Legal & Privacy

The documents that govern your use of PineconeAI.

Last updated: March 14, 2026

Terms of Service

Introduction

These Terms of Service ("Terms") govern your use of PineconeAI, a payments and donor management platform operated by ShadowUmbrella, LLC ("Company," "we," "us," or "our"), a Delaware limited liability company doing business as PineconeAI.

By creating an account, accessing, or using PineconeAI in any capacity, you ("Organization," "you," or "your") agree to be bound by these Terms, our Privacy Policy, Acceptable Use Policy, Data Processing terms, and Cookie Policy (collectively, the "Agreement"). If you do not agree to any part of this Agreement, do not use our services.

By using PineconeAI, you represent and warrant that you have the legal authority to bind your organization to this Agreement and that your organization is a tax-exempt entity recognized under Section 501(c) of the Internal Revenue Code or an equivalent classification under applicable law.

Payment processing is provided by Stripe, Inc. ("Stripe"). Your use of PineconeAI is also subject to Stripe's Services Agreement and Stripe's Privacy Policy.

1. Service Description

PineconeAI provides a payments platform and donor management toolset that enables tax-exempt organizations to:

• Accept donations, membership dues, event payments, sponsorships, and retail payments online and in-person
• Manage donor, member, and supporter records
• Automate membership renewals, recurring donations, and pledge payment schedules
• Recover failed payments through Stripe's native retry and card update mechanisms
• Generate reports and analytics on giving and revenue activity
• Sync payment and donor data with third-party integrations (e.g., Mailchimp, QuickBooks Online)

PineconeAI is not a payment processor, bank, money transmitter, or financial institution. All payment processing is provided by Stripe through our integration as a Stripe Connect platform application. PineconeAI does not hold, escrow, or otherwise manage your funds at any time.

2. Stripe Connect

To use PineconeAI's payment features, you must connect or create a Stripe account. By doing so, you agree to be bound by:

• Stripe's Services Agreement
• Stripe's Connected Account Agreement
• Stripe's Privacy Policy

You authorize PineconeAI to create and manage a Stripe connected account on your behalf and to instruct Stripe to process payments, issue refunds, and transfer funds to your designated bank account.

Your organization is the merchant of record for all transactions processed through PineconeAI. You are responsible for compliance with all applicable laws, regulations, card network rules, and Stripe's terms of service in connection with your use of the platform.

3. Third-Party Integrations

PineconeAI offers optional integrations with third-party services to extend the platform's functionality. By enabling an integration, you authorize PineconeAI to transmit your Organization Data to the applicable third-party service in accordance with this Agreement. Your use of each third-party integration is also subject to that provider's own terms and privacy policy:

• Mailchimp (Intuit): Mailchimp Standard Terms of Use and Mailchimp Privacy Policy
• QuickBooks Online (Intuit): QuickBooks Terms of Service and Intuit Privacy Statement

PineconeAI is not responsible for the practices, availability, or security of third-party integration services. You are responsible for reviewing and accepting the terms and privacy policies of any third-party service you connect to your PineconeAI account. Additional integrations may be made available from time to time, and the applicable third-party terms will be identified at the point of activation.

4. Account Registration and Security

To use PineconeAI, you must:

• Provide accurate and complete registration information
• Maintain the confidentiality and security of your account credentials
• Promptly update any changes to your organization's information
• Notify us immediately of any unauthorized access to your account

You may invite additional users to your organization's account. You are responsible for all activity that occurs under your account and for the actions of any users you authorize, including compliance with this Agreement.

5. Fees and Payment

Platform Fee. PineconeAI charges a platform fee of 3% on each successful transaction processed through the platform. This fee is the sole compensation paid by you to PineconeAI for use of the platform and its features.

Payment Processing Fee. Stripe charges a separate fee for payment processing. For organizations that qualify for Stripe's non-profit discount, the rate is approximately 2.2% + $0.30 per transaction. Organizations that do not qualify for Stripe's non-profit rate will be charged Stripe's standard processing rate (currently 2.9% + $0.30 per transaction). Stripe determines non-profit pricing eligibility in its sole discretion based on your organization's tax-exempt status.

