Our Privacy Policy

Privacy Policy for www.mychange.com.

This Privacy Policy explains how personal information is collected and used from information you provide on our website, www.mychange.com, and the associated mobile application known as "MyChange" as owned and operated by GoodChange Incorporated. By using mychange.com and its related services (as defined by the Terms of Use or Terms of Service) you agree to be bound by the terms and conditions of this Privacy Policy, as it may be amended from time to time in the future (see "Change to this Policy" below).

MyChange is committed to maintaining the confidentiality, integrity and security of any personal information about our users. This Privacy Policy explains how we protect personal information provided through our website www.mychange.com (the "Site") and mobile app and how we use that information in connection with our service offered through the Site (the "Services"). "Personal information" for purposes of this Policy means information that identifies you, such as your name, address, phone number, or email address. Client uses third parties to gather End User’s data from financial institutions. By using our service, you grant our third-party provider the right, power, and authority to act on your behalf to access and transmit your personal and financial information from the relevant financial institution according to terms of our third-party provider’s privacy policy.

Personal Information Collected

We collect the following personal information from you:

  • Contact Information such as name, email address, phone number, and mailing address; and information required by election law such as employer, occupation, and place of business.
  • Billing Information such as credit card number, and billing address.
  • Financial Information such as login credentials to credit and debit card websites.
  • Unique Identifiers such as username and password.
  • Preferences Information such as marketing preferences, amount of Round Up, and notification preferences.

We also collect the following information from you:

  • Demographic information such as interests and zip code.
  • You may choose to provide us additional demographic information such as age, ethnicity, and gender.

When you download and use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or "UDID"). We do not collect your location-based information.

Information Sharing

We do not and will not sell or rent your personal information to anyone, for any reason, at any time. Only the organizations and candidates you Round Up for will receive your contact information, including your name, address, email, and for political contributions, any other information required by law (i.e. occupation, employer, and place of business). MyChange uses and discloses your personal information only as follows:

  • To the recipients of your donations or contributions in compliance with state and federal campaign and tax laws (see Terms of Use);
  • To analyze site usage and improve the Services;
  • To deliver to you any administrative notices, financial alerts and communications relevant to your use of the Services;
  • To fulfill your requests for donations and contributions;
  • For market research, project planning, troubleshooting problems, or detecting and protecting against error, fraud, or other criminal activity;
  • To third-party contractors that provide services to MyChange and are bound by these same privacy restrictions;
  • To enforce MyChange’s Terms of Use and Terms of Service; and as otherwise set forth in this Privacy Policy.

We may also disclose your personal information as required by law, such as to comply with regulatory inquiries or government requests, a subpoena, or similar legal process and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or to investigate fraud.

User Access and Choice

If the personal information on file for you changes, or if you no longer desire our service, you may correct, update, amend, delete/remove, or deactivate it by making the change on our user information page or by emailing us.

We will retain your personal information for as long as your account is active or as needed to provide you Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Cookies / Tracking Technologies

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We use cookies on this site. We do not link the information we store in cookies to any personally identifiable information you submit while on our site.

We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory.

If you reject cookies, you may still use our site, but your ability to use some areas of our site, such as contests or surveys, will be limited.

The use of cookies by our partners, affiliates, tracking utility company, service providers is not covered by our privacy statement. We do not have access or control over these cookies. Our partners, affiliates, tracking utility company, service providers use session ID cookies to make it easier for you to navigate our site.

We employ [or our third party advertising partner employs] a software technology called clear gifs (a.k.a. Web Beacons/Web Bugs), that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. We do not tie the information gathered by clear gifs to our customers’ personally identifiable information.

Changes to this Policy

We may update this Privacy Policy to reflect changes to our information and security practices. If we make any material changes we will notify you by email or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact Us

If you have any questions about our Privacy Policy, please contact us on the information below:

GoodChange Incorporated
225 Broadway, Suite 2625
New York, NY 10007

Last updated August 25, 2017

If you require any more information or have any questions about our privacy policy, please feel free to contact us by email at hello@mychange.com.


MyChange takes your security seriously. MyChange is built with America’s most trusted financial technologies.

Transaction Round Ups

MyChange utilizes “bank grade” security programs and is built with America’s most trusted financial technology, working with all of the largest banks, 9,000 smaller financial institutions and millions of consumers. Our financial partner meets the highest standards in data security, privacy, and regulatory compliance and maintains comprehensive security procedures, policies, controls, and reviews across every aspect of their technology.

We do not typically receive any information from data providers that is considered personally identifiable information (PII) under the relevant regulations. As a precaution, all sensitive information is encrypted, and decryption is only possible with dedicated hardware in our private network. Private keys are split and stored securely via both hardware and software encryption on a set of physical devices held by a small group of key custodians. A strict rotation schedule is maintained for all encryption keys.

Separate access controls are utilized for each security layer, and multi-factor authentication is required for any and all access to the financial infrastructure. Access to servers and infrastructure is logged and audited regularly with immediate alerts for changes in access patterns or file modifications. Strict control of inbound and outbound access is applied at all levels of the network. All infrastructure is scanned and patched regularly to reduce the risk of known vulnerabilities.

Merchant Service Provision

We are proud to work with Stripe, trusted by thousands of companies worldwide. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification.

A Trusted Track Record

Together, our financial technology partners are trusted by the following clients:

  • Acorns.com
  • Aetna
  • American Express
  • AOL
  • Bank of America
  • Bloomberg
  • Capital One
  • Charles Schwab
  • Chase
  • Citi
  • Digit.co
  • Dish
  • ESPN
  • Fidelity
  • Gatorade
  • Harvard Business School
  • Indiegogo
  • Instacart
  • Kickstarter
  • LinkedIn
  • Pepsico
  • PNC
  • Postmates
  • Scribd
  • Squarespace
  • TD Bank
  • VeriSign
  • Wells Fargo
  • Venmo

If you suspect that there has been any unauthorized activity on your account, please contact us immediately at support@mychange.com. We will contact you about unusual account activity for protection against fraud.