"IWHF", "we", "our", and "us" refer to the International Women's Health Fund platform, currently operated by Elle International NPC, a South African nonprofit company. IWHF operates a global intelligence platform for the women's-health capital ecosystem, comprising a public dashboard, a Founder Portal for grant-seekers, a Donor Desk for foundations, sovereign programs, and pharma portfolios, an editorial briefing service, and supporting APIs (together, the "Services"). Formal contracting details, invoicing entity details, and service address are provided in the applicable Order Form, invoice, or written agreement.
By creating an account, accessing the Services, or subscribing to the editorial briefing, you accept these Terms. If you accept on behalf of an organisation, you confirm you have authority to bind that organisation, and "you" means both you personally and that organisation. If you do not have that authority, or you do not accept these Terms, you must not use the Services.
You must be at least 18 years old (or the age of legal majority in your jurisdiction, if higher) to create an account. The Services are designed for organisational use and are not directed at children. If we become aware that we hold personal data of a person under 16 collected without an appropriate lawful basis, we will delete it.
You may register a free Observer account or a paid tier (Pro, Institutional, Enterprise) on the Founder Portal, or a Donor Desk plan via the order page or a separately negotiated Order Form. Each paying customer is provisioned as an "organisation" (the "Org") within our multi-tenant architecture. Content you submit is scoped to your Org and is not visible to other Orgs except through cross-tenant flows you explicitly opt into (for example, submitting an application to a published RFP).
You are responsible for safeguarding your credentials and for all activity under your account. Notify security@iwhf.org promptly if you suspect unauthorised access.
Pricing, billing currency, seat count, and feature inclusion are set out on the order page or in your Order Form. All fees are exclusive of applicable taxes, which we will add at the prevailing rate where required by law. Subscriptions renew automatically at the end of each billing cycle unless you cancel through the Founder Portal billing centre or by emailing billing@iwhf.org at least one billing cycle in advance (or the longer period set out in your Order Form).
Payments in South African Rand are processed by Paystack Payments Limited. Payments in United States Dollars are (or, where the rail is being activated, will be) processed by PayPal, Inc. You authorise us and the applicable processor to charge the agreed fees to your chosen payment method. Failed payments may result in suspension of the Services after reasonable notice.
Refunds are governed by the Refund Policy in Section 3.
Your use of the Services is governed by the Acceptable Use Policy in Section 5, which is incorporated by reference. Material breach of the Acceptable Use Policy may result in suspension or termination under Section 1.16.
The Founder Portal and Donor Desk include assistive AI workflows for drafts, eligibility matches, reviewer summaries, and signal interpretation. You acknowledge that:
We do not use your private content to train foundation models. Aggregated, de-identified usage statistics may inform Service improvements.
IWHF Materials. The Services, including the funder graph, editorial content, workflow prompts, methodologies, trademarks, and software, are owned by IWHF or its licensors. Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Services as permitted by your subscription tier.
Your Content. You retain ownership of content you submit (organisation profile, prior wins, drafts, applications, reviews, portfolio entries). You grant IWHF a worldwide, royalty-free, sub-licensable (only to our sub-processors as listed in Section 7) licence to host, process, transmit, display, and back up your content as necessary to operate the Services for you.
Editorial outputs. IWHF's editorial outputs are © IWHF and are licensed to subscribers for internal organisational use. Republication, redistribution, or external use beyond fair-dealing/fair-use exceptions requires written permission from editor@iwhf.org.
Feedback. If you send us suggestions or feedback, you grant us a perpetual, irrevocable, royalty-free licence to use that feedback for any purpose without obligation to you.
If you are a Donor Desk customer:
Our processing of personal data is described in the Privacy Policy in Section 2. Where we process personal data on your behalf as a processor (notably for Donor Desk applicant data), the Data Processing Addendum in Section 6 applies and is incorporated by reference. Donor Desk Orgs must accept the DPA before any RFP is published.
Pro and Institutional subscriptions include best-efforts support during UK business hours via support@iwhf.org. Enterprise and Donor Desk contracts include the SLA terms set out in the relevant Order Form, including uptime, response, and resolution targets. Planned maintenance windows are notified at least 72 hours in advance via the status page and to billing contacts on file.
