Last updated: April 24, 2026
Welcome to SimplyRaffle. By using our service, you agree to these terms. SimplyRaffle is a Software-as-a-Service (SaaS) platform that helps nonprofits, churches, schools, corporate parties, employee groups, galas, and other organizations run fair raffles online, in-person, or both — from setup to live draw.
License grant: Subject to your compliance with these terms, SimplyRaffle grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the platform for your lawful event purposes. This license terminates automatically if you breach these terms or if your account is terminated.
Intellectual property: SimplyRaffle retains all right, title, and interest in and to the platform, including its software, design, audit-log mechanism, documentation, brand, and any improvements or derivative works. You retain ownership of the content you upload — organization name, logos, prize descriptions, participant rosters, and similar material — and by uploading that content, you grant SimplyRaffle a limited, worldwide license to host, display, and process it solely as needed to provide the service. No rights are granted to you in any SimplyRaffle intellectual property beyond the limited use license above.
Operator identification: SimplyRaffle is operated as a sole proprietorship by its founder, based in San Francisco, California, USA. The same operator conducts separate software activities under other trade names; however, personal data collected through SimplyRaffle is processed solely for SimplyRaffle purposes and is not shared with, transferred to, or accessible from any other product or brand operated by the same individual. Operationally, this means: separate tenant slugs, separate customer rosters, separate event data; shared infrastructure components (such as transactional-email account, container registry, and deploy tooling) are scoped by tenant identifier so cross-product exposure is not possible at the application layer. If you have questions about data isolation across the operator's products, email [email protected].
We take privacy seriously. As a tool built for community organizers, we adhere to these principles:
SimplyRaffle is designed for use by adult event organizers. We do not knowingly collect personal information from children under 13. When a raffle involves participants under 13 (such as school events), the organizing adult is solely responsible for obtaining verifiable parental consent before submitting any child's information. If we learn that we have inadvertently collected personal information from a child under 13, we will promptly delete that data. Contact us at [email protected] if you believe we hold such data. AI features and incidental imagery: Prize photos submitted by organizers for the optional "Generate from photo" feature (see AI-Assisted Features above) may incidentally include images of minors present at school or community events. Organizers operating school or youth-organization events who use the AI prize-description feature represent that they have any applicable authorization (including parental consent under COPPA where required, and FERPA / state student-data-privacy compliance where applicable) to transmit imagery that may capture minors to a third-party AI processor. If your institutional policies or applicable law prohibit transmission of such images to AI services, do not use the AI prize-description feature; descriptions can always be entered manually.
If you are a California resident, you have the right to: (a) know what personal information we collect and how it is used; (b) request correction of inaccurate personal information; (c) request deletion of your personal information; (d) opt out of the sale or sharing of personal information — though we never sell or share personal data for cross-context behavioral advertising. We will not discriminate against you for exercising these rights. To exercise any of these rights, email [email protected]. We will respond within 45 days as required by law.
SimplyRaffle is operated from the United States. If you are located outside the US, please be aware that any data you provide will be transferred to and processed in the United States. The specific hosting infrastructure depends on your plan: paid-tier events run on Railway (us-east region); Community (free) events run on SimplyRaffle-operated infrastructure in San Francisco, California, fronted by Cloudflare Tunnel. Both environments are within the United States; SimplyRaffle does not transfer personal data outside the US. Cross-border transfers rely on the EU-US Data Privacy Framework where applicable, with Standard Contractual Clauses (Commission Decision 2021/914) as a fallback — see the Subprocessors section below for the per-vendor list. Under the General Data Protection Regulation, you have the right to access, rectify, correct, erase, restrict processing of, object to processing of, or receive a portable copy of your personal data. We will respond to verified requests within one month, as required by Article 12(3). To exercise these rights, contact [email protected]. Notwithstanding the governing-law clause in Section 8, EU/UK residents retain the right to bring claims before their local courts as provided under applicable consumer protection law. SimplyRaffle does not currently actively solicit customers located in the EU or UK; this section addresses the rights of any EU/UK individuals whose data is processed incidentally (for example, via a US-based organizer's event participant list). When SimplyRaffle begins active EU/UK institutional outreach, this section and the EU Representative subsection below will be updated accordingly.
