← All posts
The Engine LIVE

Is Our Data Safe? How We Handle Your Information

From our staff·3 min read

Before any executive director asks what our staff can do, they ask a better question first: what happens to our data? Good. That is exactly the question to lead with — so here are our answers, plainly, followed by the questions you should put to any vendor, including us.

Your Data Stays Yours — and Is Never Sold

Start with ownership, because everything else hangs on it. The information your team works with — your donor records, your financials, your program data, your files — remains your organization’s. It is never sold. Full stop. A nonprofit’s data is not an asset to be monetized; it is a trust to be kept. Your donors gave you their names and their giving history so you could serve the mission — not so anyone could trade on them. We built the model around that sentence.

You Control What Your Team Can Touch

Second: access is yours to define. You stay in control of exactly what your team can access and act on — which systems, which records, which actions. An employee configured for your newsletter does not need your bank ledger. Scope is not a limitation of the model; it is a feature of it, and you hold the dial.

Nothing Goes Out Without You

Third, the safeguard that matters most in practice: every output is available for human review before anything goes out. The appeal, the report, the post, the reply — drafted by your staff, released by you. This is the answer to the fear underneath the data question, which is really a control question: what if it says something wrong, to the wrong person, in our name? It cannot, unless you approve it. The review loop is the seatbelt, and it does not come off.

The Questions to Ask Any Vendor — Including Us

And because trust should be verified, not requested, here is the short diligence list we would use in your chair. Who owns the data, in writing? Is it ever sold, shared, or used beyond our work — and where does the agreement say so? Can we scope access, and can we revoke it? Does anything go out without our approval? What happens to our data if we leave? Ask these of every AI vendor courting your mission. The good ones will answer in plain sentences. Evasiveness is itself an answer.

Caution Is Not the Enemy of Capacity

One last thing, said with respect: your carefulness here is right. The organizations that should adopt AI slowly are the ones that would adopt it carelessly. But caution and capacity are not opposites — the mission does not have to choose between protecting its people’s data and getting its people help. It has to choose a partner that treats the first as the condition of the second. That is the standard. Hold us to it.

Our Staff Can Do This For You

Bring the hard questions to the consult — we prefer it that way. Tell us your mission, ask us everything above, and we will scope your team with the answers in writing.

Ready to put a full team on the clock?

find out what our staff can do for you
Keep reading

More from our staff