Privacy Policy

Information we collect

We collect the following categories of information:

• • Account information. Your name, email address, password (stored only as a secure hash), preferred language, and the role you hold (member, club administrator, or organisation owner).
• • Google Sign-In information. If you choose to sign in with Google, we receive your name, email address, and profile picture from your Google Account. We use this only to create and authenticate your Mnemon.io account. See "How we use Google user data" below.
• • Club and event data. Information you or your club enters to run events and memberships — such as participant names, instructors, registrations, attendance, and any details a club requests on its registration forms.
• • Payment information. Payments are processed by Stripe. We do not store full card numbers on our servers; we keep records of transactions, amounts, and status needed to manage subscriptions and event payments.
• • Usage and device data. Technical information such as your IP address, browser type, and pages visited, collected through server logs and essential cookies to keep the service secure and working.

How we use your information

We use personal data to:

• • Create and secure your account and authenticate you when you sign in;
• • Provide the club and event management features you or your club use;
• • Process subscription and event payments through Stripe;
• • Send transactional emails such as registration confirmations and account notices;
• • Provide customer support and respond to your enquiries;
• • Keep the service secure, prevent fraud and abuse, and meet our legal obligations.

How we use Google user data

When you sign in with Google, Mnemon.io requests only your basic profile information (name, email address, and profile picture). We use this data solely to identify you, create or log you into your Mnemon.io account, and display your name and picture within the application.

Mnemon.io's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not sell Google user data, use it for advertising, or share it with third parties except as needed to provide the service or as required by law. You can revoke Mnemon.io's access at any time from your Google Account security settings.

Legal bases for processing

Where the UK GDPR or EU GDPR applies, we process personal data on the basis of: performance of a contract (to provide the service you signed up for), our legitimate interests (to operate, secure, and improve the platform), compliance with a legal obligation, and your consent where required (for example, for optional communications).

How we share information

We do not sell your personal data. We share it only with service providers that help us run Mnemon.io, and only as needed:

• • Stripe. Payment processing for subscriptions and event payments.
• • Google. Authentication when you choose to sign in with Google.
• • Hosting and infrastructure. Cloud hosting, storage, content delivery, and security providers that operate the platform on our behalf.
• • Email delivery. Our email provider, used to send the transactional messages described above.

We may also disclose information where required by law, to enforce our terms, or to protect the rights and safety of our users. When a club uses Mnemon.io, the data members submit to that club is shared with that club's administrators so they can manage their events and memberships.

Cookies

We use essential cookies to keep you signed in, remember your language preference, and protect forms from abuse. These are necessary for the service to work. We do not use cookies for advertising.

Data retention

We keep personal data for as long as your account is active and for as long as needed to provide the service. We may retain certain records — such as payment and transaction history — for longer where required for accounting, tax, or legal reasons. When data is no longer needed, we delete or anonymise it.

Security

We protect your data with encryption in transit, hashed passwords, access controls, and reputable infrastructure providers. No online service can be completely secure, but we take reasonable measures to safeguard your information and to notify you and the relevant authorities of a breach where required.

International transfers

Some of our service providers may process data outside your country. Where personal data is transferred internationally, we rely on appropriate safeguards, such as standard contractual clauses, to protect it.

Your rights

Depending on where you live, you may have the right to:

• • Access the personal data we hold about you;
• • Correct inaccurate or incomplete data;
• • Request deletion of your data;
• • Object to or restrict certain processing;
• • Request a copy of your data in a portable format;
• • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us using the details below. You also have the right to lodge a complaint with your local data protection authority.

Children

Mnemon.io is intended for use by clubs and organisations and their administrators. Where children participate in a club or event, their information is provided and managed by a parent, guardian, or the responsible club, not collected directly from the child.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above and, where appropriate, notify you. Continued use of Mnemon.io after changes take effect means you accept the updated policy.

Contact us

If you have any questions about this Privacy Policy or how we handle your data, please get in touch and we'll be happy to help.