Privacy Policy
Last updated: 17 July 2026
Who this applies to
This policy covers two situations: visitors to this marketing site (communioo.com), and members and staff using a Communioo-powered association platform.
For association members and staff, your association is the data controller for your membership data — they decide what's collected and why. Communioo acts as their data processor, running the platform on their behalf under a data processing agreement. Questions about your membership data should go to your association first; we're glad to help them respond.
For marketing-site visitors (before you're a member of anything), Communioo is the data controller.
What we collect
Account and profile data: name, email, job title, company, and anything else you or your association add to your profile.
Usage data: working group memberships, event registrations, posts and messages within your association's community features, and similar in-app activity.
Marketing-site contact form submissions: name, email, organisation, and your message, if you reach out to us.
Technical data: IP address and basic device/browser information, collected automatically for security and to keep the service running (see Cookies below).
Why we process it
To provide the platform: authenticating you, showing you the right content, running working groups, events, and community features.
To communicate: transactional emails (magic-link sign-in, event reminders, access-request notifications) and, where your association sends them, membership communications you haven't opted out of.
To respond to enquiries submitted through our contact form.
To keep the service secure and reliable.
We do not sell your data, and we do not run advertising or behavioural-tracking of any kind.
Where your data lives
Our database runs on Supabase, hosted in Frankfurt, Germany (EU). Application hosting runs on Vercel. Transactional email is sent via Resend. These are our sub-processors — each only processes data as needed to provide their part of the service, under contract.
Data stays within the EU for our EU-based infrastructure. We don't transfer your data outside the EU/EEA except where a sub-processor requires it for a specific, documented purpose with appropriate safeguards in place.
How long we keep it
Membership data is kept for as long as you're part of your association's platform, plus a reasonable period afterwards for legal, accounting, or dispute-resolution purposes, per your association's own retention practice.
Marketing-site contact form submissions are kept only as long as needed to respond to your enquiry.
Your rights
Under GDPR, you have the right to: access the data we hold about you, correct it if it's wrong, request its erasure, restrict or object to certain processing, and receive a copy in a portable format.
To exercise any of these for your association membership data, contact your association's staff, or reach us directly at the email below and we'll route it correctly.
You also have the right to lodge a complaint with your local data protection supervisory authority.
Cookies
See our Cookie Policy for the full detail on what we use and why.
Changes to this policy
If we make material changes to this policy, we'll update the date below and, where appropriate, let you know directly.
Contact us
Questions about this policy or your data? Email us at privacy@communioo.com or use our contact form.