Legal

Privacy Policy

Last updated: March 2026

1. Who We Are

LodgeLink is a software platform designed to help Masonic lodges manage their festive board dinners — including event creation, member invitations, menu choices, table planning and payment collection.

The platform is operated by LodgeLink. Our registered address is:

LodgeLink
Stobart Building, Unit 1
Carr Lane, Low Moor
Bradford, BD12 0QU
United Kingdom

If you have any questions about this Privacy Policy or how we handle your data, please contact us at hello@lodgelink.co.uk.

LodgeLink is an independent platform and is not affiliated with or endorsed by the United Grand Lodge of England.

2. What Data We Collect

We collect the following categories of personal data when you use LodgeLink:

  • Account data — your name, email address and encrypted password, created when you register.
  • Profile data — optional information you choose to add, including a profile photo, profession, dietary requirements and whether you hold or have held the office of Worshipful Master (Past Master status).
  • Lodge data — the name of your lodge and your role within it (Member, Organiser, or Master).
  • Event data — RSVPs, menu choices, guest names, seating assignments and attendance records relating to events you are associated with.
  • Payment data — ticket quantities, amounts paid and payment method. Card details are never stored by LodgeLink; all card payments are processed directly by Stripe, who hold payment data under their own privacy policy.
  • Technical data — IP address, browser type and version, device type, and pages visited, collected automatically when you use the platform.

3. How We Use Your Data

We use your personal data to:

  • Provide and operate the LodgeLink platform, including creating and managing your account.
  • Process event registrations, menu selections and seating arrangements.
  • Facilitate payments between members and their lodge via Stripe.
  • Send transactional notifications including event invitations, payment confirmations, table plan updates and reminders.
  • Respond to enquiries sent via the contact form or by email.
  • Monitor and improve the platform, diagnose technical issues and ensure security.

We do not use your data for advertising purposes and we do not send unsolicited marketing emails.

4. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

  • Contract — processing is necessary to provide the LodgeLink service you have signed up for, including account management and event participation.
  • Legitimate interests — we process technical data to maintain platform security and improve the service, where this does not override your rights.
  • Legal obligation — we may retain certain records where required to do so by law.
  • Consent — where we ask for your consent (for example, for optional profile information such as dietary requirements), you may withdraw it at any time.

5. Who We Share Data With

We share your data only with the following third-party service providers, strictly for the purpose of operating LodgeLink:

  • Supabase — our database and authentication provider. Your account data, profile data, lodge data and event data are stored on Supabase infrastructure hosted in the EU.
  • Stripe — our payment processor. Stripe handles all card payment data directly and is PCI DSS compliant. We receive only transaction confirmations and amounts.
  • Resend — our transactional email provider. Resend is used to send event invitations, payment confirmations and other notifications.
  • Vercel — our hosting and deployment platform. Application code runs on Vercel infrastructure.

We never sell your personal data to third parties. We do not share your data with any other organisations except where required by law.

6. Dietary Requirements and Sensitive Data

Dietary requirements you provide may constitute special category data under UK GDPR, as they can indicate health conditions or religious beliefs.

This information is treated with the highest level of care. Your dietary requirements are:

  • Shared only with the lodge organiser and, where applicable, the hall administrator for the specific event you are attending.
  • Used solely for the purpose of ensuring appropriate catering arrangements are made.
  • Not shared with any other members, third parties or used for any other purpose.

You may update or remove your dietary requirements from your profile at any time.

7. Data Retention

We retain your personal data for as long as your account is active on LodgeLink.

If you request deletion of your account, we will permanently delete your personal data within 30 days of receiving your request, except where we are required to retain certain records by law (for example, financial transaction records).

To request account deletion, please contact us at hello@lodgelink.co.uk.

8. Your Rights

Under UK GDPR you have the following rights in relation to your personal data:

  • Right of access — you may request a copy of the personal data we hold about you.
  • Right to correction — you may ask us to correct inaccurate or incomplete data.
  • Right to deletion — you may ask us to delete your personal data, subject to any legal obligations we have to retain it.
  • Right to object — you may object to processing carried out on the basis of legitimate interests.
  • Right to data portability — you may request a copy of your data in a structured, machine-readable format.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at hello@lodgelink.co.uk. We will respond within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

9. Cookies

LodgeLink uses essential cookies only — those strictly necessary for the platform to function. We do not use advertising, tracking or analytics cookies.

For full details of the cookies we use, please see our Cookie Policy.

10. Security

We take the security of your personal data seriously. The measures we have in place include:

  • All data transmitted between your browser and LodgeLink is encrypted using HTTPS (TLS).
  • Passwords are encrypted using industry-standard hashing and are never stored in plain text.
  • All card payment data is handled directly by Stripe, who are PCI DSS Level 1 certified. LodgeLink never stores card numbers, CVV codes or full card details.
  • Access to production systems is restricted to authorised personnel only.

Despite these measures, no system can be completely secure. If you believe your account has been compromised, please contact us immediately at hello@lodgelink.co.uk.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Where changes are material, we will notify you by email to the address associated with your account before the changes take effect.

The date at the top of this page indicates when this policy was last updated. We encourage you to review it periodically.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise any of your rights, please contact us:

LodgeLink
Stobart Building, Unit 1
Carr Lane, Low Moor
Bradford, BD12 0QU
hello@lodgelink.co.uk

← HomeTerms & ConditionsCookie PolicyContact