Memberful Privacy Policy

1. What this policy covers

This Privacy Policy applies to information that we collect about you when you use our websites (including memberful.com) and any products and services that are available on or through our websites (“Services”). Below we explain how we collect, use, and share information about you, along with the choices that you have with respect to that information.If you have any questions about this Privacy Policy, please contact us at info@memberful.com.

For the purposes of this Privacy Policy, “Memberful”, “we” or “us” means Memberful, LLC. Memberful is the processor of personal data processed, pursuant to this Privacy Policy, in cases where it processes personal data it gathers on its Customers’ behalf. In certain instances Memberful acts as a data controller in those limited instances where we decide the purposes and methods of processing personal data.

We collect and process your information on the basis of different legal grounds, depending on the nature of the information being provided and the type of processing involved. With the exception of section 8 of this Privacy Policy, when we say “you” or “your” we are referring to all individuals that provide their personal data to Memberful in the context of our Services.

If you are a visitor of a site that is running Services provided by Memberful (“Memberful Enabled Site”) site, the entire Privacy Policy applies to you, but section 8 in particular applies to you only.

2. Information we collect

We only collect information about you if we have a reason to do so–for example, to provide our Services, to communicate with you, or to make our Services better.

We collect information in three ways:

Information you provide to us;
Information we collect automatically; and
Information we collect from other sources.

We provide further detail below.

2.1 Information you provide to us
It’s probably no surprise that we collect information that you provide to us. The amount and type of information depends on the context and how we use the information. Here are some examples.

Registration information: we ask for basic information from you in order to set up your account - for example, your name and email address.
Transaction and billing information: if you buy something from us, you will provide additional personal and payment information that is required to process the transaction and your payment, such as your name, credit card information, and contact information.
Content information: in connection with using the Services, you may generate content that provides us with additional information about you.
Credentials: in connection with using the Services, you may provide us with credentials for your website (like SSH, FTP, and SFTP username and password).
Communications with us: you may also provide us information when you respond to surveys or communicate with us about a support question.

2.2 Information we collect automatically
We also collect some information automatically.

Log information: like most online service providers, when you use our Services we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information.
Usage information: we collect information about your usage of our Services. For example, we collect information about the actions that site administrators and users perform on a site–in other words, who did what, when and to what thing on a site (e.g., [username] subscribed to “[content]” at [time/date]). We also collect information about what happens when you use our Services along with information about your device (e.g., mobile screen size, name of cellular network, and mobile device manufacturer). We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.
Location information: We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
Information from cookies & other technologies: A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and e-mails. We use cookies and other technologies like pixel tags to collect additional website usage data and to operate our Services. Please note we do not respond to web browser “Do-Not-Track” signals. You can find out more in our Cookie Policy.

2.3 Information we collect from other sources
We may also get information about you from other sources. For example, if you connect your account to a third-party service provider, we may receive information from that service. The information we receive depends on which services you authorize and any options that are available. We may also get information from third party services about individuals who are not yet our users (…but we hope will be!), which we may use, for example, for marketing and advertising purposes.

3. How we use your information

We use information about you as mentioned above and as follows:

to provide our Services–for example, to set up and maintain your account, backup and restore your content, charge you for any of our paid Services, and provide you support for the Services;
to further develop and improve our Services–for example by adding new features that we think our users will enjoy or find useful;
to monitor and analyze trends and better understand how users interact with our Services, which helps us improve our Services and make them easier to use;
to monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Memberful and others; and
to communicate with you about offers and promotions offered by Memberful and others we think will be of interest to you, solicit your feedback, or keep you up to date on Memberful and our products.

We do not sell our users’ private personal information, as defined under the California Consumer Privacy Act (see section 7 of this Privacy Policy).

We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy.

Affiliates, employees, and independent contractors: we may disclose information about you to our affiliates, our employees, and our independent contractors that need to know the information in order to help us provide our Services or to process the information on our behalf.
Third party vendors: we may share information about you with third party vendors who need to know information about you in order to provide their services to us. This group includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information) and those that help us understand and enhance our Services (like analytics providers).
As required by law: we may disclose information about you in response to a subpoena, court order, or other governmental request, to the extent required by law.
To protect rights and property: to the extent permitted by law, we may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of Memberful, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
Business transfers: in connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that Memberful goes out of business or enters bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving your information may continue to use your information, but only in a manner consistent with this Privacy Policy.
With your agreement: We may share and disclose information with your agreement or at your direction. For example, we may share your information with third parties where you authorize us to do so.
Aggregated and de-identified information: we may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
Publish support requests: if you send us a request (for example, via a support email or one of our feedback mechanisms), we reserve the right to publish that request in order to help us clarify or respond to your request or to help us support other users.
4.1 Information you share publicly
Information you decide to publish on your website is publicly available, and may be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what you would like to share.

5. Our commitment to protecting your information

Our customers may benefit from a number of rights in relation to their information that we process.

If you would like to manage, change, limit, access or delete your personal data, account holders can do so via your Memberful account settings or individuals contact us at info@memberful.com.
In certain cases where we process your information, you may also have a right to restrict, or object to, the ways in which we use your personal data. You may request this by contacting us at info@memberful.com.
You may opt out of receiving promotional messages from us. Just follow the instructions in those messages. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices.

For more information about our commitment to data protection, please see the Memberful Data Protection Policy. And for more information on our commitment to security, please see our Security Policy.

