Legal

Privacy Policy

Last updated: March 27, 2026

1. Introduction

MemberRun (“we,” “us,” or “our”) operates the MemberRun platform and website (memberrun.com). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our platform.

We are committed to protecting the privacy of our users and their members. We comply with applicable privacy legislation including the Personal Information Protection and Electronic Documents Act (PIPEDA), the California Consumer Privacy Act (CCPA), and applicable state and provincial privacy laws.

2. Information We Collect

Information you provide directly

  • Account registration information (name, email, organization)
  • Organization and membership data you input into the platform
  • Payment information (processed by Stripe — we do not store card details)
  • Communications with us (support requests, demo inquiries)

Information collected automatically

  • Log data (IP address, browser type, pages visited, timestamps)
  • Device information (operating system, screen resolution)
  • Cookies and similar tracking technologies (see Section 7)

Member data you manage through the platform

As a data processor, we host member data that your organization inputs into MemberRun. This may include member names, contact information, CPD records, event attendance, billing history, and other information relevant to your association's operations. You are the data controller for this information.

3. How We Use Your Information

  • To provide and maintain the MemberRun platform
  • To process transactions and send billing communications
  • To respond to your inquiries and provide customer support
  • To send product updates and service-related communications
  • To improve our platform and develop new features
  • To detect and prevent fraud, abuse, or security incidents
  • To comply with legal obligations

We do not sell, rent, or share your personal information with third parties for their marketing purposes. We do not use member data to train AI models.

4. Data Sharing

We share information only in these limited circumstances:

  • Service providers: We use trusted third-party services (cloud hosting, payment processing, email delivery) that process data on our behalf under strict contractual obligations.
  • Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify affected users before their data is subject to a different privacy policy.

5. Data Security

We implement industry-standard security measures including:

  • TLS 1.3 encryption for data in transit
  • AES-256 encryption for data at rest
  • Role-based access controls and audit logging
  • Regular security assessments and penetration testing
  • Automated vulnerability scanning
  • Infrastructure hosted on Google Cloud Platform (SOC 2 certified)

6. Data Retention and Deletion

We retain account data for the duration of your subscription. When you cancel:

  • You have 90 days to export all data
  • After 90 days, data is permanently deleted from our systems
  • Backups containing your data are purged within 30 additional days

Individual members can request deletion of their personal data. Organization administrators can process these requests through the platform.

7. Cookies

We use cookies for:

  • Essential cookies: Required for platform functionality (authentication, session management)
  • Analytics cookies: Help us understand how visitors use our website to improve the experience

You can control cookie preferences through your browser settings. Disabling essential cookies may affect platform functionality.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Request deletion of your personal information
  • Object to or restrict certain processing activities
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at privacy@memberrun.com.

9. Children's Privacy

MemberRun is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by email and by posting the updated policy on this page with a revised “Last updated” date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

MemberRun
Email: privacy@memberrun.com
Web: memberrun.com/contact