Privacy Policy

Food Pantry Management System

Effective Date: April 27, 2026
Last Updated: April 27, 2026

Privacy-First Design

This system was built with privacy as the foundation. We collect only what's necessary to serve food pantry clients effectively, and we protect that data with industry-leading security measures.

Contents

1. Overview

The Food Pantry Management System is designed to help food pantries serve their communities while maintaining the highest standards of client privacy and data protection. This privacy policy explains how we collect, use, protect, and handle information in our system.

Key Principles:

  • Minimal Data Collection: We only collect information necessary for pantry operations
  • Strong Encryption: Sensitive data is encrypted both in transit and at rest
  • No Third-Party Sharing: Client data is never shared with external parties
  • User Control: Clients have rights to access, correct, and delete their information

2. Information We Collect

Client Information

Data Type Required Purpose Protection Level
Name Required Client identification and service delivery Standard encryption
Government ID Optional Prevent duplicate registrations SHA-256 hashed (irreversible)
Phone Number Optional Contact for appointment scheduling Standard encryption
Email Address Optional Digital communication preferences Standard encryption
Address Optional Service area verification Standard encryption
Household Size Required Appropriate food package sizing Standard encryption
Dietary Restrictions Optional Safe food distribution Standard encryption
Emergency Contact Optional Emergency situations only Standard encryption

System Usage Information

  • Visit Records: Date, time, package size, and volunteer information
  • Login Activity: Authentication logs for security purposes
  • System Interactions: Feature usage for system improvement
Important: Government IDs are processed through SHA-256 hashing, making them mathematically impossible to reverse. We cannot retrieve the original ID number from our system.

3. How We Use Information

Primary Uses

  • Service Delivery: Providing appropriate food packages to clients
  • Visit Tracking: Recording service history for operational planning
  • Safety Compliance: Ensuring dietary restrictions are respected
  • Operational Reporting: Anonymous statistics for funding and planning

We Do NOT Use Information For

  • Marketing or promotional purposes
  • Sharing with government agencies (unless legally required)
  • Selling or providing to third parties
  • Background checks or verification services
  • Any purpose unrelated to food pantry operations

4. Data Protection Measures

Technical Safeguards
  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • SHA-256 hashing for sensitive identifiers
  • Regular security updates and patches
  • Secure authentication with JWT tokens
  • Database access controls and monitoring
Administrative Safeguards
  • Role-based access controls
  • Regular staff training on privacy
  • Audit logs for all data access
  • Incident response procedures
  • Regular security assessments
  • Data backup and recovery plans
Security First: Our system meets or exceeds industry standards for healthcare and financial data protection.

5. Data Sharing and Disclosure

We Do NOT Share Personal Information

Client personal information is never shared with external parties, including:

  • Other food pantries or organizations
  • Government agencies (except when legally required)
  • Researchers or academic institutions
  • Marketing companies or data brokers
  • Technology vendors or service providers

Anonymous Statistical Reporting

We may share anonymous, aggregated statistics such as:

  • Total number of families served
  • General demographic trends (without identifying information)
  • Service usage patterns for operational improvement

Legal Requirements

We may be required to disclose information only in these limited circumstances:

  • Valid court orders or subpoenas
  • Legal compliance with applicable laws
  • Protection of safety in emergency situations

6. Your Privacy Rights

Right to Access

You can request to see all information we have about you, including visit history and personal details.

Right to Correct

You can request corrections to any inaccurate or incomplete information in your record.

Right to Delete

You can request deletion of your personal information, subject to operational and legal requirements.

Right to Export

You can request a copy of your data in a portable format for your own records or transfer.

How to Exercise Your Rights

Contact your local food pantry administrator or email privacy@ironcrestsoftware.com to make any privacy-related requests. We will respond within 30 days.

7. Data Retention

Data Type Retention Period Reason
Active Client Records While actively using services Ongoing service delivery
Inactive Client Records 3 years after last visit Operational planning and reporting
Visit History 7 years Audit requirements and trend analysis
System Logs 1 year Security monitoring and troubleshooting
Backup Data 90 days Disaster recovery

Secure Deletion: When data is deleted, it is securely overwritten using industry-standard methods to prevent recovery.

8. Contact Information

Privacy Questions

Email: privacy@ironcrestsoftware.com

Phone: 1-800-PANTRY-1

Response Time: Within 30 days

Technical Support

Email: support@ironcrestsoftware.com

Support Portal: Submit Request

Response Time: Within 24 hours

This privacy policy may be updated periodically. We will notify users of significant changes through the system and via email when possible.

Last Updated:
April 27, 2026