Lawful basis for processing (GDPR Article 6): SimplyRaffle processes personal data under the following legal bases — (a) Contract performance: to provision the event, deliver the platform, send raffle communications, and run the draw the organizer purchased. (b) Legitimate interests: for abuse prevention via IP logging, transactional security monitoring, and ensuring service integrity. (c) Legal obligation: to retain financial records and respond to lawful government requests. (d) Consent: where explicitly given (for example, opting in to non-essential communications). Participants are added to a raffle by the organizer; the organizer represents that it has a lawful basis — whether contractual (paid ticket), member-relationship, or organizer-collected consent — for adding each participant.
(a) Auto-Delete mode (default). All event data — organizer contact information, participant roster (names, emails, ticket allocations), draw records, and audit logs — is retained for the duration of your event plus 45 days, then permanently deleted from production systems. Backups containing this data are retained for an additional 30 days, then permanently overwritten. Walk-up entry consent text for events in this mode reads "your information will be deleted after the event."
(b) Retain mode (operator-selected). For organizers required by their bylaws, accreditation body, raffle-permit law, or other legal obligation to keep contest records, retention mode may be set to retain. In this mode the automatic 45-day deletion is suspended and event data persists until you request deletion, change the mode back to auto-delete, or close your account. Walk-up entry consent text in this mode reads "you consent to [OrganizerName] receiving your contact information." Organizers in retain mode are responsible for managing their own retention obligations, including any deletion requests received from participants and applicable storage-limitation requirements (GDPR Article 5(1)(e), CCPA, and any sector-specific rules).
Community (free) accounts that go inactive — no logins, no setup progress, no draw run — receive a reminder email regardless of mode. If there is still no activity within a short grace period after the reminder, the account and any associated data are permanently deleted. You may request deletion at any time by emailing [email protected].
To operate SimplyRaffle, we use the following subprocessors. Each is bound by their own terms and privacy policies; we share only the minimum data each needs.
Always-engaged subprocessors (every event):
Conditional hosting subprocessors (which is used depends on your plan tier):
AI subprocessors (only engaged when the corresponding optional feature is used):
All subprocessors maintain appropriate technical and organizational security measures (Art. 32 GDPR). Cross-border transfers from the EU/EEA/UK/Switzerland to the United States rely primarily on the EU-US Data Privacy Framework (DPF) Article 45 adequacy decision for vendors that hold active certification (Stripe, Resend, Cloudflare, Railway, Google LLC for Gemini API), with Standard Contractual Clauses (Commission Decision 2021/914) as a fallback mechanism via each subprocessor's published DPA. Anthropic (Claude Sonnet) currently relies on SCCs Module 2 incorporated into Anthropic's commercial terms; SimplyRaffle monitors Anthropic's DPF status and will update this section upon certification. For Community-tier data on operator-managed infrastructure in San Francisco, no third-party transfer occurs — data remains within the United States on SimplyRaffle's own infrastructure, governed by Module 2 SCCs between Controller and SimplyRaffle for EU-originating transfers.
Data Processing Agreements: When SimplyRaffle operates a raffle on behalf of an institutional organizer (school district, diocese, EU-based nonprofit), SimplyRaffle acts as a data processor under GDPR Article 28 and the customer is the data controller. A formal Article 28 DPA incorporating SCC Module 2 (controller-to-processor) is available to institutional buyers on request. Subprocessor onward transfers are governed by SCC Module 3 (processor-to-subprocessor) flows in each subprocessor's own DPA. To request a DPA, email [email protected]; we aim to respond within 5 business days. A template DPA is published at /dpa-template.html for reference.
SimplyRaffle is established in the United States. Where Article 27 GDPR requires a non-EU operator that systematically offers services to EU data subjects to designate an in-EU representative, SimplyRaffle has identified candidate providers (EDPO, VeraSafe) and will appoint a representative before active EU institutional outreach (estimated cost €1,500–2,500/year). EU data subjects may, in the meantime, contact [email protected] directly, and we will respond within Article 12(3)’s one-month window. Once the representative is appointed, their name and EU address will be published in this section.
The SimplyRaffle marketing site (simplyraffle.com) uses minimal browser storage: a small amount of session-scoped state for navigation (mobile menu open/closed) and a footer-year value computed at page load. No third-party tracking cookies, no advertising pixels, no analytics tags that build a cross-site profile. The application backend (where active raffles run) uses functional cookies for session authentication and CSRF protection — necessary for the platform to operate — and otherwise applies the same minimal-storage posture. If we add any non-essential cookies in the future, we will obtain consent in compliance with applicable law (GDPR, ePrivacy Directive, CCPA).
SimplyRaffle offers three optional AI-assisted features. All are opt-in per use: they are only invoked when an organizer actively triggers them. Manual entry, standard CSV import, and the standard (non-conversational) Setup Wizard never send any data to AI subprocessors.
Both AI subprocessors (Google LLC and Anthropic, PBC) are in the United States. EU/UK organizers should be aware that any image, file, or text description submitted to these features is transmitted to US-based AI processors under the cross-border transfer mechanisms described above. Neither AI subprocessor retains submitted content beyond a short trust-and-safety window (typically <= 30 days). No automated decisions producing legal or similarly significant effects (GDPR Article 22) are made by any of these features — all AI output is presented to the organizer for review and is editable before persistence. If your organization's policies prohibit transmission of images, rosters, or event descriptions to third-party AI services, do not use these features; the platform is fully usable without them (manual entry, CSV import, and the standard Setup Wizard all work AI-free).
While we strive for reliable uptime during your events, SimplyRaffle is provided “as is” and “as available” without warranties of any kind, whether express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
Limitation of liability: To the maximum extent permitted by applicable law, SimplyRaffle and its owner shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses resulting from: (a) your use of or inability to use the service; (b) any unauthorized access to or alteration of your data; (c) service interruptions, bugs, or errors; or (d) any other matter relating to the service. In no event shall our total aggregate liability exceed the amount you have paid us in the twelve (12) months preceding the claim.
Draw outcomes: SimplyRaffle makes no warranty regarding any particular outcome of a draw. The platform generates draws using a cryptographically seeded random number generator; the selection of any specific participant as a winner or non-winner is not grounds for a refund, dispute, or claim against SimplyRaffle.
Indemnification: You agree to indemnify and hold harmless SimplyRaffle and its owner from and against any claims, damages, losses, liabilities, and expenses (including reasonable attorney’s fees) arising out of or related to: (a) your use of the service; (b) your violation of these terms; (c) your violation of any applicable law or regulation, including raffle and gambling laws; or (d) your organization’s collection of participant data without proper consent.
Force majeure: SimplyRaffle shall not be liable for any delay, failure to perform, or service interruption caused by circumstances beyond our reasonable control, including but not limited to: internet outages, infrastructure or cloud-provider failures, third-party service interruptions (Stripe, Resend, Cloudflare, Railway), denial-of-service attacks, natural disasters, government actions, labor disturbances, or other events of force majeure. We will use commercially reasonable efforts to restore service and communicate with affected organizers when such events occur.
Important:
SimplyRaffle provides software to manage raffle entries, prizes, and randomly select winners. We do not provide legal advice, nor do we verify the legality of your raffle.
Raffles are regulated at the state, county, and municipal levels across the United States. Laws vary significantly by jurisdiction — some require permits, some restrict prize values, and some prohibit certain types of raffles entirely. It is the sole responsibility of your organization to ensure that your event complies with all applicable local laws, including obtaining any necessary gambling or raffle permits before distributing tickets.
By submitting the event intake form, you represent and warrant that: (a) your raffle event complies with all applicable federal, state, and local laws; (b) you have obtained any required permits or licenses; and (c) you are an authorized representative of a legitimate organization (nonprofit, school, church, community group, or similar entity) eligible to conduct raffles under your jurisdiction’s laws.
SimplyRaffle offers tiered pricing based on participant count. Payments are processed securely through Stripe. We do not store your credit card information.
Community (free) tier: Intended as a single-event trial. Includes one raffle draw per 365-day period, up to 30 participants per raffle, with email sends capped at 50/day and 500/month. Community accounts must remain in active use to stay on the platform. If a Community account sits inactive — no logins, no setup progress, no draw run — we will send a reminder email. If there is still no activity within a short grace period after that reminder, the account and any associated data will be permanently deleted. This keeps the platform clean for active users. Participant limits on the Community tier are strictly enforced (unlike paid tiers, where small overages are tolerated).
Community tier — payment method on file: Community signup requires you to provide a payment method to verify you are a human user and to prevent automated abuse. The payment method is stored by Stripe using a SetupIntent; SimplyRaffle does not receive, store, or process raw card data. We commit not to charge this payment method without your explicit, subsequent authorization (for example, when you choose to upgrade to a paid plan). Upon account deletion, the payment-method association is removed from Stripe.
Paid tiers: Basic (up to 100 participants, $9/event), Starter (up to 250 participants, $49/event), and Pro (up to 500 participants, $99/event). Annual plans bundle 13 events per year at the same per-event caps. Participant limits on paid plans are soft — small overages are tolerated.