IWHF maintains editorial independence over the Friday briefing, newsroom, quarterly flagship reports, and any sponsored-research outputs. Sponsored research carries the editorial-independence clause as a non-negotiable schedule, the Editor-in-Chief signs every editorial publication, and funder relationships are disclosed in the published output. The full disclosure framework is in Section 8.
We warrant that we will provide the Services with reasonable skill and care and in accordance with the description in this Section 1. Except for that warranty and any warranties that cannot be excluded by applicable law, the Services are provided "as is" and "as available". To the maximum extent permitted by law, we disclaim all other warranties, express, implied, statutory, or otherwise, including any implied warranties of merchantability, fitness for a particular purpose, non-infringement, and any warranty arising out of course of dealing or trade usage.
We do not warrant that the Services will be uninterrupted, error-free, or that AI-generated outputs will be free from inaccuracy. The funder graph and editorial outputs are an aid to decision-making, not a substitute for your own professional judgement.
To the maximum extent permitted by applicable law:
Exceptions. Nothing in these Terms limits or excludes either party's liability for: death or personal injury caused by negligence; fraud or fraudulent misrepresentation; any liability that cannot be limited or excluded under applicable law; your obligation to pay fees due; or breach of the Acceptable Use Policy or confidentiality obligations.
If you are a consumer in the European Union, the United Kingdom, or any other jurisdiction whose law grants you non-waivable rights, the limitations above apply only to the extent permitted by that law, and your statutory consumer rights are unaffected.
You will defend, indemnify, and hold harmless IWHF, its affiliates, and their respective directors, officers, employees, and representatives from and against any third-party claim arising out of (a) your breach of these Terms or the Acceptable Use Policy, (b) your unlawful use of the Services, or (c) your infringement of any third party's intellectual property or privacy rights through content you submit. We will promptly notify you of any such claim, give you reasonable cooperation, and not settle without your consent (not to be unreasonably withheld).
We will defend you from and against any third-party claim that the Services as provided by us and used in accordance with these Terms infringe that third party's intellectual property rights, and will indemnify you for amounts finally awarded by a court of competent jurisdiction or paid in settlement we approve. This obligation does not apply to claims arising from your content, your modifications, your combination of the Services with non-IWHF products, or your continued use of an allegedly infringing version after we have provided a non-infringing alternative.
These Terms begin when you first accept them and continue until your account is closed. Either party may terminate for material breach if the breach is not cured within 30 days of written notice. We may suspend the Services immediately where required by law, to protect the Services or other users, or for non-payment after notice.
On termination, your right to access the Services ends. You may export your content for 30 days after termination using the in-product export tools; thereafter we may delete your content in accordance with the Privacy Policy. Sections that by their nature should survive termination (including IP, confidentiality, indemnities, limitations of liability, dispute resolution, and accrued payment obligations) will survive.
These Terms are governed by the laws of the Republic of South Africa, without regard to its conflict-of-laws rules. The parties submit to the non-exclusive jurisdiction of the competent courts of South Africa for any dispute arising out of or in connection with these Terms, subject to any mandatory consumer or data-protection rights that apply in your jurisdiction.
Consumer carve-out. If you are a consumer resident in the European Union, the United Kingdom, Switzerland, or another jurisdiction whose law grants you mandatory court-jurisdiction rights, you may also bring proceedings in the courts of your country of residence, and the mandatory consumer-protection law of that country applies.
South African subscribers. Where required by section 5(2) and section 7 of the South African Consumer Protection Act 68 of 2008 ("CPA"), these Terms must be read with the CPA, and you may also bring proceedings in the South African courts of competent jurisdiction.
United States subscribers. Any dispute that is not finally resolved through informal negotiation within 60 days may, at either party's election, be resolved by binding individual arbitration under the Arbitration Foundation of Southern Africa rules, seated in Johannesburg, South Africa, unless mandatory local law requires another forum. The parties waive any right to participate in a class action or class arbitration to the extent permitted by law. You may opt out of this arbitration provision by sending written notice to legal@iwhf.org within 30 days of first accepting these Terms.
European Online Dispute Resolution. Consumers in the European Union may also access the European Commission's Online Dispute Resolution platform at ec.europa.eu/consumers/odr.
We may update these Terms. Material changes will be notified to the billing or account contact on file by email at least 30 days before they take effect, and will also be posted to this page with a revised version number and effective date. Continued use of the Services after the effective date constitutes acceptance. If you do not accept the changes you may cancel under Section 1.6 before the effective date and receive a pro-rata refund of pre-paid fees for the unused portion of the term.
Entire agreement. These Terms, together with the policies linked from this page and any Order Form, constitute the entire agreement between the parties and supersede all prior agreements on the same subject matter.
Severability. If any provision is held unenforceable, the remaining provisions remain in effect, and the unenforceable provision will be modified to the minimum extent necessary.
Waiver. A failure to enforce a provision is not a waiver of that provision.
Assignment. You may not assign these Terms without our prior written consent. We may assign these Terms to an affiliate or in connection with a merger, acquisition, or sale of substantially all our assets on notice to you.
Force majeure. Neither party is liable for delay or failure caused by events beyond its reasonable control, including acts of God, war, civil unrest, sanctions, internet or power outages, or pandemic.
Notices. Legal notices to IWHF must be sent to legal@iwhf.org and to any service address stated in your Order Form, invoice, or written agreement. Notices to you will be sent to the email address on your account.
Sanctions. You represent that you, your organisation, and your beneficial owners are not subject to economic or trade sanctions imposed by the United Nations, the European Union, the United Kingdom, or the United States, and that you will not use the Services in violation of any such sanctions.
IWHF is the controller (or, in jurisdictions that use the term, the "responsible party" or "business") of the personal data described below, except where we act as processor on behalf of a customer (notably for Donor Desk applicant data submitted into a customer's workspace), in which case the customer is the controller and our processing is governed by the DPA.
| Role | Details |
|---|---|
| Controller | Elle International NPC, South Africa, operating the International Women's Health Fund platform. |
| Data protection contact | privacy@iwhf.org |
| EU representative (GDPR Article 27) | Not currently appointed. EU data-subject requests may be sent directly to privacy@iwhf.org. |
| UK representative (UK GDPR Article 27) | Not currently appointed. UK data-subject requests may be sent directly to privacy@iwhf.org. |
| Information Officer (POPIA, South Africa) | Privacy contact: privacy@iwhf.org. Formal regulator filings will be updated on this page when complete. |
| Lead supervisory authority | Information Regulator (South Africa), with local supervisory authorities available where mandatory law applies. |
We process personal data only where one of the lawful bases under the EU/UK GDPR (Article 6), POPIA (section 11), the CCPA/CPRA (as a "business purpose"), the LGPD (Article 7), or the equivalent law in your jurisdiction applies. The table below summarises our processing.
| Category | Examples | Purpose | Lawful basis | Retention |
|---|---|---|---|---|
| Account | Name, work email, password hash, organisation, role | Operate the Services; authenticate; support | Contract | Account lifetime + 30 days |
| Org profile | Mission, geography, registrations, prior wins | Personalise eligibility match and drafts | Contract | Account lifetime + 30 days |
| Billing | Billing email, country, Paystack or PayPal IDs, invoice IDs | Process payments; accounting | Contract · Legal obligation | 7 years (tax law) |
| Drafts, applications, reviews | Proposal content, budgets, reviewer scores | Provide Founder Portal and Donor Desk | Contract | Account lifetime + 30 days unless legal hold |
| Editorial briefing | Email address; engagement (opens, clicks) | Deliver and measure the briefing | Consent · Legitimate interest (improve) | Until unsubscribe + 12 months |
| Waitlist and founding access | Name, work email, organisation, role, submitted access notes, IP address, user-agent-derived security hashes | Manage founding access; prevent abuse; route relevant follow-up | Consent · Legitimate interest | Until withdrawn or access decision + 24 months |
| Sales & marketing | Business contact data; signal data | Outbound B2B contact | Legitimate interest (with opt-out) | 24 months from last engagement |
| Logs & telemetry | IP, user-agent, request paths, workflow logs | Security, debugging, abuse prevention | Legitimate interest | 13 months; cold storage 90 days |
| COI disclosures (reviewers) | Prior award relationships | Enforce COI gate before scoring | Legal obligation (grant integrity) · Contract | Award cycle + 7 years |
| Cookies & analytics | Page views, session ID | Measure and improve the public site | Consent (non-essential) · Legitimate interest (essential) | 13 months maximum |
We do not sell or "share" personal data within the meaning of the CCPA/CPRA, and we do not use customer content to train foundation models. Aggregated, de-identified usage statistics may be used to improve the Services.
We collect personal data (a) directly from you when you create an account, subscribe, contact us, or use the Services; (b) automatically through cookies, server logs, and product telemetry; and (c) from third-party sources such as publicly available registries, your organisation's IT administrator, and our payment processors (for tokenised payment confirmations only — we do not receive your full card data).
We share personal data only with: (a) the sub-processors listed in Section 7, each engaged under written contracts containing the safeguards required by GDPR Article 28, POPIA section 21, and equivalent law; (b) professional advisors (lawyers, auditors, accountants) under duties of confidentiality; (c) authorities, where compelled by valid legal process, after challenging overbroad requests where appropriate; and (d) an acquirer or successor entity in connection with a merger, acquisition, or sale of substantially all our assets, subject to confidentiality.
IWHF is a global service. Where we transfer personal data across borders, we rely on:
A copy of the safeguards applicable to a specific transfer is available on request to privacy@iwhf.org.
Subject to the conditions and limits set out in your local law, you have the rights listed below. To exercise any right, contact privacy@iwhf.org; we will respond within the period required by your local law (typically one month in the EU/UK, 45 days in California, 15 days in Brazil for confirmation).
| Right | EU/UK GDPR | POPIA (ZA) | CCPA/CPRA (CA) | LGPD (BR) |
|---|---|---|---|---|
| Access / confirmation | Art. 15 | s. 23 | § 1798.100, 110 | Art. 18 I, II |
| Rectification | Art. 16 | s. 24 | § 1798.106 | Art. 18 III |
| Erasure / deletion | Art. 17 | s. 24 | § 1798.105 | Art. 18 VI |
| Restriction | Art. 18 | — | § 1798.121 (limit use) | Art. 18 IV |
| Portability | Art. 20 | — | § 1798.130(a)(2) | Art. 18 V |
| Objection / opt-out | Art. 21 | s. 11(3) | § 1798.120 (sale/share — not applicable, we do neither) | Art. 18 § 2º |
| Withdraw consent | Art. 7(3) | s. 11(2)(b) | — | Art. 8 § 5º |
| Lodge a complaint | Supervisory authority | Information Regulator | California AG / CPPA | ANPD |
If you are in Canada, Australia, Switzerland, Japan, or another jurisdiction with comprehensive privacy law, equivalent rights apply under PIPEDA, the Australian Privacy Act 1988, the Swiss FADP, the APPI, or your local statute respectively, and we will honour them.
We use assistive AI workflows to draft, summarise, match, and analyse. None of these systems makes a decision that produces legal or similarly significant effects about you without meaningful human review. Where the Donor Desk surfaces an eligibility or conflict-of-interest signal, the customer's human reviewer retains the decision authority. You have the right to request human review of, contest, and obtain an explanation of any output you believe has materially affected you, by writing to privacy@iwhf.org.
The Services are not directed at children. We do not knowingly collect personal data from children under 16 (or the equivalent age under your local law, including under 13 in the United States for COPPA). If you believe we hold such data, contact privacy@iwhf.org and we will delete it.
You may unsubscribe from any marketing or editorial email through the link in the message footer or by emailing privacy@iwhf.org. Transactional and service messages (security alerts, billing notices) are sent for the duration of your account and are not optional while you have an active account.
We maintain administrative, technical, and physical safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, and unauthorised disclosure or access. These include encryption in transit and at rest, scoped tenant isolation, least-privilege access controls, audit logging, sub-processor due diligence, and an incident-response process. Our security programme is summarised in our Trust Center (available on request to security@iwhf.org). No system is perfectly secure; we will notify you and the relevant supervisory authority of personal-data breaches within the timelines required by applicable law (within 72 hours under GDPR, without unreasonable delay under POPIA).
