At Avid, we know how important trust is in fundraising. Your donors share their most personal details with you; you’re trusting us to safeguard them. That’s a responsibility we take seriously.
We go to great lengths to protect your data. Avid is fully SOC 2 compliant, and every decision we make about security and AI is grounded in strict ethical guidelines. You can always see the details for yourself in our Trust Center.
We’ve also committed to the Responsible and Beneficial AI for Fundraising framework created by Fundraising.AI. It’s one more way we hold ourselves accountable to using AI in ways that serve fundraisers first.
What donor data does Avid access?
The data Avid works with depends on what you choose to provide and which integrations you’re using. Typically, this includes donor information and transaction history.
This matters because it allows us to help you see both historical and current trends, segment your audiences more effectively, and report with clarity.
You’re always in control of what you share; the only trade-off is that limiting data may limit the features you can use. All of your data is stored securely, separated from other organizations, and protected under our SOC 2 compliance.
How does Avid use our donor data?
You own your data. Avid uses it only to give you insights and help you act on them.
That might look like:
- Audience segmentation inside Avid
- Securely pushing data (if you choose) to your systems for personalization, ad spend optimization, or targeted segmentation
When we sync data to third-party systems, we use hashing—a one-way encryption method—so your donor data can only be used for secure matching.
What does “hashing” mean, and how does Avid use it securely?
Hashing converts identifiable information (like email addresses or phone numbers) into a random string of characters using a mathematical algorithm. It can’t be reversed to reveal the original data.
When Avid connects to third-party advertising platforms—like Facebook (Meta) or Google Ads—we hash your data before it ever leaves our systems. Those platforms then compare the hashed version to their own encrypted data to create secure matches for audience targeting.
That means your donor data is never shared in raw form, and it’s never visible to the advertising platform or any other advertiser.
How is data stored or protected once it’s sent to third-party advertising platforms?
Data transferred to advertising platforms is:
- Encrypted in transit (protected as it moves from Avid to the destination platform)
- Hashed before it’s sent, meaning the platform only receives an encrypted, anonymized version
- Controlled and authorized by you—Avid only transmits data to the platforms you’ve explicitly connected and approved
Once the data reaches the platform, it is stored according to that platform’s own data-at-rest policies (e.g., Facebook, Google). These platforms maintain their own security and compliance frameworks, which include encryption and strict access controls.
How secure is data sent to Avid through integrations such as SFTP?
Avid's SFTP (Secure File Transfer Protocol) integration uses modern cryptographic algorithms and elliptic-curve cryptography over SSHv2 to protect your data.
Files are encrypted in transit and at rest with strong mutual authentication, integrity protection, and perfect forward secrecy. The integration provides secure write-only upload to your organization-specific account and is built on a widely trusted, industry-standard file transfer protocol. Like all Avid integrations, SFTP is covered by our SOC 2 audits, and you can see real-time compliance status in our Trust Center.
Does Avid use data clean rooms?
Not in the traditional sense. Avid isolates every client’s data from all others as part of our SOC 2 compliance framework.
Before any data is used outside of your protected environment, it is either:
- Anonymized (for benchmarks)
- Hashed (for ad platforms)
- Encrypted (for first-party integrations you authorize)
In short, your data never leaves its secure environment without encryption or explicit authorization.
Will our data ever be shared with other Avid users?
No. Your data is yours alone. It’s never sold or shared with other organizations.
The only feature that uses cross-client data is Avid Benchmarks. Benchmarks are built from pre-anonymized, aggregate data that cannot be traced back to any specific organization or donor. They give you valuable context on how your fundraising compares to peers. If you prefer, you can opt out—but you’ll lose access to those insights.
Does Avid use my data to train AI models?
No. Avid keeps a strict separation of client data, even in our AI tools.
Your constituent data never gets sent to AI models—ours or anyone else’s. When AI is used for explainability, we rely only on aggregated data, never raw donor information. For content generation or recommendations, we use organizational context and fundraising knowledge, not your donor files.
Any training data is anonymous and focused on patterns and trends, not identifiable donor details.
Is Avid GDPR compliant?
Avid is SOC 2 Type II compliant, but we are not GDPR certified and do not enter into GDPR-based Data Processing Agreements (DPAs) or Standard Contractual Clauses (SCCs).
If your organization must comply with GDPR, you can still use Avid in a way that fits your policies. Many organizations choose to operate in an “insights-only” mode—analyzing giving trends and campaign performance—without transmitting personally identifiable data.
While it’s technically possible to hash or minimize certain fields (like names or emails), under GDPR, hashed data is still considered personal data if it can be used to identify an individual. We recommend consulting your own legal counsel to determine what’s acceptable under your internal policies.
Our commitment to you
Fundraising is built on trust. You can trust that:
You always retain ownership of your data Your donor information stays private and protected Our use of AI is responsible, ethical, and transparent
We design Avid to give you clarity and confidence, so you can focus on building stronger relationships with your donors.
For a deeper look at our security practices, visit our Trust Center.