Privacy Policy for the LodgePay platform.

This policy explains how LodgePay handles personal data when people visit our website, contact us, request a demo, use a lodge website powered by LodgePay, or access the member and admin platform.

For lodge records, member data, candidate details, welfare notes, payments, summons, communications, and reports, the relevant lodge, Province, hall group, or platform customer is usually the data controller. NEURAL NETWORK GROUP LIMITED acts as a data processor where we host and operate LodgePay on their behalf.

The platform may process names, email addresses, telephone numbers, lodge roles, member profiles, candidate enquiry records, event RSVPs, dining preferences, dues and donation records, Gift Aid declarations, receipts, communication preferences, audit logs, support requests, and technical usage information.

Certain modules may also store sensitive operational records, such as Almoner welfare notes, mentoring notes, visit records, and compliance requests. These areas are designed for role-based access and should only be used by authorised officers.

We use data to run lodge websites, member portals, meeting and summons workflows, payment and donation flows, candidate pipelines, communications, reporting, support, security monitoring, audit trails, and service improvement.

Our lawful bases under the UK GDPR may include contract, legitimate interests, legal obligation, consent, or explicit consent, depending on the context and the data involved. Customers are responsible for the lawful basis for customer-controlled lodge records.

We do not sell personal data. We do not use lodge member records for unrelated advertising.

Payment processing is handled by our payments partner. LodgePay stores payment status, references, receipts, and reconciliation information, but full card details are handled by payment processors. We never see or store your card number.

We may use trusted service providers for hosting, database services, email delivery, analytics, storage, logging, support, payments, and security. These providers are used only where needed to deliver and protect the service.

We use strictly necessary cookies for login and security. Analytics cookies are used only where consent is given. Our Cookie Policy explains this in more detail.

Customer lodge data is retained according to the relevant lodge or customer instructions, legal requirements, and operational needs. Some records, such as audit logs, payment records, Gift Aid records, and compliance requests, may need to be retained for longer.

LodgePay applies access controls, tenant separation, role permissions, audit logging, encryption in transit, secure service credentials, and operational safeguards appropriate to the platform.

Some suppliers may process data outside the United Kingdom. Where that happens, we aim to use appropriate safeguards such as adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU standard contractual clauses, or equivalent contractual and technical protections.

Depending on your relationship with a lodge and the data involved, you may have rights to access, correct, delete, restrict, object to processing, request portability, and withdraw consent where processing is based on consent.

If your request relates to a lodge record, we may need to pass the request to the relevant lodge or customer because they control that data. You can contact us and we will help route the request appropriately.

You also have the right to complain to the Information Commissioner's Office if you are unhappy with how your personal data has been handled.