We retain personal data only for as long as necessary for the purposes set out in Section 2.2, plus any additional period required by law (for example, 7 years for tax records). Backups follow our standard 30-day rolling retention, after which deleted records are no longer recoverable. We anonymise rather than delete in some cases to preserve aggregate statistics.
If you believe we have processed your personal data unlawfully, please contact privacy@iwhf.org first so we can try to resolve the matter. You also have the right to complain to a supervisory authority:
ico.org.ukedpb.europa.eu)inforegulator.org.zacppa.ca.govgov.br/anpdpriv.gc.caoaic.gov.auFor other jurisdictions, contact your national data-protection authority.
This Refund Policy applies to all paid subscriptions and one-time charges purchased through the public order page, including Founder Portal tiers (Pro monthly, Pro annual, Institutional) and self-serve Donor Desk plans. Enterprise and Donor Desk contracts executed under a separately negotiated Order Form are governed by the refund terms of that Order Form.
You are entitled to a full refund of any subscription or one-time payment, provided you submit a refund request within 60 minutes of the payment-authorisation timestamp recorded by the relevant processor (Paystack for ZAR, PayPal for USD).
The 60-minute window:
Refund requests received after the 60-minute window will be declined except where required by applicable law (see Section 3.5) or granted at our discretion as a goodwill gesture.
Email billing@iwhf.org from the address on the account, with:
Refund request — [Organisation name]The timestamp used to determine whether the request is within the window is the time the email is received at our inbound mail server, as recorded in the message headers. If our inbound mail server is unavailable, the next-available delivery time will be used, and you will not be prejudiced by any IWHF-side delivery delay.
Approved refunds are returned to the original payment method. We do not issue refunds to a different card, account, or wallet. Settlement typically takes 5–10 business days for Paystack (ZAR) and 3–5 business days for PayPal (USD). Banking timelines outside our control may add to those windows.
On refund approval, (a) the associated subscription is cancelled immediately, (b) provisioned access is revoked at the next session boundary, and (c) usage data generated during the refunded period is retained only as required for tax, accounting, and abuse-prevention purposes. We do not pro-rate or partially refund a subscription term after the 60-minute window has elapsed.
Nothing in this Policy limits any non-waivable right you have under applicable consumer-protection law, including:
If a statutory right grants you a longer or broader refund entitlement than the 60-minute window, the statutory right prevails.
Before initiating a chargeback or reversal with your bank or card issuer, please contact billing@iwhf.org. Chargebacks raised without prior contact may result in suspension of the associated account pending resolution and recovery of any chargeback fee levied by the processor.
We process refund requests in good faith. We may decline a request, suspend an account, or refer a matter to law enforcement where we identify (a) repeated subscribe-and-refund activity against the 60-minute window, (b) credential sharing or breach of the Acceptable Use Policy, or (c) chargeback fraud or coordinated abuse across multiple accounts.
Security researchers who identify a vulnerability are invited to report it to security@iwhf.org. We commit not to pursue civil or criminal action against good-faith research conducted in accordance with our published responsible-disclosure programme.
Material breach of this Policy may result in suspension or termination under Section 1.17, removal of the offending content, referral to law enforcement where required, and pursuit of any other remedies available to us.
Where IWHF processes personal data on behalf of a customer (the "Customer Personal Data"), the following Data Processing Addendum ("DPA") applies and forms part of the Terms of Service. This is a summary; the full contractual text — including the EU SCCs (Decision 2021/914), the UK International Data Transfer Addendum, and the POPIA Operator clauses — is incorporated by reference and is available to customers and prospective customers on request.
The customer is the controller (or, under POPIA, the responsible party); IWHF is the processor (or operator). For Donor Desk applicant data submitted to a customer workspace, the customer is the controller as between the customer and IWHF, even though the applicant has a separate relationship with IWHF for their own IWHF account.
IWHF processes Customer Personal Data to provide the Services to the customer, for the duration of the customer's subscription and any post-termination period required to return or delete the data. Categories and types are set out in the DPA's processing schedule and reflect the Services in use (Founder Portal, Donor Desk, APIs, briefings).
