Last updated: March 11, 2026

Privacy Policy

We are committed to protecting the privacy of all individuals who interact with our platform. Learn how we collect, use, store, and protect your personal information.

ClubAdmin ("we," "us," or "our") is committed to protecting the privacy of all individuals who interact with our platform. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you use the ClubAdmin platform, including the website, dashboard, public registration forms, booking pages, and member applications (collectively, the "Service").

ClubAdmin operates as a multi-tenant SaaS platform. This means that multiple organizations ("Tenants") use our platform to manage their operations. We act as a data processor on behalf of Tenants (who are the data controllers) for member data. For data related to Tenant accounts themselves, we act as the data controller.

2.1 Tenant Account Information

When an organization registers as a Tenant, we collect:

  • Contact person’s name, email address, and phone number
  • Organization name, address, and type
  • Login credentials (email and encrypted password)
  • Business logo and branding details
  • Subscription plan and billing information

2.2 Staff User Information

When a Tenant creates staff accounts, we collect:

  • Name, email, and phone number
  • Role and assigned privileges
  • Login credentials (email and encrypted password)

2.3 Member Information

When Tenants add members or when members register through public forms, the following data may be collected:

  • Full name, phone number, email address, and physical address
  • Subscription and payment details (plan, dates, amounts, payment mode)
  • Attendance records (check-in/out timestamps, duration)
  • Payment attachments and receipts
  • Class enrollments and booking history

2.4 Child Member Information

For child members (minors), additional data may be collected by the Tenant:

  • Child’s full name, date of birth, grade, and gender
  • Blood group
  • Photograph of the child
  • Father’s and mother’s names and phone numbers

This data is collected and managed by the Tenant, who is responsible for obtaining verifiable parental consent before entering such information.

2.5 Public Registration Information

When a visitor submits a public registration form, we collect:

  • Name, phone number, email address, and address
  • Child member details (if applicable)
  • Preferred batch, timing, and notes

2.6 Contact Form Information

When you submit our contact form, we collect your name, email, phone number, club name, club type, and message.

2.7 Automatically Collected Information

  • Browser type, device information, and operating system
  • IP address and approximate location
  • Pages visited and features used
  • Geolocation data (for attendance check-in, only when explicitly permitted by the user)

We use the information collected for the following purposes:

3.1 Providing and Operating the Service

  • Managing Tenant accounts, subscriptions, and billing
  • Enabling member management, invoicing, and payment tracking
  • Processing public registrations and facility bookings
  • Generating PDF invoices and reports
  • Facilitating class management and attendance tracking

3.2 Communications

  • Sending invoices, payment receipts, and subscription notifications to Members via WhatsApp or email (as configured by the Tenant)
  • Sending automated reminders for subscription expiry, payment due dates, and overdue payments
  • Sending registration confirmation messages
  • Sending service-related emails to Tenant Admins (account updates, billing reminders)

3.3 Security and Fraud Prevention

  • Authenticating users and protecting against unauthorized access
  • Monitoring for suspicious activity and abuse
  • Rate limiting public endpoints to prevent abuse

3.4 Analytics and Improvement

  • Understanding how the Service is used to improve features and performance
  • Generating aggregated, anonymized statistics for internal use

ClubAdmin enables Tenants to send WhatsApp messages to their Members. Key privacy details:

Messages are sent from the Tenant's own WhatsApp number, not from ClubAdmin's number. ClubAdmin does not control or have access to Tenant WhatsApp conversations outside of the platform.
  • We store message logs including the recipient phone number, message type, delivery status, and timestamps for troubleshooting and audit purposes.
  • We do not store the full content of WhatsApp messages after delivery.
  • Tenants are responsible for obtaining consent from Members to receive WhatsApp messages.
  • Members who wish to stop receiving WhatsApp messages should contact the relevant Tenant directly.

If a Tenant enables the face recognition feature:

Explicit parental consent required: This feature requires explicit parental consent, which the Tenant is responsible for obtaining before processing any child photographs.
  • Child member photographs are processed by a secure external face recognition API for identification purposes.
  • Data sent includes the member ID, tenant code, product code, class ID, and image URL.
  • Face recognition data is processed for the sole purpose of member identification at the Tenant’s facility.

We do not sell, rent, or trade personal information to third parties. We may share data in the following limited circumstances:

  • With Tenants: Member data is accessible to the Tenant that manages the member's account (and their authorized Staff users).
  • Service Providers: We use trusted third-party services for email delivery (Gmail SMTP via Nodemailer), file uploads, and face recognition processing. These providers process data on our behalf and are bound by confidentiality obligations.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, personal information may be transferred to the successor entity.

  • Data is stored in MongoDB databases with appropriate access controls.
  • All data is isolated per Tenant using tenant-specific identifiers, ensuring no cross-tenant data access.
  • Passwords are hashed using bcrypt and are never stored in plain text.
  • Authentication is managed using secure JWT tokens.
  • The platform uses HTTPS for all data transmission.
  • We implement role-based access control to limit data access to authorized personnel only.

While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

  • Active Accounts: We retain Tenant Data for as long as the Tenant account is active.
  • Terminated Accounts: After account termination, data is retained for 30 days to allow for data export requests. After this period, data may be permanently deleted.
  • WhatsApp Message Logs: Message logs are retained for up to 12 months for troubleshooting and audit purposes.
  • Contact Form Submissions: Retained for as long as needed to respond to the inquiry.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete data.
  • Right to Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Right to Withdraw Consent: Withdraw consent for data processing where consent was the basis for processing.
  • Right to Data Portability: Request your data in a structured, machine-readable format.
  • Right to Grievance Redressal: File a complaint with the relevant data protection authority if you believe your rights have been violated.

For Members: If you are a member of a gym, club, or academy that uses ClubAdmin, please contact your Tenant (the organization) directly to exercise your data rights. Since the Tenant is the data controller, they manage your data and are responsible for honoring your requests.

For Tenants: Contact us directly at the email below to exercise your rights regarding your account data.

ClubAdmin uses browser local storage (not traditional cookies) to:

  • Store authentication tokens for maintaining your login session.
  • Store Tenant and Product context for multi-tenant navigation.
  • Store theme preference (light/dark mode).

This data is stored locally on your device, is not shared with third parties, and can be cleared by logging out or clearing your browser data.

The Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information to them.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the Service. When we make material changes, we will update the "Last updated" date at the top of this page and notify Tenant Admins via email or an in-app notification. We encourage you to review this Privacy Policy periodically.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: contact@clubadmin.domainrental.in

Phone: +91 9606681999

Website: clubadmin.domainrental.in