Memberful Data Protection.

Measures we take to protect your data.

We take data protection seriously. This document outlines some of the measures we take to protect your data when you use Memberful.

When you close your account, it's really gone.

We permanently delete all your account data when you close your Memberful account. We also delete your data from third-party services we use like Stripe (for processing payments) and Intercom (for support).

Backups are destroyed after 30 days.

All our server logs and database backups are permanently deleted after 30 days. So when you delete your Memberful account, you know all your data is removed from our systems within 30 days.

We only send data to necessary services.

Memberful relies on some third-party services, like Intercom (for providing support), Stripe (for processing payments), Google Analytics and Adwords (for analyzing web traffic and tracking conversions), and Heroku / Amazon Web Services (for hosting our application and data). These third-party services help us run Memberful reliably, securely, and efficiently. We do not ever sell your data to unaffiliated third-parties for marketing purposes.

We ask before we look.

We don’t view customer dashboards or connected accounts unless they grant explicit permission to do so as part of a support ticket.

We take security seriously.

All communications between Memberful and your browser are encrypted, our production database is encrypted-at-rest, and we encrypt our backend services as much as is practical. We host in a secure environment and retain geo-redundant backups for 30 days. See Memberful Security for more.

We’ve made changes for the GDPR.

We've made changes to help Memberful customers comply with the GDPR and we've improved our own internal data protection and security.

For Memberful customers:

For our customer’s members: