Chariot Giving Inc. (Chariot), a company marketing itself as a Donor Advised Fund (DAF) payment processor, has recently approached a number of nonprofit organizations regarding its services. As a result, Holland & Knight has received a range of questions about Chariot, including how their platform works, what are the legal implications of including their DAF payment button on an organization's website, what otherwise private information about donors and accounts do they access and collect, what can Chariot do with that information, and more.
With these questions in mind, we are providing the following background information, and answers to the most commonly asked questions and concerns.
Background
Chariot is an investor-backed, for-profit company that currently markets online payment technology solutions to nonprofit organizations. The technology embeds a "DAFpay" button (widget) into the nonprofit's donation website. The purpose of the widget is to "facilitate" grant requests by donors who have recommendation privileges from a charity that sponsors a DAF program. The widget makes the act of donating though a DAF appear seamless to the donor. At the same time, Chariot offers the recipient nonprofit a wide range of donor and account information that they would not otherwise receive with direct grants from a DAF program.
Donors who click on the DAFpay widget on a nonprofit's website are prompted to identify the DAF sponsor that administers their DAF account. The donor is prompted to enter their unique account credentials, and the widget then appears to serve as a pass-through to the DAF sponsor's online grant recommendation portal for the donor to make the grant request (as opposed to going to the DAF sponsor's secure website to make the grant request directly).
Once granted access, Chariot can "scrape" any and all information, including nonpublic information, about the DAF account holder, the DAF account itself and the DAF sponsor. Chariot can then provide such information to subscriber nonprofits and other third parties without express consent from the DAF sponsor or donor.
Privacy Concerns
When a donor logs into their DAF account and makes a grant recommendation via DAFpay, Chariot immediately obtains the donor's name, email address and a variety of other information. In other words, all information supplied by the donor or associated with the account is made available to Chariot, including confidential and proprietary information such as previous grant recommendations and amounts, total funds associated with the account, investment profile, and more.1
A donor can lose anonymity to Chariot, the recipient nonprofit and, potentially, third parties when they use DAFpay. DAF sponsors lose confidential information about their donors and donor accounts. Chariot can monitor and track grant recommendations and provide updates to nonprofit recipients.
cFAQs
Is DAFpay a payment processor like Stripe or PayPal?
No. Chariot and its widget, DAFpay, do not actually process any funds or facilitate the payment of funds. Chariot, among other activities, uses its technology to 1) create a direct link between a charity's donation page and a DAF sponsor enabling donors to make grant requests, and 2) both collects and sells data pertaining to grants made from DAFs.
Can a donor remain anonymous if they use DAFpay?
Generally, no. Chariot's website states that "DAFpay has been purposefully designed to mirror a seamless e-commerce experience with UX and UI that encourage non-anonymous giving. Every DAFpay gift requires an email address." While there may be some situations where DAFpay allows anonymous giving, it is not the default.
Have all DAF sponsors included in Chariot's widget consented to Chariot sharing information about their accounts and donors with third parties?
No. As of the date of this writing, Chariot does not have the consent of all DAF sponsors that it has included in its widget. Holland & Knight is not aware of any DAF sponsors who have granted Chariot the right to access their systems or DAF accounts.
Is it obvious to donors that they are granting Chariot access to a wide range of DAF account information, including login credentials, current balance, investment allocation and other information, via use of DAFpay?
No. There is no explicit disclosure at the time DAFpay is accessed by donors.
If a donor carefully reads the Privacy Policy on Chariot's website, they may become aware of these facts on a generalized level (e.g., "[w]e collect information from your DAF account to effect donations and offer tracking information to nonprofits about your gift.").
Are there any fees in connection with DAFpay?
It is our understanding that Chariot charges fees to the recipient nonprofit organizations hosting the DAFpay widget. Fees via integration partners are typically 2.9 percent, while various direct subscription plans are also available. These fees are in addition to any fees that are assessed by a DAF sponsor in connection with the DAF program.
Is DAFpay a financial aggregator like Plaid or Rocket Money?
Chariot purports that DAFpay is a secure aggregator similar to those seen in banking and other financial services contexts, namely a service provider that facilitates access to client accounts using client credentials. However, because DAF funds, investments and accounts are owned by nonprofit DAF sponsors, as opposed to donors, there are key distinctions between consumer financial aggregators and DAFpay.
Are there any specific security risks presented by the DAFpay service?
Yes. DAF sponsors' account credentials are shared with Chariot through the DAFpay widget. Chariot can access the DAF account and potentially other unrelated financial accounts accessible to the donor using the same credentials. Those credentials may then be compromised and/or misused. In addition, DAF (and other) account information obtained by Chariot may be knowingly or inadvertently made accessible to third parties who then can use or disclose the information, including for purposes that are potentially harmful to the donor or DAF sponsor.
What if a charity that sponsors a DAF program does not want to be included in Chariot's widget?
A charity that sponsors a DAF program may request that they be removed from the widget. If Chariot refuses to do so, then a DAF sponsor should seek legal advice as to its options.
Footnote
1. Donor and account information maintained on a sponsor's donor portal can vary from program to program.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.