The current sub-processor list is in Section 7. We provide at least 30 days' notice of any new or replacement sub-processor by email to the billing contact on file and via the changelog at subprocessor-changes@iwhf.org. Customers may object on reasonable grounds, in which case the parties will work in good faith to find an alternative; if none is possible, the customer may terminate the affected Service for the period after the sub-processor change takes effect and receive a pro-rata refund.
For transfers from the EEA, the UK, or Switzerland to a country without an adequacy decision, IWHF relies on the EU SCCs (with the UK Addendum and Swiss adaptations as applicable) and, where the recipient is certified, the EU-US Data Privacy Framework. For transfers from South Africa, IWHF relies on the safeguards required by POPIA section 72.
IWHF implements the technical and organisational measures described in the DPA's security annex, which align with the controls audited under our compliance programme (see the Trust Center). These include encryption in transit and at rest, scoped tenant isolation, role-based access controls, audit logging, vulnerability management, and incident response. Personal-data breaches are notified without undue delay (and in any event within 48 hours) to the affected customer.
IWHF will assist the customer in responding to data-subject requests (access, rectification, erasure, restriction, portability, objection) where the customer cannot fulfil the request through the Services' self-service controls.
On termination, the customer may export Customer Personal Data for 30 days using the in-product export tools. Thereafter, IWHF will delete or anonymise the data in accordance with the Privacy Policy and applicable law, except to the extent retention is required by law.
IWHF will make available to the customer the information necessary to demonstrate compliance with this DPA, including the most recent SOC 2 / ISO 27001 / equivalent reports under NDA. On-site audits may be arranged on reasonable prior notice, no more than once per 12-month period (without prejudice to a regulator's right of audit), and subject to the customer bearing reasonable costs.
| Sub-processor | Function | Region | Transfer mechanism |
|---|---|---|---|
| Cloudflare, Inc. | Edge runtime, CDN, KV | Global | SCCs · DPF |
| Neon Inc. | Postgres (member, org, application data) | EU (Frankfurt) primary | SCCs |
| Supabase Inc. | Identity / Auth | EU (Frankfurt) | SCCs |
| Anthropic, PBC | LLM inference (Claude) | US | SCCs |
| Temporal Technologies, Inc. | Workflow orchestration | US | SCCs |
| Paystack Payments Limited | South Africa billing and subscription payments | South Africa / Nigeria | Contractual transfer safeguards (POPIA s.72) |
| PayPal, Inc. | International subscription payments (USD) | Global | SCCs · DPF where applicable |
| Resend, Inc. | Transactional and waitlist email | US | SCCs · DPF where applicable |
| Plain (Helpdesk) | Customer support tickets | EU | n/a (intra-EU) |
| Sentry | Error tracking | EU | n/a (intra-EU) |
| Grafana Cloud | Observability traces + metrics | EU | n/a (intra-EU) |
| Doppler | Secrets management | US | SCCs |
| Vanta, Inc. | Compliance automation, Trust Center | US | SCCs |
| Iubenda S.r.l. | Cookie consent management | EU | n/a (intra-EU) |
IWHF is funded by subscription revenue, sponsored-research engagements, and (when applicable) institutional investment. Sponsored-research outputs disclose the funder relationship in the editorial output and carry the editorial-independence clause as a non-negotiable schedule. The Editor-in-Chief signs every editorial publication. The current sponsored-research engagement register is available on request to subscribers at editor@iwhf.org.
Editorial decisions — including topic selection, source verification, and final-copy approval — are made by editorial staff free from commercial influence. Where a piece touches on a sponsor, a paying subscriber, or a sub-processor, the relationship is disclosed prominently in the published output.
For the matter listed, please use the address shown:
legal@iwhf.orgprivacy@iwhf.orgsecurity@iwhf.orgeditor@iwhf.orgpartnerships@iwhf.orgbilling@iwhf.orgsubprocessor-changes@iwhf.orgWe will post the version number, effective date, and a short description of material changes here. Earlier versions are retained for at least 24 months and are available on request to legal@iwhf.org.
| Version | Effective | Summary |
|---|---|---|
| 1.0 | 27 May 2026 | Initial publication of Terms of Service, Privacy Policy, Refund Policy, Cookie Policy, Acceptable Use Policy, and DPA summary. |
| 0.1 | 24 May 2026 | Pre-publication legal baseline with sub-processor list and editorial disclosures. |