Privacy Policy

Last Updated: June 6, 2025

← Back to Home

1. Introduction

Clubly ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our educational platform designed for student clubs and teacher advisors.

2. Information We Collect

2.1 Account Information

  • Personal Details: Name, email address, and profile information provided during registration
  • Authentication Data: Managed securely through Clerk (SOC 2 Type II compliant)
  • Educational Information: School affiliation, teacher credentials, room numbers, and availability preferences
  • Contact Information: Email addresses for communication and notifications

2.2 Club and Activity Data

  • Club Information: Names, descriptions, mission statements, and organizational details
  • Membership Data: Member lists, roles, and participation records
  • Meeting Records: Schedules, attendance, notes, and summaries
  • Content Creation: AI-generated presentations, emails, roadmaps, and other educational materials
  • Communication Logs: Messages between students and teachers, advisor requests, and meeting bookings

2.3 Usage Information

  • Platform Activity: Features used, time spent, and interaction patterns
  • AI Content: Presentations, emails, and roadmaps generated through our AI tools
  • Scheduling Data: Meeting bookings, availability preferences, and calendar integration
  • Performance Metrics: Platform usage statistics and feature adoption rates

2.4 Technical Information

  • Device Data: IP address, browser type, operating system, and device identifiers
  • Log Data: Server logs, error reports, and performance monitoring data
  • Cookies and Tracking: Essential cookies for platform functionality (no third-party advertising cookies)

3. How We Use Your Information

3.1 Core Platform Services

  • Provide and maintain the Clubly educational platform
  • Enable club management and organization features
  • Facilitate teacher-student advisor relationships and communication
  • Generate AI-powered educational content (presentations, emails, roadmaps)
  • Schedule and manage meetings, events, and club activities

3.2 Communication and Support

  • Send important updates about your clubs and activities
  • Notify you of meeting requests, advisor approvals, and platform updates
  • Provide technical support and customer service
  • Send educational content, tips, and platform improvements

3.3 Platform Improvement

  • Analyze usage patterns to enhance our services
  • Develop new features based on user needs and feedback
  • Ensure platform security and prevent abuse or misuse
  • Conduct research to improve educational outcomes and user experience

4. Data Security and Protection

4.1 Security Measures

  • Encryption: End-to-end encryption for all data transmission using industry-standard protocols
  • Authentication: Secure authentication via Clerk with multi-factor authentication support
  • Database Security: Enterprise-grade encryption at rest using Supabase
  • Access Controls: Role-based permissions and strict access controls
  • Regular Audits: Ongoing security assessments and penetration testing

4.2 Data Retention

  • Account Data: Retained while your account is active and for 30 days after closure
  • Club Data: Retained for 7 years after club closure for educational record purposes
  • Meeting Records: Retained for 3 years for administrative and educational purposes
  • AI-Generated Content: Retained for 2 years or until manually deleted by users
  • Logs and Analytics: Retained for 1 year for security and performance monitoring

4.3 Data Sharing and Disclosure

  • No Sale of Data: We never sell your personal information to third parties
  • Consent-Based Sharing: Data is only shared with your explicit consent
  • Anonymous Analytics: Aggregated, anonymized data may be used for research and platform improvement
  • Legal Compliance: Data may be disclosed when required by law or to protect our rights
  • Service Providers: Limited sharing with trusted partners (Clerk, Supabase, Groq) under strict data protection agreements

5. Your Rights and Choices

5.1 Access and Control

  • Data Access: View and download all your data at any time through your account settings
  • Data Correction: Update or correct your personal information
  • Account Deletion: Delete your account and associated data (with 30-day recovery period)
  • Communication Preferences: Opt out of non-essential communications
  • Privacy Settings: Control visibility of your club activities and information

5.2 Data Portability

  • Export Capabilities: Download your club data in standard formats (JSON, CSV)
  • Content Transfer: Export AI-generated content you've created
  • Meeting Records: Access and download meeting attendance and notes
  • Communication History: Retrieve message logs and advisor communications

5.3 Privacy Controls

  • Club Visibility: Control who can see your club information and activities
  • Advisor Requests: Manage who can request you as an advisor
  • Meeting Availability: Set and control your meeting availability preferences
  • AI Content Settings: Control AI content generation and storage preferences

6. Third-Party Services

6.1 Authentication (Clerk)

  • Purpose: Handles user authentication and account management
  • Compliance: SOC 2 Type II compliant with strict security standards
  • Data Access: Does not have access to your club content or activities
  • Privacy Policy: Available at clerk.com/privacy

6.2 Database Services (Supabase)

  • Purpose: Stores your data securely with enterprise-grade encryption
  • Compliance: GDPR compliant with data residency options
  • Security: Regular security audits and 24/7 monitoring
  • Privacy Policy: Available at supabase.com/privacy

6.3 AI Services (Groq)

  • Purpose: Processes content to generate presentations, emails, and roadmaps
  • Data Handling: Does not store your content after processing
  • Usage: Uses your data only for the specific AI generation you request
  • Privacy Policy: Available at groq.com/privacy

7. Children's Privacy (COPPA Compliance)

7.1 Age Restrictions

  • Under 13: We do not knowingly collect personal information from children under 13
  • Immediate Deletion: If we discover data from a child under 13, we will delete it immediately
  • Parental Rights: Parents can contact us to review, update, or delete their child's information
  • Consent Requirements: We require parental consent for users under 18 in certain jurisdictions

7.2 Educational Use

  • Institutional Oversight: Platform is designed for educational institutions and student organizations
  • Teacher Monitoring: Teachers and administrators can monitor appropriate student activity
  • School Partnerships: We work with schools to ensure appropriate data handling
  • FERPA Compliance: Educational records are protected under FERPA guidelines where applicable

8. International Data Transfers

  • Primary Storage: Data is primarily stored in the United States
  • International Users: Additional safeguards are in place for international data transfers
  • Adequacy Decisions: We rely on adequacy decisions and standard contractual clauses
  • User Rights: International users maintain the same privacy rights and protections

9. Cookies and Tracking Technologies

9.1 Essential Cookies

  • Authentication: Required for user login and session management
  • Functionality: Necessary for platform features and user preferences
  • Security: Used for fraud prevention and security monitoring

9.2 No Advertising Cookies

  • No Third-Party Tracking: We do not use advertising or marketing cookies
  • No Behavioral Tracking: We do not track users across other websites
  • Privacy-First: Our cookie usage is minimal and focused on platform functionality

10. Contact Information

10.1 Privacy Inquiries

  • Email: clublyteam@gmail.com
  • Response Time: We respond to all privacy inquiries within 48 hours
  • Data Requests: Use the same email for data access, correction, or deletion requests

10.2 Data Protection Officer

  • Contact: clublyteam@gmail.com
  • Purpose: For complex privacy questions or concerns
  • Availability: Business hours, Monday-Friday

11. Policy Updates

11.1 Notification Methods

  • Website Posting: Updated policy posted on our website
  • Email Notification: Direct email to all users for material changes
  • Platform Notice: In-app notification for significant updates
  • Effective Date: Changes become effective 30 days after notification

11.2 Your Continued Use

  • Acceptance: Continued use of the platform after changes constitutes acceptance
  • Objection Rights: You may object to changes by contacting us or deleting your account
  • Version History: Previous versions of this policy are available upon request

This Privacy Policy is effective as of June 2025 and will remain in effect except with respect to any changes in its provisions in the future.

If you have any questions about this Privacy Policy, please contact us at clublyteam@gmail.com