Last modified: 14th July 2019
Each membermojo customer (the data controller) defines the personal data held by our service for their organisation. membermojo (the data processor) may share this personal data with the following external services to implement site functions.
Under GDPR the use of these services is governed by our Terms and Conditions.
Encrypted database backups containing personal data are stored in Amazon Web Services data centres located in the UK.
Amazon Web Services have no access to unencrypted backups.
Cloudflare provides content distribution, security and DNS services.
All data exchanged with our site passes through Cloudflare systems but Cloudflare have no access to it.
Our plastic membership cards are printed by ClubCards121.
We will only share the personal data required to print and deliver cards that is identified during card design.
ClubCards121 remove all personal data 60 days after dispatch of cards.
Email sent to a mailing list on the membermojo.co.uk domain is received and stored by G Suite services at Google for processing by our servers.
We do not share any personal data with Google and will remove stored emails within 14 days.
Our servers containing personal data are hosted in UK data centres provided by Linode.
Linode do not have access to the data on our servers.
Emails sent from our servers are delivered by the Mandrill transactional service at Mailchimp.
Mailchimp logs email activity and tracks delivery failures which we use for resolving support issues.
How long does Mandrill keep data about my emails?
PayPal provides online payment processing.
We share the email address of the organisation PayPal account, plus description and price for each purchased item.
No personal data is shared with PayPal.
Stripe provides online payment processing.
We share the name and email of the member making purchase so that payments can be identified on the Stripe organisation dashboard.
