Privacy Policy

This Privacy Policy explains how RunYourOrg collects, uses, and protects personal information when you use our platform and website (the "Service").

1. Information we collect

• Account information: name, email address, password hash, organization name, and billing details.
• Customer-provided content: member profiles, events, photos, newsletters, and other information organizations upload to the Service.
• Usage data: log data, device information, IP address, browser type, and pages visited — used to operate and improve the Service.
• Payment data: handled by Stripe under their own privacy policy. We do not store full card numbers on our systems.

2. How we use information

• To provide and maintain the Service.
• To communicate with you about your account, updates, and support requests.
• To process payments and prevent fraud.
• To comply with legal obligations.

3. Sharing and service providers

We share information only with vendors that help us operate the Service, under contracts that require them to protect your data. Current providers include:

• Supabase — database, authentication, and file storage.
• Vercel — application hosting.
• Stripe — payment processing.
• Anthropic (Claude API) — AI-assisted content drafting. Organization content is sent to Claude only when an admin initiates a drafting action.
• Email service (Resend or SendGrid) — for transactional emails and org-initiated newsletters.

We do not sell personal information.

4. Data retention

We retain your account information and customer content for as long as your account is active. After account closure, we delete or de-identify personal information within a reasonable period, except where retention is required by law.

5. Security

We use encryption in transit (HTTPS) and at rest, row-level security at the database layer, and access controls to protect personal information. No system is perfectly secure; please report suspected vulnerabilities to info@runyourorg.com.

6. Your rights

Depending on your location, you may have rights to access, correct, export, or delete your personal information. To exercise these rights, contact info@runyourorg.com. For organization members, please contact your organization admin first, as they are the data controller for your member information.

7. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. If we add analytics in the future, we will update this policy and give you the ability to opt out.

9. Changes

We may update this Privacy Policy and will update the effective date above. Material changes will be communicated in-product or by email.

10. Contact

Privacy questions or requests: email info@runyourorg.com.