Fee Collection. Platform fees and payment processing fees are deducted automatically by Stripe from each transaction before funds are transferred to your designated bank account. PineconeAI does not invoice you separately for platform fees.

Fee Coverage. When a donor or member elects to cover processing fees at checkout, the additional amount collected is applied to offset both the platform fee and the Stripe processing fee, so that your organization retains the full intended donation or payment amount.

No Hidden Fees. There are no monthly subscription fees, annual fees, per-seat fees, setup fees, onboarding fees, minimum transaction volume requirements, or feature-gating fees. You pay nothing unless you process a transaction.

Volume Adjustments. At higher processing volumes, the platform fee may be adjusted or capped at a mutually agreed rate. Any such adjustment will be documented in writing between you and PineconeAI.

Fee Changes. We reserve the right to modify our platform fee with at least sixty (60) days' prior written notice to you. Any fee change will apply only to transactions processed after the effective date of the change. If you do not agree to a fee change, you may terminate your account before the effective date.

6. Your Responsibilities

You agree to:

• Use PineconeAI only for lawful purposes consistent with your organization's tax-exempt mission
• Provide accurate and truthful information to donors, members, and supporters about how their contributions will be used
• Comply with all applicable federal, state, and local laws and regulations, including tax regulations governing charitable contributions, membership dues, and sales tax
• Issue appropriate receipts, acknowledgments, and tax documentation to donors and members as required by law
• Maintain the confidentiality of donor and member information in accordance with your own privacy policy and applicable law
• Respond promptly to donor and member inquiries, complaints, and refund requests
• Ensure that all users authorized to access your PineconeAI account comply with this Agreement
• Maintain a current and accurate privacy policy that discloses your data collection and use practices to donors and members

7. Refunds

Refund policies are determined and managed by your organization. You are responsible for establishing, communicating, and honoring your own refund policies for donations, membership payments, event tickets, retail purchases, and any other transactions processed through PineconeAI. PineconeAI will facilitate the technical processing of refunds through Stripe on your instruction, but we are not a party to disputes between you and your donors, members, or customers.

When a refund is issued, Stripe's processing fee may not be returned. The PineconeAI platform fee associated with the original transaction will be refunded to your organization.

8. Data Ownership and Privacy

Your Data. You retain full ownership of all donor, member, supporter, and transaction data you collect through PineconeAI ("Organization Data"). We process Organization Data solely on your behalf and at your direction in order to provide and improve our services.

Our Use of Data. We may use aggregated, anonymized, and de-identified data that cannot reasonably be used to identify any individual or organization to improve our platform, conduct research, and develop new features. We will not sell, rent, license, or share your Organization Data with third parties except (a) as necessary to provide our services (e.g., transmitting data to Stripe for payment processing, syncing data with integrations you have enabled), (b) as required by law, regulation, or legal process, or (c) with your prior written consent.

Data Export. You may export your Organization Data at any time through the platform's export functionality in standard formats (CSV, JSON, Excel). We will not restrict or charge for data export.

Data Portability. Upon request, we will provide reasonable assistance to facilitate the migration of your Organization Data to another platform or service, subject to technical feasibility.

Privacy. Our collection and use of personal information is further described in our Privacy Policy below. You are responsible for maintaining your own privacy policy that accurately describes how your organization collects, uses, and discloses donor and member information.

9. Intellectual Property

PineconeAI and all associated trademarks, service marks, logos, trade names, and content are the property of ShadowUmbrella, LLC. You may not use our trademarks, logos, or trade names without our prior written consent.

You grant us a limited, non-exclusive, revocable license to use your organization's name and logo solely for the purposes of (a) providing services under this Agreement and (b) with your permission, identifying you as a PineconeAI customer in marketing materials.

You retain all rights to any content, materials, or data you upload, submit, or transmit through PineconeAI.

10. Disclaimers

PINECONAI IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.

WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, TIMELY, ERROR-FREE, OR COMPLETELY SECURE. WE DO NOT WARRANT THAT DEFECTS WILL BE CORRECTED OR THAT THE SERVICE IS FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS.

