operate the Application and Services.

We act as a data controller and a data processor when handling Personal Information, unless we have expressly entered into a data processing agreement with you, in which case you would be the data controller and we would be the data processor.

Our role may also differ depending on the specific situation involving Personal Information. We act in the capacity of a data controller when we ask you to submit your Personal Information that is necessary to ensure your access and use of the Application and Services. In such instances, we are a data controller because we determine the purposes and means of the processing of Personal Information. We act in the capacity of a data processor in situations when you submit, or we automatically collect Personal Information through the Application and Services. In such instances, the User providing Personal Information acts as a data controller.

Processing your Personal Information depends on how you interact with the Application and Services, where you are located in the world, and if one of the following applies: (i) you have given your consent for one or more specific purposes, (ii) provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof, (iii) processing is necessary for compliance with a legal obligation to which you are subject, (iv) processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us, or (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third-party.

Note that under some legislations we may be allowed to process information until you object to such processing by opting out, without having to rely on consent or any other of the legal bases. In any case, we will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Managing Information

You are able to delete certain Personal Information we have about you. The Personal Information you can delete may change as the Application and Services change. When you delete Personal Information, however, we may maintain a copy of the deleted or unrevised Personal Information in our records for the duration necessary to comply with our obligations to our affiliates and partners, and for the purposes described below. If you would like to delete your Personal Information or permanently delete your account, you can do so on the settings page of your account in the Application.

Disclosure Of Personal Information

Depending upon the requested Services (e.g., selected charity), requirements necessary to complete any transaction, or to provide any Service you have requested, we may share your Personal Information with our affiliates, contracted companies, and service providers (collectively, “Service Providers”) we rely upon to assist in the operation of the Application and Services available to you. We strive to work with Service Providers whose privacy policies are consistent with ours, or who agree to abide by our policies with respect to Personal Information, however, it is possible that they may have policies different from ours. We are committed to not sharing any personally identifiable information with unaffiliated third parties.

We attempt to contract with Service Providers that will not use or disclose your Personal Information except as necessary to perform services on our behalf, or to comply with legal requirements. We strive to provide our Service Providers with only the Personal Information they need in order to perform their designated functions or services, and we do not expressly authorize them to use or disclose any of the provided Personal Information for their own marketing or other purposes.

We may also disclose any Personal Information we collect, use or receive if required or permitted by law, such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Retention Of Information

We will retain and use your Personal Information as provided in this Privacy Policy for as long as your user account remains active, to enforce our agreements, resolve any disputes, and unless a longer retention period is required or permitted by law. We may use any aggregated data derived from or incorporating your Personal Information, including any updated or deleted Personal Information. However, we will strive not to use your Personal Information in a manner that would identify you personally. Once any retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification, and the right to data portability cannot be enforced after the expiration of a retention period.

Email Marketing

We may offer electronic newsletters or notifications to which you may voluntarily subscribe at any time. We are committed to keeping your e-mail address confidential and will not disclose your email address to any unaffiliated third parties except as allowed in this Privacy Policy or for the purposes of utilizing an affiliated third-party Service Provider. We will maintain Personal Information sent via e-mail in accordance with applicable laws and regulations.

In compliance with the CAN-SPAM Act, all e-mails sent from us will clearly identify us as the sender and will provide information on how to contact us. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will continue to receive essential transactional emails.

Links To Other Resources

The Application and Services may contain links to other resources that are not owned, nor controlled by us. Please be aware that we are not responsible for the privacy practices of such other resources or third parties. If you choose to click one of these links and leave the Application and Services, we strongly encourage you to read the privacy statements of each and every resource to understand the Personal Information they may collect.

Information Security

We secure the Personal Information you provide to us, or that we collect, on servers. These servers are housed in a controlled, secure environment, with protections designed to protect them from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in our control and custody.

Security Limitation

While we implement safeguards designed to protect your Personal Information, no security system is impenetrable. Additionally, due to the inherent nature and structure of the internet and networks (Ethernet and Wireless) we cannot guarantee that data, including your Personal Information, transmitted through the internet or while stored on our servers or otherwise in our care, is absolutely safe from intrusion by third parties. Therefore, while we strive to protect your Personal Information, you acknowledge and agree that: (i) there are security and privacy limitations of the Internet and networks that are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and the Application and Services cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third-party, despite best efforts.

As the security of Personal Information depends in part on the security of the device you use to communicate with us and the security you use to protect your credentials, please take appropriate measures to protect this information.

Data Breach

In the event we become aware that the security of the Application, our Services, or our servers has been compromised, or Users’ Personal Information has been disclosed to or accessed by unaffiliated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities, prior to contacting you. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the User because of the breach or if notice is otherwise required by law. Notices of a data breach will be sent by email.

Changes And Amendments

We reserve the right to modify this Privacy Policy, or its terms related to the Application and Services, at any time and at our sole discretion. Any modifications will be followed by one or more of the following: (i) an updated revision number located at the bottom of this page, (ii) posting of a notification in the Application, (iii) email notifications sent to the email address provided by Users. We reserve the right to provide notice to you in other ways. The means and timing of any notifications or issuance shall be at our sole discretion. Unless otherwise noted, updated versions of this Privacy Policy will be effective immediately upon their posting or issuance. Your continued use of the Application and Services after the posting or issuance of a revised Privacy Policy shall constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different than what was stated at the time your Personal Information was collected.