6. Transferring your information

Memberful is a worldwide service. By accessing or using the Services or otherwise providing information to us, you agree to the processing, transfer to, and storage of information in the U.S. and other countries.

6.1 Contractual protections
Where appropriate, Memberful’s transfers of personal data of individuals in the EEA, the United Kingdom and Switzerland outside of those locations are performed based on contractual obligations placed on the recipient of the personal data.

6.2 Data Privacy Framework and Principles
Memberful adheres to the EU-U.S. Data Privacy Framework Principles and the Swiss-U.S. Data Privacy Framework Principles and complies with the associated EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use, sharing, and retention of personal data transferred from the European Union (including EFTA States), the United Kingdom, and Switzerland to the United States. As applicable, we do not, however, rely solely on the EU-US Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, or the Swiss-US Data Privacy Framework as our lawful basis to transfer personal data from the European Union, EFTA States, or the United Kingdom. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov.

With respect to the personal data received or transferred pursuant to the Data Privacy Frameworks, Memberful is subject to the regulatory enforcement powers of the US Federal Trade Commission. Under certain circumstances, Memberful, LLC may be liable for the transfer of personal data from the EU, EFTA States, or the United Kingdom to third parties outside the EU, EFTA States, and the United Kingdom. If you have a dispute with us about our Data Privacy Framework compliance, we ask that you first submit any such complaints directly to us at privacy@memberful.com. If you aren’t satisfied with our response, you may contact JAMS – the US-based independent alternative dispute resolution provider responsible for reviewing and resolving complaints about our Data Privacy Framework compliance free of charge to you – via https://www.jamsadr.com/DPF-Dispute-Resolution. In the event your concern still isn’t addressed by JAMS, you may be entitled to a binding arbitration under the Data Privacy Framework and its principles. More Information about this arbitration process can be found here.

7. Compliance with California privacy laws

Memberful is subject to the California Consumer Privacy Act (CCPA). The CCPA allows California residents to request access to the specific pieces and categories of personal information (as defined) that the business has collected about the consumer, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared.

Memberful provides California residents and all users with the right to view, access, transport or delete their information by contacting info@memberful.com.

Under California’s “Shine the Light” law (Civil Code section 1798.83), California residents have certain rights regarding the disclosure of their information to third parties for their own direct marketing purposes. Memberful’s policy is not to disclose your information to third parties for the third parties’ direct marketing purposes if you have exercised your option to prevent that. If you wish to not have your personal information shared for those purposes, you may request that we delete your personal data by following the steps outlined above.

8. Our customers’ end users

If you are a visitor of a Memberful Enabled Site, this section applies to you only.

This section should always be read in conjunction with the specific Privacy Policy and Terms of Service, if any, of the Memberful Enabled Site which will contain further details regarding the processing of your personal data by the Memberful Enabled Site.

You can get more information about Memberful by visiting the ‘about Memberful’ section of our support site. Memberful assists its users/customers in providing their end users with a better experience and service as well as assisting them in diagnosing technical problems and analyzing user trends. Most importantly, through Memberful’s Services, the functionality of the Memberful Enabled Site can be improved, making them more user-friendly, more valuable, and simpler to use for the end users.

Memberful has no direct relationship with the end users whose personal data it processes. An individual end user who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the Memberful customer (the data controller) whose Memberful Enabled Site you are using. If we are then requested to remove data by the Memberful customer we will respond within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal data, or may need to retain your personal data in order to continue providing a service.

9. Additional information

9.1 Data Processing Addendum
Memberful’s Data Processing Addendum applies where and only to the extent that Memberful processes Personal Data on your behalf in the course of providing the Services and such Personal Data is subject to Data Protection Laws requiring such a contractual framework.

9.2 Minimum age of our customers
Our Services are not directed to children, and you may not use our Services if you are under the age of 13.

9.3 Storage of your information
Memberful stores your information until it is no longer necessary to provide our Services, or until you ask us to delete your information. We are also required to retain certain information in order to comply with local laws.

9.4 Inquiries and complaints
If you have any questions about this Privacy Policy, please contact us at info@memberful.com. If you have a complaint, we would be happy to address that for you. But you also have the right to direct your complaint to the appropriate data protection supervisory authority.

10. Privacy Policy changes

Although most changes are likely to be minor, Memberful may change its Privacy Policy from time to time. Memberful encourages visitors to frequently check this page for any changes to its Privacy Policy. If we make changes that, in our sole discretion, are material, we may provide additional notice (such as adding a statement to our homepage or sending you a notification through e-mail or your dashboard). Your continued use of the Services after any change in this Privacy Policy will constitute your agreement to such change.

Changelog

June 5th, 2018: Added Human Resources section for Privacy Shield.
May 20, 2018: Added Privacy Shield provisions in connection with the self-certification process.
May 9, 2018: Adopted entirely new policy, primarily in response to GDPR.
May 11, 2021: Updates to Privacy Shield framework provisions.
April 20, 2022: Improvements to wording and structure, and updates reflecting changes in applicable law.
June 28, 2022: Improvements to wording on Privacy Shield Principles and Framework.
February 23, 2024: Updates to Section 6.2 to replace Privacy Shield Principles and Framework with Data Privacy Framework and Principles.
July 8, 2024: Updates to Section 6.2 to improve language to be more specific.
October 3, 2024: Updates to hyperlinks in Section 6.2.