WE ARE NOT RESPONSIBLE FOR ANY ERRORS, OMISSIONS, OR INACCURACIES IN CONTENT PROVIDED BY YOU, YOUR DONORS, OR THIRD PARTIES. WE DO NOT PROVIDE LEGAL, TAX, OR FINANCIAL ADVICE, AND NOTHING IN OUR PLATFORM OR COMMUNICATIONS SHOULD BE CONSTRUED AS SUCH.

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SHADOWUMBRELLA, LLC AND ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, AND LICENSORS SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUE, DATA, GOODWILL, OR BUSINESS OPPORTUNITY, WHETHER INCURRED DIRECTLY OR INDIRECTLY, REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

OUR TOTAL AGGREGATE LIABILITY FOR ANY AND ALL CLAIMS ARISING FROM OR RELATED TO THIS AGREEMENT OR YOUR USE OF PINECONAI SHALL NOT EXCEED THE TOTAL AMOUNT OF PLATFORM FEES ACTUALLY PAID BY YOU TO US IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

THE LIMITATIONS IN THIS SECTION APPLY TO THE FULLEST EXTENT PERMITTED BY LAW, INCLUDING IN CIRCUMSTANCES WHERE THE REMEDIES PROVIDED UNDER THIS AGREEMENT FAIL OF THEIR ESSENTIAL PURPOSE.

12. Indemnification

You agree to indemnify, defend, and hold harmless ShadowUmbrella, LLC, its officers, directors, employees, agents, affiliates, and licensors from and against any and all claims, demands, actions, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees and court costs) arising from or related to:

• Your use of PineconeAI or any activity under your account
• Your breach of any provision of this Agreement
• Your violation of any applicable law, regulation, or third-party right
• Any dispute, claim, or cause of action between you and a donor, member, supporter, or customer
• Any content, data, or materials you upload, submit, or transmit through PineconeAI

13. Term and Termination

Term. This Agreement is effective upon your acceptance and remains in effect until terminated by either party.

Termination by You. You may close your account and terminate this Agreement at any time by contacting us through the platform or our Contact page. Termination does not relieve you of any obligation to pay fees incurred prior to termination, including fees on transactions already processed.

Termination by Us. We may suspend or terminate your account and access to PineconeAI, in whole or in part, if (a) you materially breach this Agreement and fail to cure the breach within fifteen (15) days after receiving written notice, (b) your Stripe account is terminated or suspended by Stripe, (c) we are required to do so by law, regulation, or legal process, (d) we reasonably believe your use of PineconeAI poses a risk of harm to us, our platform, or third parties, or (e) we discontinue the PineconeAI service. We will provide at least thirty (30) days' written notice of termination except where immediate suspension or termination is necessary to prevent harm or comply with legal obligations.

Effect of Termination. Upon termination: (a) your right to access and use PineconeAI will cease; (b) you may export your Organization Data for thirty (30) days following termination, after which we may delete it; (c) Stripe will continue to process any pending payouts in accordance with Stripe's procedures and your Stripe account terms; (d) the following sections shall survive termination: Sections 8 (Data Ownership), 10 (Disclaimers), 11 (Limitation of Liability), 12 (Indemnification), 15 (Dispute Resolution), 16 (Governing Law), and 17 (General Provisions).

14. Modifications to Terms

We may modify these Terms from time to time. We will provide you with written notice of material changes (via email to the address associated with your account or through the platform) at least thirty (30) days before they take effect. Non-material changes (such as correcting typographical errors or clarifying existing provisions) may take effect immediately upon posting.

Your continued use of PineconeAI after the effective date of any modification constitutes your acceptance of the modified Terms. If you do not agree to the modified Terms, you must terminate your account before the effective date.

15. Dispute Resolution

Informal Resolution. Before initiating formal proceedings, either party agrees to attempt to resolve any dispute informally by contacting the other party in writing and engaging in good-faith negotiations for a period of at least thirty (30) days.

