Security of Your Membership Data
Security and Member Privacy at membermojo
Security and Privacy are considered at all stages of design and
Some of the key points are listed here:
- GDPR requires us to validate and identify all third-party services
that we may share your data with. (see Sub Processors within our
Terms and Conditions).
- Your data is stored on servers in a modern, secure, purpose built data centre
in the UK.
- All changes are mirrored across backup servers in realtime and hourly
encrypted system backups are sent to a second secure data centre,
also in the UK.
- All hosting companies are ISO27001 certified.
- Online payments are transferred directly from the member to your PayPal or
Stripe account. No account or card details touch our systems.
- Our mailing list sends email to each member individually.
A member receiving email cannot see other member addresses.
Administrator access to your data is controlled by email and password
from a verified browser.
Selected members can be given read or write access to this data
to avoid distributing or storing insecure copies.
Your member data belongs to you.
We will never sell or trade any part of this with 3rd parties.
We regularly review site security to ensure our servers are
up to date and that we continue to follow industry best practice.
- We use Cloudflare to provide best practice
TLS encryption between your browser and our site.
- We use firewalls and two factor authentication where available to protect
our servers and third-party services.
- Key forms are protected using the Google reCAPTCHA service.
- Passwords are never sent by email. Modern methods mean we don't
(and shouldn't) know what your password is.
- Passwords are one way encrypted using a modern multi-pass hash and unique
salt before being stored.
- Password strength is measured using data from the
Have I Been Pwned? service.