Overview
<TODO: legal copy — Plain-English summary of who ClubMogo is, what this policy covers, and the legal frameworks it operates under (DPDPA 2023 for India, GDPR for EU residents, applicable US state laws).>
Data we collect
<TODO: legal copy — Itemized list of personal data collected across member, staff, and facility-admin roles. Cover: account info (name, email, phone), biometrics if any, payment data via Razorpay, attendance / check-in records, communications (WhatsApp, SMS, in-app), health/fitness data from member-submitted profiles, device + analytics data via Sentry / PostHog.>
How we use data
<TODO: legal copy — Purpose limitation per DPDPA: service delivery, billing, communications, fraud prevention, product analytics, legal compliance. Tie each purpose to a lawful basis.>
Your rights (DPDPA / GDPR)
<TODO: legal copy — Right of access, correction, erasure, portability, withdrawal of consent, grievance redressal. Point members at the in-app /member/privacy Data Controls page for export & deletion. Provide Data Protection Officer contact.>
Children’s privacy
<TODO: legal copy — Minimum age for member accounts; parental consent process for minors enrolled by a facility; DPDPA Section 9 compliance.>
Data retention
<TODO: legal copy — How long each data class is retained. Account data: lifetime of the facility relationship + N years. Payment records: 8 years per Indian tax law. Communications: rolling 24 months. Logs: 90 days.>
Changes to this policy
<TODO: legal copy — How material vs. minor changes are communicated; effective-date rule; opt-out for material changes that expand processing.>
Contact us
Questions about this policy or your data? Email us at hello@clubmogo.com.
<TODO: legal copy — Postal address of registered entity; Data Protection Officer contact for DPDPA grievance redressal.>