Binding Arbitration. Any dispute, claim, or controversy arising from or relating to this Agreement or your use of PineconeAI that cannot be resolved informally shall be resolved through binding arbitration administered by the American Arbitration Association ("AAA") in accordance with its Commercial Arbitration Rules. The arbitration shall take place in Wilmington, Delaware, or remotely at the mutual agreement of the parties. The arbitrator's decision shall be final and binding and may be entered as a judgment in any court of competent jurisdiction.

Class Action Waiver. You agree to resolve disputes with us on an individual basis only. You waive any right to participate in a class action lawsuit, class-wide arbitration, or any other representative proceeding against ShadowUmbrella, LLC.

Exceptions. Either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent the actual or threatened infringement or misappropriation of intellectual property rights.

16. Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of law principles. To the extent that litigation is permitted under this Agreement, you consent to the exclusive jurisdiction and venue of the state and federal courts located in Wilmington, Delaware.

17. General Provisions

Entire Agreement. This Agreement, together with the Privacy Policy, Acceptable Use Policy, Data Processing terms, and Cookie Policy, constitutes the entire agreement between you and ShadowUmbrella, LLC with respect to the subject matter hereof and supersedes all prior or contemporaneous communications, proposals, and agreements, whether oral or written.

Severability. If any provision of this Agreement is found to be invalid, illegal, or unenforceable by a court of competent jurisdiction, the remaining provisions shall continue in full force and effect. The invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable while preserving its original intent.

Waiver. Our failure to exercise or enforce any right or provision of this Agreement shall not constitute a waiver of that right or provision. A waiver of any provision shall be effective only if made in writing and signed by us.

Assignment. You may not assign, transfer, or delegate this Agreement or any of your rights or obligations hereunder without our prior written consent. We may assign this Agreement in connection with a merger, acquisition, reorganization, or sale of all or substantially all of our assets, provided the assignee agrees to be bound by the terms of this Agreement. Any purported assignment in violation of this section is void.

Force Majeure. Neither party shall be liable for any failure or delay in performance resulting from causes beyond its reasonable control, including but not limited to acts of God, natural disasters, epidemics, pandemics, war, terrorism, government actions, power failures, internet disruptions, or failures of third-party service providers (including Stripe).

Notices. All notices under this Agreement shall be in writing and shall be deemed delivered when sent to the email address associated with your PineconeAI account (for notices to you) or through our Contact page (for notices to us).

No Third-Party Beneficiaries. This Agreement does not create any third-party beneficiary rights in any individual or entity that is not a party to this Agreement.

Relationship of Parties. Nothing in this Agreement creates a partnership, joint venture, agency, or employment relationship between you and ShadowUmbrella, LLC.

Headings. Section headings are for convenience only and shall not affect the interpretation of this Agreement.

Acceptable Use Policy

This Acceptable Use Policy ("AUP") is incorporated into and forms part of the Terms of Service. Capitalized terms not defined herein have the meanings set forth in the Terms of Service.

Permitted Use

PineconeAI is designed for use by tax-exempt organizations recognized under Section 501(c) of the Internal Revenue Code, including but not limited to 501(c)(3) charitable organizations, 501(c)(4) social welfare organizations, 501(c)(5) labor and agricultural organizations, 501(c)(6) business leagues and chambers of commerce, and 501(c)(7) social and recreational clubs, as well as organizations with equivalent tax-exempt status under applicable law.

You may use PineconeAI solely for lawful activities consistent with your organization's tax-exempt purpose, including processing donations, membership dues, event payments, sponsorships, and retail sales.

