Summary
Join It takes your security seriously. We take extensive measures to protect your data. Likewise, Join It will never use or share your member's information -- their data is safe.
Going into more detail, check out some other useful insights into our security measures:
Critical Secure third-party vendors we employ:
MongoDB Atlas (Database Hosting): https://www.mongodb.com/collateral/mongo-db-atlas-security
Meteor Galaxy (Web Server Hosting): https://www.meteor.com/galaxy
Stripe for payments: https://stripe.com/docs/security
Data mobility: exporting your membership data:
Join It supports the full export of your Memberships data, in case you choose to leave the platform in the future.
Evidence: Support article that details this feature: http://support.joinit.com/en/articles/1007665-how-do-i-export-my-member-data
Data Ownerships: resetting your membership data:
Join It believes that you fully own your Memberships data, so if you choose to leave the platform then you can completely and permanently delete all of your data from our platform.
This can be found within your account by going to your Organization's Settings tab and clicking the 'Reset Data' button. Once you confirm that you want to delete your data, your account will be wiped clean.
This action will delete all related Members/Memberships, Payment records, and Timeline objects.
Forced HTTPS
All visitors to access the site through HTTPS, so that all data transferred from your browser connection to our servers is encrypted.
Evidence: When visiting Join It, you'll see the 'green lock' encryption
PCI Compliance and Payments / Stripe
Credit Card information is never sent to Join It's servers. Through Stripe's SDK, we send the payment information from the client/browser directly to Stripe and Stripe returns a token to initiate payment.
This reduces the risk concerns around handling sensitive payment information.
Join It is PCI Compliant and was last approved on September 2022
Account Security
Join It offers 2-Factor Authentication (2FA) / Multi-factor Authentication for user accounts on joinit.com
With 2FA, we've added an extra layer of security to user accounts, significantly reducing the risk of unauthorized access. By enabling 2FA, our customers can enjoy peace of mind, knowing that their information and membership data are safeguarded from potential breaches.
Frequently Asked Questions
Where does Join It host its data?
Physically, the data that Join It collects is hosted in the eastern region of the United States. However, Join It goes above and beyond the United States' regulations for data protection, privacy, portability, and a consumer's "right to be forgotten".
Join It complies with the European Union's GDPR and has a majority of its customers based outside the United States.
Join It, Inc ("Join It") complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. You can read about our Data Privacy Framework compliance here: https://joinit.com/data-privacy-framework
Join It has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Join It has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/