Privacy Policy
Effective date: July 14, 2026
This Privacy Policy explains how JoinRun.club (“JoinRun”, “we”, “us”) collects, uses, and protects personal information when you use our website, web application, and APIs (the “Service”).
1. Who we are
JoinRun is a platform for running clubs to manage events, registrations, attendance, and analytics. For data collected through a club's pages and forms, the club organizer decides what is collected and why; JoinRun processes that data on the organizer's behalf. For account and platform data, JoinRun is the data controller.
Contact: hello@joinrun.club
2. Information we collect
- Account information. Name, email address, and password (stored as a cryptographic hash — we never see or store your plain-text password).
- Club and event content. Club pages, event details, cover images, and other content organizers publish.
- Registration responses. When you register for an event, we collect the answers you submit to that event's registration form. Organizers design these forms, so the exact fields vary by event.
- Attendance data. Records of which events you attended and how you checked in (QR scan or geofenced check-in).
- Location data. If an event uses geofenced check-in, we request your device's location only at the moment you tap to check in — never on page load and never in the background. The location is used to confirm you are at the venue. We store the check-in result; precise coordinates are not used for any other purpose.
- Payment information. Subscription billing details are handled by our payment providers; we do not store full card numbers. When member payments launch, they will be processed by a payment processor under its own privacy terms, which we will link here.
- Technical data. IP address, browser type, and request logs collected automatically for security, rate limiting, and debugging.
- API usage. If your plan includes API access, we log API key usage (key identifier, endpoints called, timestamps) to operate and secure the API.
3. How we use information
We use personal information to:
- provide the Service — accounts, clubs, events, registrations, check-in, and analytics;
- show organizers analytics about their own clubs (attendance, participation, growth);
- process subscription payments and send transactional emails (confirmations, receipts, important service notices);
- secure the Service — authentication, rate limiting, abuse and fraud prevention;
- improve the Service using aggregated, de-identified usage data;
- comply with legal obligations.
We do not sell personal information, and we do not use your data to serve third-party advertising.
4. How information is shared
- With organizers. Your registration responses and attendance for an event are visible to that event's club organizer and their team members.
- Publicly. Public club and event pages are visible to anyone and may be indexed by search engines. Your individual registration data is not public.
- Service providers. We use infrastructure and service providers (for example cloud hosting and email delivery) that process data on our behalf under contractual confidentiality obligations.
- Legal. We may disclose information if required by law, or to protect the rights, safety, or property of JoinRun, our users, or the public.
- Business transfers. If JoinRun is involved in a merger or acquisition, data may transfer under the same protections; we will notify you of any change in ownership.
5. Cookies
We use strictly necessary cookies and similar storage to keep you signed in and to secure the Service. We do not use third-party advertising cookies.
6. Data retention
- Account data is kept while your account is active.
- Club, event, registration, and attendance data is kept while the club exists, so organizers retain their history; organizers may delete records or entire clubs at any time.
- If you delete your account, we delete or de-identify your personal data within 30 days, except where we must retain it for legal, billing, or security reasons.
- Backups and logs expire on a rolling schedule.
7. Your rights
Depending on where you live, you may have the right to access, correct, export, delete, or restrict the processing of your personal data, and to object to processing or withdraw consent.
- Organizers can export their club's data directly with the built-in data export tools.
- Participants can contact the event organizer for data collected through that organizer's forms, or contact us at hello@joinrun.club and we will help route or fulfil the request.
We respond to verified requests within 30 days. You may also lodge a complaint with your local data protection authority.
8. Security
We take reasonable technical and organizational measures to protect personal data, including encryption in transit (HTTPS everywhere), hashed passwords, hashed API keys, role-based access within clubs, and rate limiting. No system is perfectly secure; if we become aware of a breach affecting your personal data, we will notify you and the relevant authorities as required by law.
9. International transfers
Our infrastructure providers may store and process data in data centers in multiple countries. Where data is transferred across borders we rely on appropriate safeguards, such as standard contractual clauses.
10. Children
The Service is not directed to children under 16, and we do not knowingly collect personal data from them. Organizers running events for minors are responsible for obtaining any consents required by local law. If you believe a child has provided us personal data, contact us and we will delete it.
11. Changes to this policy
We may update this Privacy Policy from time to time. For material changes we will give notice (for example by email or in-app notice) before the changes take effect. The effective date at the top always reflects the latest version.
12. Contact
Privacy questions or requests: hello@joinrun.club. See also our Terms and Conditions.