Refund policy: Paid plans include a 14-day money-back guarantee from the date of purchase. If you have not run any draws on your event, a full refund is available within 14 days — no questions asked, emailed to [email protected]. Exception: if your event has already taken place within the 14-day window and a draw has been run, the service has been substantially delivered and refunds are at our discretion. Approved refunds are processed via Stripe and typically appear on your statement within 5–10 business days. Annual Memberships are eligible for the same 14-day money-back guarantee from purchase, provided no draws have been run during the 14-day window. After 14 days, Annual Memberships are non-refundable. No partial or pro-rata refunds are issued for unused events within an Annual Membership period, except at SimplyRaffle's sole discretion in extraordinary circumstances. Unused events do not roll over to the following membership year.
Payment processing: All payments are processed securely through Stripe. We do not store credit card information. Stripe Checkout Sessions are single-use; each paid event requires a new checkout.
After completing signup, your event is provisioned automatically — typically ready within 5–10 minutes. You’ll receive an email with your admin link once it’s live.
You agree not to use SimplyRaffle for any unlawful purpose, to distribute malicious content, to attempt to compromise the security of our platform, or to interfere with other users' events. We reserve the right to suspend or terminate accounts that violate these terms.
Participant data is collected for the raffle, not for marketing: Participant email addresses and any other personal information collected through a SimplyRaffle event are for the purpose of that event — entry verification, raffle communications, and draw results. Organizers may not use participant contact information for subsequent marketing, promotional, or commercial messaging unrelated to the raffle without obtaining separate, affirmative consent from each participant as required by applicable law. This includes (but is not limited to) the U.S. CAN-SPAM Act, the Telephone Consumer Protection Act (TCPA), state mini-TCPA statutes (Florida, Washington, Oklahoma), and the EU ePrivacy Directive. A raffle entry is not, by itself, prior express written consent for marketing communications. The organizer is solely responsible for any required consent collection, suppression lists, and unsubscribe mechanisms if exporting and using participant data for marketing purposes after the event.
Walk-up entry consent text: Where SimplyRaffle displays a consent notice to walk-up participants at the point of entry (Kiosk Mode / Ticket Table), the default consent text is determined automatically by the organizer's configured data-retention mode: events in Auto-Delete mode display "your information will be deleted after the event"; events in Retain mode display "you consent to [OrganizerName] receiving your contact information." Organizers may customize the consent text, but must ensure it accurately reflects their actual data practices. Displaying a deletion-commitment notice while operating in Retain mode, or using participant contact information in a manner inconsistent with the displayed consent, is a violation of these Terms and may constitute a violation of applicable privacy law. The organizer bears sole responsibility for the legal adequacy of any customized consent text under applicable law (GDPR Article 6 lawful basis, CCPA notice-at-collection, CAN-SPAM, state mini-TCPA statutes, EU ePrivacy Directive).
Account termination: For non-payment, SimplyRaffle will provide written notice 10 days before suspension. For policy violations, SimplyRaffle may suspend or terminate accounts without prior notice. Upon termination, organizers may request an export of their event data within 30 days; thereafter, data is deleted in accordance with the retention policy in Section 2. Refunds for unused Annual Membership events upon termination-for-cause are at our discretion. Community (free) accounts may be reclaimed or deleted at any time in accordance with the inactivity procedures described in Sections 2 (Organizer Data) and 5 (Community tier — payment method on file), without additional notice beyond what is described in those sections.
We may update these terms from time to time to reflect changes in our service, pricing, legal requirements, or business practices. When we make a material change, we will update the “Last updated” date at the top of this page. For significant changes affecting existing customers (for example, changes to data handling, refund policy, or pricing of active subscriptions), we will notify you by email to the address on file. Continued use of SimplyRaffle after a terms update constitutes acceptance of the updated terms. If you do not agree with a change, you may request deletion of your account as described in the Organizer Data section.
These terms are governed by the laws of the State of California, United States, without regard to its conflict-of-law principles. Any dispute arising out of or relating to these terms or your use of SimplyRaffle shall be resolved exclusively in the state or federal courts located in California, and you consent to the personal jurisdiction of those courts.
If any provision of these terms is found to be unenforceable, the remaining provisions will remain in full effect. Our failure to enforce any right or provision does not constitute a waiver of that right.
Questions about these terms? Contact us at [email protected].