Acceptance Of This Privacy Policy

You acknowledge that you have read this Privacy Policy and agree to all its terms, conditions, and processes. By accessing and using the Application and Services, and submitting your Personal Information, you agree to be bound by this Privacy Policy. If you do not agree to abide by the terms of this Privacy Policy, you are not authorized to access or use the Application and Services.

Contacting Us

If you have any questions, concerns, or complaints regarding this Policy, the information we hold about you, or if you wish to exercise your rights, we encourage you to contact us using the details below:

support@cherrygiving.com

We will attempt to resolve complaints and disputes and make every reasonable effort to honor your wish to exercise your rights as quickly as possible and, in any event, within the timescales provided by applicable data protection laws.

Additional State-Specific Privacy Disclosures

The following disclosures fulfill state-specific privacy notice requirements under:

Collection under the California Privacy Rights Act,
Colorado Privacy Act,
Connecticut Data Privacy Act,
Utah Consumer Privacy Act, and
Virginia Consumer Data Protection Act.

Categories of personal information we collected

The personal information that we collect, or will collect from consumers in the twelve months prior to the effective date of this Disclosure, fall into the following categories established by the California Privacy Rights Act:

identifiers such as your name, alias, address, phone numbers, IP address, your account log-in information, or a government-issued identifier;
personal information, such as a credit card number or other payment information;
information that may reveal age, gender, race, sexual orientation, or other protected classifications;
commercial information (e.g., purchase and product searches);
internet or other electronic network activity information associated with your device and our application and services;
geolocation data, such as the location of your device or computer, which may in some cases constitute precise geolocation information, which we may collect to help us fulfill product/services delivery;
professional information (e.g., data you may provide us about your business); and
inference data (e.g., information about your purchase preference).

Categories of personal information disclosed for a business purpose

The personal information that we disclosed to third parties (as described in the Privacy Notice) about consumers for a business purpose in the twelve months prior to the effective date of this Disclosure falls into the following categories established by the California Privacy Rights Act:

identifiers such as your name, address, phone numbers, IP address, or a government identifier, for example if we use a third-party carrier to deliver/fulfill your order, or if we use a third-party service to verify your identity;
personal information (e.g., credit card number or other payment information if we use a third-party payment processor);
information that may reveal age, gender, race, sexual orientation, or other protected classification (e.g., if we use a third-party carrier to deliver/fulfill your order, or if we use a third-party service to verify your identity);
commercial information, such as the details of a product or service you purchased if a third-party service provider is assisting to provide that product or service to you;
internet or other electronic network activity information (e.g., if we use a service provider to help us gather crash reports for analyzing the health of our application and services);
geolocation data, which may constitute precise geolocation data (e.g., may be needed for providing a delivery partner the location of your business in order to deliver a product or service); and

Your Data Rights

You may have certain data rights under state privacy laws, including to request information about the collection of your personal information by us, to access your personal information in a portable format, and to correct or delete your personal information. If you wish to do any of these things, please contact us at support@cherrygiving.com. Additionally, you may have the right to opt out of the processing of your personal data for targeted advertising, as defined by the Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act, or the sharing of your personal information for cross-context behavioral advertising, as defined by the California Privacy Rights Act. To do so, please contact us at support@cherrygiving.com. If you enact the Global Privacy Control (GPC) opt-out signal on your browser, we will honor your opt-out preference accordingly.

You may also have the right to appeal the denial of any of these rights by submitting a form that will be provided to you if we deny a data request. Depending on your data choices, certain services may be limited or unavailable. To ensure the security of your account, we will generally ask you to verify your request using the contact information you have already provided.

No sale of personal information

In the twelve months prior to the effective date of this Disclosure, we have not sold any personal information of our customers, as those terms are defined under the California Privacy Rights Act.

California Privacy Rights Act Sensitive Personal Information Disclosure

We do not use or disclose sensitive personal information for any purpose not expressly permitted by the California Privacy Rights Act.

California Privacy Rights Act Retention Disclosure

We keep your personal information to enable your continued use of our application and services, for as long as it is required in order to fulfill the relevant purposes described in our Privacy Notice, as permitted or as may be required by law, or as otherwise communicated to you. For example, we retain your transaction history and what addresses you have shipped orders to, and to improve the relevance of products and content we recommend.

California Privacy Rights Act Non-discrimination Statement

We will not discriminate against any customers for exercising their rights under the California Privacy Rights Act.

De-identified Data Disclosure

California Privacy Rights Act, Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act: We may use de-identified data in some instances. We either maintain such data without attempting to re-identify it or treat such data as personal data subject to applicable law.

Colorado Privacy Act Profiling Disclosure

We do not engage in profiling customers in furtherance of automated decisions that produce legal or similarly significant effects, as those terms are defined under the Colorado Privacy Act.

This document was last updated on January 27, 2026.