Privacy Policy

Your privacy matters. Learn how The Baker Project protects and handles your information with transparency and care.

Our Commitment to Privacy

The Baker Project is a nonprofit initiative dedicated to democratizing access to employee ownership information. We believe that your privacy is fundamental to building trust, and we're committed to protecting your personal information with the highest standards of care and transparency.

This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights regarding your data. We encourage you to read this policy carefully.

Last Updated: February 2025

Key Privacy Highlights

  • Modeler runs entirely in your browser - financial data never leaves your device
  • We only collect essential account information
  • We never sell your data or share it with advisors without your explicit consent
  • You can export or delete your data at any time
  • As a nonprofit, we have no incentive to monetize your information

Information We Collect

Account Information

When you create an account, we collect:

  • Email address (required) - Used for account login, password recovery, and optional communications
  • Password (encrypted) - Stored using industry-standard bcrypt hashing, never stored in plain text
  • First name (optional) - Used to personalize your experience
  • Company name (optional) - Helps us understand user demographics but is never shared

Modeler Data

When you use the ESOP Illustrative Modeler, the financial inputs and results are:

  • Processed client-side - All calculations happen in your browser using JavaScript
  • Optionally saved to your account - If you choose to save scenarios, we store them encrypted in our database
  • Never shared - Your financial data is never transmitted to third parties

Usage Information

We automatically collect:

  • Log data - IP address, browser type, device type, pages visited, timestamps
  • Cookies - Session cookies for authentication and preference cookies for settings (see Cookies section below)
  • Analytics - Aggregated, anonymized usage patterns to improve the platform

How We Use Your Information

We use the information we collect to:

  • Provide and improve our tools - Maintain account access, save your progress, and enhance user experience
  • Communicate with you - Send password reset emails, important updates, and (if opted in) educational content about employee ownership
  • Ensure security - Detect and prevent fraud, abuse, and unauthorized access
  • Understand usage patterns - Analyze aggregated data to improve tools and develop new features
  • Comply with legal obligations - Respond to legal requests or prevent illegal activities

What We Don't Do

  • We don't sell your data. As a nonprofit, we have no business model based on data monetization.
  • We don't share with advisors unless you ask. Your information is never shared with ESOP advisors, consultants, or lenders without your explicit consent.
  • We don't track you across the web. We don't use third-party advertising networks or tracking pixels.

Data Storage and Security

How We Protect Your Data

We implement industry-standard security measures:

  • Encryption in transit - All data transmitted between your browser and our servers uses HTTPS/TLS encryption
  • Encryption at rest - Sensitive data stored in our database is encrypted
  • Password security - Passwords are hashed using bcrypt with salt, never stored in plain text
  • Access controls - Limited personnel access with multi-factor authentication required
  • Regular security audits - Periodic reviews of our infrastructure and code

Data Retention

We retain your account information and saved calculator scenarios for as long as your account is active. If you delete your account, we permanently remove your personal data within 30 days, except for:

  • Anonymized usage data for research and platform improvement
  • Data required for legal compliance (e.g., tax records, fraud prevention)

Third-Party Services

We use a limited number of trusted third-party services to operate our platform:

Database Hosting

MongoDB Atlas - Stores account information and saved scenarios. Data is encrypted and stored in secure data centers.

Email Services

We use email service providers for transactional emails (password resets, account notifications) and optional newsletters.

Analytics

We may use privacy-focused analytics tools to understand how users interact with our platform. Data is anonymized and aggregated.

All third-party services are selected based on their privacy practices and data protection standards. We have data processing agreements in place with these providers.

Your Privacy Rights

You have the following rights regarding your personal data:

Access and Portability

You can access and export all your personal data and saved calculator scenarios at any time through your account settings. Data is provided in JSON format.

Correction

You can update your account information (name, email, password) through your profile settings at any time.

Deletion

You can delete your account and all associated data through the account settings page. This action is permanent and cannot be undone. We will remove all personal data within 30 days.

Opt-Out of Communications

You can unsubscribe from optional emails (newsletters, tips) at any time using the unsubscribe link in emails or by updating your email preferences in settings. You cannot opt out of essential transactional emails (password resets, security alerts).

Do Not Sell My Information

As a nonprofit, we do not and will never sell your personal information. This right is automatically respected.

Modeler Privacy Details

Maximum Privacy by Design

The ESOP Illustrative Modeler is designed with privacy-first principles. All financial calculations occur entirely in your browser using JavaScript. Your company valuation, EBITDA, financing details, and tax scenarios never leave your device unless you explicitly choose to save them to your account.

How It Works

  • Client-side calculations - The calculator runs entirely in your browser. No financial data is transmitted to our servers during use.
  • Optional saving - You can choose to save scenarios to your account for later access. This requires an account and encrypts the data before storage.
  • Local storage fallback - If you're not logged in, calculator progress is temporarily stored in your browser's local storage and never transmitted.
  • PDF export - When you export results as PDF, the document is generated in your browser and saved directly to your device. No data is sent to our servers.

Cookies and Tracking

We use cookies for essential functionality and user preferences:

Essential Cookies

Required for the platform to function:

  • Authentication - Keeps you logged in between page loads
  • Security - Protects against cross-site request forgery (CSRF) attacks

Preference Cookies

Remember your settings and choices:

  • Display preferences - Theme, layout, dismissed notices
  • Modeler settings - Default values, saved scenarios list

You can control cookies through your browser settings, but disabling essential cookies may impact functionality.

Children's Privacy

The Baker Project is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately, and we will delete the information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or new features. We will notify you of significant changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Sending an email notification if you've opted in to communications
  • Displaying a notice on the platform

Your continued use of The Baker Project after changes take effect constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

The Baker Project Privacy Team

Email: privacy@bakerproject.org

We will respond to all privacy inquiries within 30 days.

Questions About Employee Ownership?

Ready to explore ESOP options for your company? Visit our Resources section or try the ESOP Illustrative Modeler.