Unionpally

Privacy Policy

1. Introduction

This Privacy Policy describes how UnionPally ("we," "our," or "us") collects, uses, and shares your personal information when you use our association management platform and related services (the "Service"). We are committed to protecting your privacy and ensuring the security of your personal information.

2. Information We Collect

2.1 Personal Information

We collect the following types of personal information:

  • Identity Information: Full name, email address, phone number, and mailing address
  • Membership Information: Association membership details, member ID, membership status, and roles
  • Financial Information: Payment details for dues, levies, fines, and other association related financial transactions (we do not collect or store credit card numbers)
  • Communication Preferences: Email and SMS notification settings and communication history
  • Meeting Information: Meeting attendance records, voting history, and participation data
  • Asset Information: Details about member assets and related transactions when applicable

2.2 Technical Information

We automatically collect certain technical information:

  • Usage Data: Information about how you interact with our Service, including page views, features used, and time spent
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Log Data: Server logs, error reports, and system performance data
  • Cookies: Essential cookies for authentication and session management

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Service Provision

  • Member Management: Maintaining accurate membership records and managing association operations
  • Financial Recording: Recording payments for dues, levies, expenses, and other financial obligations
  • Communication: Sending important notifications, meeting reminders, and association updates
  • Meeting Management: Organizing meetings, tracking attendance, and managing voting processes

3.2 Legal and Administrative

  • Compliance: Meeting legal obligations for financial record-keeping and association governance
  • Security: Protecting against fraud, unauthorized access, and ensuring platform security
  • Dispute Resolution: Resolving conflicts and handling member misconduct issues
  • Record Keeping: Maintaining historical records as required by association bylaws and applicable laws

3.3 Service Improvement

  • Analytics: Understanding user behavior to improve our Service functionality
  • Support: Providing technical support and responding to user inquiries
  • Development: Enhancing features and developing new capabilities

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contract Performance: Processing necessary for membership agreements and service provision
  • Legitimate Interests: Association management, security, and operational efficiency
  • Consent: Marketing communications and optional features (you can withdraw consent at any time)
  • Legal Obligations: Compliance with financial regulations and association governance requirements

5. Information Sharing and Disclosure

5.1 Third-Party Service Providers

We may share your information with trusted third-party providers who assist us in operating our Service:

  • Communication Services: Email and SMS service providers for notifications
  • Cloud Hosting: Secure cloud infrastructure providers for data storage and processing
  • Analytics Providers: For service improvement and usage analysis

5.2 Legal Requirements

We may disclose your information when required by law, including:

  • Court orders, subpoenas, or legal process
  • Protection of our rights, property, or safety
  • Investigation of fraud or security incidents
  • Compliance with regulatory requirements

5.3 Association Governance

Within your association, certain information may be shared with:

  • Executive Committee Members: For association management purposes
  • Financial Officers: For financial oversight and reporting
  • Meeting Secretaries: For meeting minutes and attendance records

6. Data Security

We implement comprehensive security measures to protect your personal information:

6.1 Technical Safeguards

  • Encryption: Data encryption in transit and at rest using industry-standard protocols
  • Access Controls: Role-based access restrictions and multi-factor authentication
  • Network Security: Firewalls, intrusion detection, and secure network architectures
  • Regular Updates: Security patches and system updates to address vulnerabilities

6.2 Organizational Measures

  • Staff Training: Regular security awareness training for all personnel
  • Incident Response: Established procedures for security incident detection and response
  • Regular Audits: Periodic security assessments and compliance reviews
  • Data Minimization: Collecting and retaining only necessary information

7. Data Retention

7.1 Retention Periods

We retain your personal information for the following periods:

  • Active Members: Throughout membership duration and for 7 years after termination
  • Financial Records: Minimum 7 years as required by financial regulations
  • Meeting Records: Permanently for governance and historical purposes
  • Communication Logs: 3 years for dispute resolution and support purposes
  • Technical Logs: 1 year for security and system performance analysis

7.2 Deletion Procedures

When retention periods expire, we securely delete or anonymize your information using industry-standard data destruction methods.

8. Your Rights

8.1 Access and Control

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal and operational requirements)
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Restriction: Request limitation of processing in certain circumstances

8.2 Exercising Your Rights

To exercise these rights, please contact us using the information in Section 11. We will respond to your request within 30 days and may require identity verification.

9. Cookies and Tracking

9.1 Essential Cookies

We use essential cookies for:

  • Authentication: Maintaining secure user sessions
  • Security: Preventing cross-site request forgery and other attacks
  • Functionality: Remembering user preferences and settings

9.2 Analytics

We may use analytics cookies to understand Service usage and improve functionality. You can manage cookie preferences through your browser settings.

10. International Data Transfers

If you access our Service from outside the country where our servers are located, your information may be transferred internationally. We ensure appropriate safeguards are in place for such transfers, including:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws
  • Standard Contractual Clauses: EU-approved contractual protections for international transfers
  • Encryption: Additional security measures during data transmission

11. Contact Information

11.1 Privacy Inquiries & Suggestions

For questions and suggestions about this Privacy Policy or your personal information:

Email: privacy@unionpally.com

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

  • Notification: Notify you of material changes via email or platform notification
  • Effective Date: Update the effective date at the top of this policy
  • Continued Use: Your continued use of the Service after changes constitutes acceptance of the updated policy

13. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information promptly.

14. Complaints and Regulatory Bodies

If you have concerns about how we handle your personal information, you may:

  1. Contact Us: Use the contact information in Section 11 to raise your concerns
  2. Regulatory Authority: File a complaint with your local data protection authority
  3. Supervisory Body: Contact the relevant supervisory body in your jurisdiction

This Privacy Policy is designed to comply with applicable data protection laws and other relevant privacy regulations. Please consult with legal counsel to ensure compliance with local requirements.