L

Learn AI

Track progress · learn offline

Open

Lesson 6 of 6

Donor data, privacy & governance

7 min read

A supporter gave you their name, their gift, and their home address — for the cause. Where does that data go the moment you paste it into a chatbot?

What you paste can be kept

A public AI tool is not a private filing cabinet. What you type in can be stored, used to improve the model, or saved to memory and history — so a donor's details pasted into the box may leave your organization's control. That's the risk of data leakage. The good news: those are mostly settings you control — and the safest habit is to not paste identifying donor data into a public tool at all.

Retention is a set of choices you own. Turn training, memory, and history to private and a chat keeps nothing — but the surest protection is not pasting donor data in the first place.

A little governance goes a long way

You don't need a legal department to be responsible. De-identify data before you use it — strip names and addresses when the task doesn't need them. Agree a simple team rule for what may go into which tool, use an approved tool for anything sensitive, and be honest with supporters about how you use AI. That's governance at nonprofit scale: a few clear habits that protect the trust your work depends on.

Governance isn't bureaucracy here — it's a short, shared rule: de-identify, use approved tools, be transparent. Small habits, big protection.

Deleting the chat afterwards does not un-send the data — once a donor's details are pasted into a public tool, assume they're out of your hands. The decision that matters is the one before you hit enter.

The shape of it

A colleague wants to paste your full donor list into a public AI tool to "tidy it up". What do you say?

Continue in the app

Take the whole AI for Nonprofits course — tracked

Get your personalized path, progress and streaks in the app — this lesson and every next one, in order.