Prohibited Uses

You may not use PineconeAI to:

• Process payments on behalf of organizations that are not legitimate tax-exempt entities or that have had their tax-exempt status revoked
• Accept donations or payments for illegal, fraudulent, or deceptive purposes
• Misrepresent your organization, its mission, its tax-exempt status, or the intended use of funds
• Process transactions that violate card network rules, Stripe's Acceptable Use Policy, or any applicable law or regulation
• Transmit, upload, or distribute malware, viruses, ransomware, or other harmful or malicious code
• Attempt to gain unauthorized access to our systems, networks, servers, or the accounts of other users
• Interfere with, disrupt, or degrade the performance or security of PineconeAI or its infrastructure
• Use PineconeAI to send unsolicited communications (spam) or to harvest personal information without consent
• Resell, sublicense, or redistribute PineconeAI services or access without our prior written consent
• Use PineconeAI in any manner that could expose ShadowUmbrella, LLC, Stripe, or their partners to legal liability

Enforcement

We reserve the right to investigate any suspected violation of this AUP. If we determine, in our sole but reasonable discretion, that a violation has occurred, we may take any action we deem appropriate, including issuing a warning, suspending your access, or terminating your account in accordance with the Terms of Service.

Privacy Policy

This Privacy Policy describes how ShadowUmbrella, LLC ("Company," "we," "us," or "our"), operating as PineconeAI, collects, uses, shares, and protects personal information in connection with our website (pineconepayments.com), our platform (app.pineconepayments.com), and our related services.

By using our services, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use our services.

1. Information We Collect

Information You Provide. We collect personal information that you voluntarily provide to us, including:

• Account registration information (name, email address, phone number, organization name, job title)
• Organization details (tax-exempt status, EIN, mailing address)
• Payment and banking information (collected and processed by Stripe; we do not store credit card numbers)
• Communications you send to us (support requests, feedback, emails)
• Information submitted through contact forms, sign-up processes, or demo requests

Information Collected Automatically. When you visit our website or use our platform, we automatically collect certain technical information, including:

• IP address and approximate geographic location
• Browser type, version, and language preferences
• Device type, operating system, and screen resolution
• Pages visited, time spent on pages, and navigation paths
• Referring URL and search terms
• Cookies and similar tracking technologies (see our Cookie Policy below)

Information from Third Parties. We may receive information about you from third-party services that you connect to PineconeAI (e.g., Stripe, Mailchimp, QuickBooks Online), but only to the extent necessary to provide the integrations you have enabled.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Providing Services: To operate, maintain, and improve PineconeAI, process transactions, manage your account, and deliver the features and functionality you request
• Communication: To respond to your inquiries, provide customer support, send service-related notices (such as updates, security alerts, and account notifications), and communicate about new features or product updates
• Analytics and Improvement: To analyze usage patterns, monitor platform performance, diagnose technical issues, and improve the quality and usability of our services
• Security: To detect, prevent, and address fraud, abuse, security incidents, and technical issues
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests
• Marketing: If you opt into marketing communications, we may use your email address to send newsletters, product updates, or event invitations. You may opt out at any time.

We will never sell your personal information to third parties.

3. How We Share Your Information

We share personal information only in the following circumstances:

• Service Providers: With third-party vendors and service providers who perform services on our behalf (e.g., Stripe for payment processing, AWS for hosting, Mailchimp and QuickBooks Online for integrations you enable). These providers are contractually obligated to use your information only for the purposes of providing services to us and in accordance with this Privacy Policy.
• Legal Requirements: When required by law, regulation, subpoena, court order, or other legal process, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, the safety of others, or to investigate fraud or a security incident.
• Business Transfers: In connection with a merger, acquisition, reorganization, bankruptcy, or sale of all or substantially all of our assets, your information may be transferred as part of the transaction. We will provide notice of any such transfer and any choices you may have regarding your information.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

We do not share, sell, rent, or trade your personal information with third parties for their own marketing purposes.

4. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request that we correct inaccurate or incomplete personal information
• Deletion: Request that we delete your personal information, subject to certain legal exceptions
• Portability: Request that we provide your personal information in a structured, commonly used, and machine-readable format
• Restriction: Request that we restrict the processing of your personal information in certain circumstances
• Objection: Object to our processing of your personal information for certain purposes
• Withdraw Consent: Where processing is based on consent, withdraw your consent at any time without affecting the lawfulness of prior processing
• Opt Out of Marketing: Opt out of marketing communications at any time using the unsubscribe link in our emails or by contacting us directly

To exercise any of these rights, please contact us through our Contact page. We will respond to your request within thirty (30) days, or as required by applicable law.

5. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with additional rights regarding your personal information, including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale or sharing of personal information.

We do not sell or share (as defined under the CCPA/CPRA) your personal information. To exercise your rights under California law, please contact us through our Contact page.

6. Security

We take the security of your information seriously and implement commercially reasonable technical and organizational safeguards to protect it from unauthorized access, disclosure, alteration, or destruction. These measures include encryption in transit and at rest, secure access controls, regular security reviews, and monitoring of our systems.

All payment data is collected, transmitted, and stored by Stripe, a PCI-DSS Level 1 certified payment processor. PineconeAI does not store credit card numbers, bank account numbers, or other sensitive payment credentials on our systems.

While no system is entirely immune to risk, we are committed to continually improving our security practices. If you become aware of a security vulnerability or incident, please contact us immediately through our Contact page.

7. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes described in this Privacy Policy, including to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements.

When your account is terminated, we will retain your Organization Data for thirty (30) days to allow you to export it. After the retention period, we will delete or anonymize your personal information, except where retention is required by law.

8. International Users

PineconeAI is operated from the United States. If you access our services from outside the United States, you understand and consent to the transfer of your personal information to the United States, where data protection laws may differ from those in your jurisdiction.

9. Children's Privacy

PineconeAI is not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us through our Contact page.

10. Third-Party Links and Services

Our website and platform may contain links to third-party websites, services, and applications that are not operated or controlled by ShadowUmbrella, LLC. This Privacy Policy applies only to our website and services. We are not responsible for the privacy practices, content, or security of third-party sites. We encourage you to review the privacy policies of any third-party services before providing them with your personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service offerings. When we make material changes, we will update the "Last updated" date at the top of this page and provide notice by email or through the platform. We encourage you to review this page periodically.

Data Processing

This section describes how PineconeAI processes Organization Data on your behalf and forms part of the Agreement.

1. Roles

When you use PineconeAI to collect and manage donor, member, and transaction data, your organization acts as the data controller (or equivalent under applicable law), and ShadowUmbrella, LLC acts as the data processor. We process Organization Data solely on your behalf and in accordance with your instructions as expressed through your use of the platform and this Agreement.

2. Processing Scope

We process Organization Data only for the following purposes:

• Operating and providing PineconeAI's features and functionality
• Processing payments through Stripe on your instruction
• Sending transactional emails on your behalf (receipts, renewal reminders, membership confirmations)
• Syncing data with third-party integrations you have enabled (e.g., Mailchimp, QuickBooks Online)
• Providing customer support and troubleshooting at your request
• Maintaining the security and integrity of the platform

3. Sub-Processors

We use the following categories of sub-processors to provide our services:

CategoryProviderPurposePayment ProcessingStripe, Inc.Transaction processing, fraud prevention, fund transfersCloud InfrastructureAmazon Web Services (AWS)Platform hosting, data storage, computeEmail DeliveryAmazon Simple Email Service (SES)Transactional email deliveryMarketing IntegrationMailchimp (Intuit)Donor/member sync when enabled by youAccounting IntegrationQuickBooks Online (Intuit)Payment/financial data sync when enabled by you

We will provide you with notice before engaging any new sub-processor that processes Organization Data. You may object to a new sub-processor by contacting us within fifteen (15) days of receiving notice.

4. Data Security Measures

We maintain commercially reasonable technical and organizational measures to protect Organization Data, including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Access controls limiting data access to authorized personnel
• Regular security monitoring and incident detection
• Secure development practices and code review processes

5. Data Breach Notification

In the event of a confirmed data breach affecting Organization Data, we will notify you without undue delay (and in any event within seventy-two (72) hours of confirmation) and provide you with information about the nature of the breach, the categories of data affected, and the measures we have taken or propose to take in response.

6. Data Return and Deletion

Upon termination of your account, you may export your Organization Data for thirty (30) days. After the export period, we will delete Organization Data from our active systems within a commercially reasonable timeframe, except where retention is required by law or for legitimate business purposes (such as maintaining records of financial transactions for tax and audit purposes).

