Secure email for nonprofits: what’s free, and what’s worth paying for
Most of what keeps a small nonprofit's email safe is free and takes an afternoon. Here are the settings you can do yourself today — and the one hard part, using AI in your inbox without handing a client's private details to a company you can't see.
Published July 9, 2026
What does secure email for a nonprofit actually mean?
For a small nonprofit, secure email comes down to a few habits, most of them free: turn on two-step login, know which company hosts your mail and where, and never paste a client’s real details into a public chatbot. The part that’s genuinely hard, and worth paying for, is newer. It’s using AI to keep up with your inbox without sending client information to an outside company. That’s what “private AI” means: the private part never leaves, a person stays in the loop, and the whole thing runs somewhere you can point to on a map.
You went looking for secure email. You got sold a fortress.
Search “secure email for nonprofits” and you'll find enterprise suites priced per user, built to stop a hacker who was never your real problem. For a three-person office sharing one inbox, the actual risk is quieter: where your mail lives, who can still log in after they've left, and what an AI assistant reads once it's switched on. Those you can fix. Most of them for free.
- Per-seat pricing built for a 200-person company, not your shared inbox
- A threat dashboard aimed at attackers who were never targeting a small charity
- Encryption add-ons you'll never configure and a contract you can't read
- The whole thing assumes the danger is someone breaking in, not the data you send out yourself
- Two-step login on every email account. Free, ten minutes
- Knowing which company hosts your mail, and what country it sits in
- A shared inbox with its own login, so nothing walks out when staff do
- A plan for the AI assistants now switching on inside Gmail and Outlook
Six things that cost nothing but ten minutes
None of this needs us, and none of it needs an IT budget. Do only these and your email is in better shape than most small nonprofits we see. Do them before you pay anyone for “security.”
- Turn on two-step login (2FA) for every email account. It's free, it takes ten minutes, and it stops most break-ins cold.
- Find out which company hosts your email and what country it's in. For most nonprofits that's Google or Microsoft, both US companies. Worth knowing if your funder cares where data lives.
- Give your shared inbox its own account and password, not one staff member's personal login. When they leave, the inbox stays with you.
- Change shared passwords whenever someone leaves. Institutional knowledge shouldn't be the only thing that walks out the door.
- Never paste a client's real name, email, or file number into a public chatbot. That text lands on a company's servers, and you rarely get a say in what happens next.
- Check whether the AI assistant in Gmail or Outlook is switched on. To help, it reads your mail, so decide that on purpose, not by default.
What “private AI” actually means
Once the free settings are done, one hard problem is left: your inbox is still full, and the AI tools that could help all want to read your clients' emails to do it. Private AI is the version that doesn't. Four things make it private — insist on all four, from us or anyone.
The private part never leaves
Before any email reaches an outside AI, the personal details are swapped for placeholders on a server you're told about: names, emails, phone numbers, SINs, and immigration file numbers (UCI). The AI only ever works on a de-identified copy.
The AI sorts, it never writes
It reads the email and picks one of your own pre-approved replies, like sorting mail into the right folder. It can't invent a wrong answer, because it never writes one. When it isn't sure which reply fits, it saves a draft instead of guessing.
A person stays in the loop
Every setup starts in draft-only mode. Nothing sends on its own until you've watched enough drafts to trust it, and you decide if it ever does.
It runs where you can point to it
Your call, not the tool's: a redacted copy to a mainstream provider for pennies a month, a Canadian-hosted model in Canadian data centres, or hardware in your own office where nothing leaves the building.
Redaction has limits, and we’d rather you hear them from us: in our testing it caught roughly 98 of every 100 personal identifiers — good, not perfect — and a name written in a non-Latin script is exactly the kind of thing that can slip past. The human review step exists for that last 2%. If a vendor promises you 100%, keep shopping.
We put all four into one service
You shouldn’t have to wire this together yourself. Our Inbox Triage service does the redaction on our own server before any email reaches an AI, keeps you in draft-only mode until you trust it, and gives you Canadian-hosted or in-your-office options for when data can’t leave the country. It’s built by people who run nonprofits, and it starts at $99 a month.
See how Inbox Triage keeps client data private, from $99/month- Core — $99/month, plus a one-time onboarding fee. A redacted copy goes to a mainstream AI provider, usually under $1 a month in usage.
- Sovereign — $1,399/month. A Canadian-owned provider runs a local model in Canadian data centres. Nothing touches an outside API.
- On-Premises — scoped with you. The model runs on hardware in your office. No email content leaves the building.
What nonprofit leaders ask about secure email and private AI
What does secure email for a nonprofit actually mean?
For a small nonprofit it comes down to a few habits, most of them free: turn on two-step login, know which company hosts your mail and what country it's in, give your shared inbox its own account, and never paste a client's real details into a public chatbot. You don't need an enterprise security suite priced per seat. The one genuinely hard part is newer: using AI to keep up with your inbox without sending client information to an outside company.
What is 'private AI,' and how is it different from ChatGPT?
Private AI means the confidential part of an email never reaches an outside company. A public chatbot like ChatGPT does the opposite: whatever you paste lands on the provider's servers, and depending on the plan may be used to train future models. A private setup strips the personal details out first (names, emails, phone numbers, SINs, immigration file numbers), uses the AI only to sort and match rather than to write, keeps a person reviewing anything sensitive, and can run on a Canadian-hosted model or your own hardware. Insist on all four, from us or anyone.
Is our email secure if we already use Gmail or Outlook?
Mostly, once two-step login is on for every account. Google and Microsoft run solid security, so a small nonprofit doesn't usually need to buy more. Two things are still worth checking: both are US companies, which matters if your funder or clients need data kept in Canada; and the AI assistants now built into Gmail and Outlook read your mail to work, so know whether yours is switched on and for whom.
Should we turn on the AI features built into our inbox?
You can, but do it on purpose. To help, those assistants read your email, so treat that like any other tool that sees client data: decide who has it on, and don't paste confidential details into a general chatbot. If routine email is the real problem and some of it is sensitive, a setup that redacts personal details before any AI sees them is safer than a general assistant reading everything.
Can a small nonprofit afford secure email and private AI?
The secure-email part is mostly free. The six settings that matter most cost nothing but ten minutes each. The private-AI service, for using AI in your inbox without leaking client data, starts at $99 a month, plus a one-time onboarding fee, and the AI usage itself is usually under $1 a month. If keeping everything in Canada is a requirement, the Canadian-hosted and on-premises options cost more; we'll tell you honestly which one your situation needs.
Does our email data have to stay in Canada?
It depends on your funders and the people you serve. Settlement, health, legal aid, and Indigenous-serving organizations often have requirements that data stay in the country. If that's you, look for a Canadian-hosted model or hardware in your own office, so email content never crosses the border. If it isn't a requirement, a redacted copy going to a mainstream provider is usually fine.
Still weighing whether AI belongs anywhere near client data? Our plain-English guide to using AI with client data walks through what actually leaks and what doesn’t.
The free part is on you. The hard part is on us.
Do the six free things this afternoon. Then, if your inbox is still buried and you want AI to help without leaking client data, book a free call. We'll tell you honestly which option fits, or that you don't need us yet.