Privacy Policy

RecreationHQ ("we," "us") provides recreation management software to parks and recreation organizations ("agencies"). This policy explains what we collect and how we handle it.

Information we collect

• Account data from agency staff (name, work email, role).
• Resident and participant data that agencies enter or collect through the platform (registrations, rosters, balances), processed on the agency's behalf.
• Payment data, processed by our payment processor (Stripe); we do not store full card numbers.
• Usage data (log, device, and analytics information) to operate and improve the service.

How we use information

To provide and secure the service, process payments, provide support, and meet legal obligations. We do not sell personal information.

Security and data residency

Data is encrypted in transit and at rest, with separate infrastructure and a dedicated encryption key per agency, aligned to StateRAMP Moderate requirements. Data is hosted on AWS and replicated to a second region for disaster recovery.

Subprocessors

We use vetted subprocessors, including Amazon Web Services (hosting) and Stripe (payments). A current list is available on request.

Retention

We retain data for as long as an agency's account is active and as required by law, then delete or anonymize it.

Your rights

Depending on your jurisdiction (including CCPA/CPRA and GDPR), you may have rights to access, correct, delete, or port your data. Residents should contact their agency; agency staff may contact us directly.

Children's data

Programs may involve minors. We process such data only on behalf of agencies under their instructions and applicable law.

Contact

Questions: privacy@recreationhq.net.