Residual copies of Organization Data may exist in encrypted backups for a limited period and will be deleted in accordance with our standard backup rotation schedule.

Cookie Policy

This Cookie Policy explains how ShadowUmbrella, LLC ("Company," "we," "us," or "our") uses cookies and similar technologies on the PineconeAI website (pineconepayments.com) and platform (app.pineconepayments.com).

By continuing to use our website, you consent to our use of cookies as described in this policy. You can manage your cookie preferences at any time using the methods described below.

What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, or mobile phone) when you visit a website. They help websites recognize your device and remember information about your visit, such as your preferences and actions.

Similar technologies include pixels, web beacons, and local storage, which function in comparable ways to collect and store information.

Types of Cookies We Use

Essential Cookies. These cookies are necessary for the website and platform to function properly. They enable core features such as authentication, session management, security, and accessibility. You cannot opt out of essential cookies, as the service cannot operate without them.

CookiePurposeDurationsession_idMaintains your authenticated login sessionSessioncsrf_tokenProtects against cross-site request forgery attacksSessioncookie_consentRemembers your cookie preferences1 year

Analytics Cookies. These cookies help us understand how visitors interact with our website by collecting anonymous, aggregated information about pages visited, time spent on the site, and errors encountered.

CookieProviderPurposeDuration_gaGoogle AnalyticsDistinguishes unique visitors2 yearsga*Google AnalyticsMaintains session state2 years_gidGoogle AnalyticsDistinguishes unique visitors24 hours

We use Google Analytics to analyze website traffic. Google's privacy policy is available at https://policies.google.com/privacy.

Functional Cookies. These cookies enable enhanced functionality and personalization, such as remembering your preferences or form inputs. If you disable these cookies, some features may not function as intended.

CookiePurposeDurationpreferred_languageRemembers your language preference1 yearform_dataTemporarily stores form input during a sessionSession

Marketing Cookies. We do not currently use marketing or advertising cookies. If this changes, we will update this policy and obtain your consent before placing marketing cookies.

Third-Party Cookies

Some cookies are placed by third-party services that appear on our pages. We do not control these cookies.

ProviderPurposePrivacy PolicyGoogle AnalyticsWebsite analyticspolicies.google.com/privacyWebflowWebsite hostingwebflow.com/legal/privacyStripeSecure payment processing and fraud preventionstripe.com/privacy

When you use PineconeAI's payment features, Stripe may place cookies to enable secure payment processing and fraud prevention. These cookies are governed by Stripe's privacy policy.

How to Manage Cookies

Browser Settings. Most browsers allow you to refuse or delete cookies through their settings:

• Chrome: Settings > Privacy and Security > Cookies
• Firefox: Settings > Privacy & Security > Cookies
• Safari: Preferences > Privacy > Cookies
• Edge: Settings > Privacy & Security > Cookies

Disabling cookies may affect the functionality of our website and platform.

Google Analytics Opt-Out. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Do Not Track. Some browsers offer a "Do Not Track" signal. We respond to Do Not Track signals by disabling non-essential analytics cookies.

Cookies on the PineconeAI Platform

When you log in to the PineconeAI platform (app.pineconepayments.com), we use additional cookies to maintain your authenticated session, remember your organization and user preferences, and enable secure access to donor and payment data. These are essential cookies required for the platform to function and are not used for tracking or advertising purposes.

Updates to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in technology, legislation, or our practices. When we make changes, we will update the "Last updated" date at the top of this page. For material changes, we will provide notice through our website or by email.

Questions?

If you have questions about this Agreement or any of its component policies, please contact us through our Contact page.

PineconeAI is developed and owned by ShadowUmbrella, LLC. All rights reserved. ShadowUmbrella, LLC — through PineconeAI — provides software and integrations for non-profit and tax-exempt organizations; it is not a payment processor, bank, or money transmitter. Payments are processed by Stripe and governed by Stripe's terms, schedules, and fees. Use of this site constitutes acceptance of our Terms of Service, Privacy Policy, Acceptable Use Policy, and Cookie Policy. Trademarks belong to their respective owners.

‍