Privacy policy for the LodgePay platform.

This policy explains how LodgePay handles personal data when people visit our website, contact us, request a demo, use a lodge website powered by LodgePay, or access the LodgePay member and admin platform.

For lodge records, member data, candidate details, welfare notes, payments, summons, communications, and reports, the relevant lodge, Province, hall group, or platform customer is usually the data controller. LodgePay acts as a data processor where we host and operate the platform on their behalf.

The platform may process names, email addresses, telephone numbers, lodge roles, member profiles, candidate enquiry records, event RSVPs, dining preferences, dues and donation records, Gift Aid declarations, receipts, communication preferences, audit logs, support requests, and technical usage information.

Certain modules may also store sensitive operational records, such as Almoner welfare notes, mentoring notes, visit records, and compliance requests. These areas are designed for role-based access and should only be used by authorised officers.

We use data to run lodge websites, member portals, meeting and summons workflows, payment and donation flows, candidate pipelines, communications, reporting, support, security monitoring, audit trails, and service improvement.

We do not sell personal data. We do not use lodge member records for unrelated advertising.

Payment processing is handled by Stripe or another configured payment provider. LodgePay stores payment status, references, receipts, and reconciliation information, but full card details are handled by the payment provider.

We may use trusted service providers for hosting, email delivery, analytics, storage, logging, support, and security. These providers are used only where needed to deliver and protect the service.

Customer lodge data is retained according to the relevant lodge or customer instructions, legal requirements, and operational needs. Some records, such as audit logs, payment records, Gift Aid records, and compliance requests, may need to be retained for longer.

LodgePay applies access controls, tenant separation, role permissions, audit logging, encryption in transit, secure service credentials, and operational safeguards appropriate to the platform.

Depending on your location and relationship with a lodge, you may have rights to access, correct, delete, restrict, or object to processing of your personal data.

If your request relates to a lodge record, we may need to pass the request to the relevant lodge or customer because they control that data. You can contact us and we will help route the request appropriately.