GDPR
Last updated 7 May 2026. This page explains how LodgePay is intended to support data protection duties across lodge operations, public websites, member portals, payments, communications, and sensitive officer workflows.
For most lodge records, the lodge, Province, hall group, or platform customer decides why and how personal data is used. That organisation is usually the data controller.
LodgePay normally acts as a processor for customer platform data, providing hosting, software, support, security, backups, email delivery, payment workflow records, reporting, and technical operations.
The platform can process member records, officer roles, candidate enquiries, mentoring activity, meeting attendance, summons delivery, RSVPs, dining requirements, dues, donation records, Gift Aid declarations, receipts, communications, support tickets, audit logs, and security events.
Some customers may use the Almoner, welfare, compliance, or mentoring modules to store special category or sensitive personal data. These modules should be used only where there is a lawful basis and suitable internal governance.
Customers are responsible for deciding and recording the lawful basis for their own processing. Typical bases may include legitimate interests, contract, legal obligation, consent, or explicit consent depending on the data and purpose.
LodgePay processes customer data under customer instructions, our service terms, data protection obligations, and the operational need to deliver and protect the platform.
Members, candidates, donors, visitors, or officers may request access, correction, deletion, restriction, portability, or objection under applicable data protection law.
Where a request relates to customer-controlled lodge records, LodgePay may need to route the request to the relevant customer. We will support customers with reasonable technical assistance where needed.
The platform is designed around tenant separation, lodge context, role-based permissions, audit trails, secure session handling, encrypted transport, and restricted administrative access.
Customers should review officer access regularly, remove users who no longer need access, use appropriate roles, and avoid placing unnecessary sensitive information into general notes or public content fields.
LodgePay may use subprocessors for hosting, database services, storage, email delivery, observability, payments, analytics, and support operations.
Where data is transferred internationally, appropriate safeguards should be used according to the provider, hosting location, contract, and applicable law.