Privacy Policy
DojoMesh ("DojoMesh," "we," "us," or "our") provides a martial-arts academy management platform. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using the service, you agree to the practices described here.
1. Who This Policy Covers
This policy applies to two categories of people:
- Customers (academy operators). The gym, dojo, or academy that signs up for a DojoMesh tenant subscription. Customers are the data controllers for their members' information.
- Members and end users. Individuals whose information our customers store in DojoMesh — typically the gym's students or trial attendees. We process this information on behalf of our customers.
2. Information We Collect
Account information
When you create a DojoMesh account, we collect your name, email address, phone number, the gym name and chosen subdomain, and a password (stored as a one-way hash — we cannot read it). For paid subscriptions, our payment processors collect your billing details directly; we receive only a subscription identifier and the last four digits of your card from those processors.
Customer Data
Customers upload information about their members and operations into DojoMesh — including names, contact details, attendance records, payment history, billing schedules, communications, and any other content the customer chooses to store. We process this data solely to deliver the service.
Usage and technical data
We automatically collect log information when you access the service: IP address, browser type, pages visited, request timestamps, and error events. This is used for security, debugging, and service improvement.
Communications
If you contact support, we keep a record of the correspondence so we can respond and improve the service.
Cookies and similar technologies
We use first-party session cookies to keep you logged in and to remember preferences. We do not use cookies for cross-site advertising or tracking. You can disable cookies in your browser, but the service may not function properly without them.
3. How We Use Information
- Provide, operate, and maintain the service.
- Process payments and manage subscriptions.
- Send transactional emails (receipts, password resets, billing notifications, security alerts).
- Respond to support requests.
- Detect, prevent, and address fraud, abuse, security incidents, and technical issues.
- Improve the service through aggregated, de-identified analytics.
- Comply with legal obligations.
We do not sell your personal information. We do not use Customer Data to train machine-learning models or for advertising purposes.
4. Sharing With Third Parties
We share information only in these limited circumstances:
- Payment processors. Stripe and PayPal handle subscription billing on our behalf and receive the information necessary to process payments.
- Communication providers. Email and SMS delivery vendors transmit transactional and customer-initiated messages.
- Hosting and infrastructure providers. Data is stored on commercially-reasonable infrastructure providers under confidentiality obligations.
- Legal requests. We may disclose information if required by law, subpoena, court order, or to protect the rights, safety, or property of DojoMesh, our customers, or others.
- Business transfers. If DojoMesh is involved in a merger, acquisition, or asset sale, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.
5. Data Retention
We retain account information for as long as your account is active and for a reasonable period afterwards to comply with legal, accounting, or reporting obligations. When a tenant is deleted, we remove the associated Customer Data from active databases promptly; residual copies in encrypted backups are deleted on the standard backup-rotation cycle.
6. Security
We use commercially reasonable measures to protect your information, including:
- HTTPS/TLS encryption for data in transit.
- One-way password hashing — passwords are never stored in plain text.
- Tenant isolation at the application layer to prevent cross-tenant data access.
- Restricted administrative access on a need-to-know basis.
- Logging and monitoring of administrative actions.
No system is perfectly secure, however. If we become aware of a security incident affecting your information, we will notify affected customers in accordance with applicable law.
7. Your Rights and Choices
Depending on your jurisdiction, you may have rights to:
- Access the personal information we hold about you.
- Request correction of inaccurate information.
- Request deletion of your information (subject to legal retention requirements).
- Object to or restrict certain processing activities.
- Receive a portable copy of your information.
- Withdraw consent where processing is based on consent.
To exercise these rights, email us@dojomesh.com. If you are a member of a customer's academy and want to exercise these rights, please contact your academy directly — they are the data controller for your member record.
8. Children's Privacy
DojoMesh is intended for use by businesses and individuals 18 years of age or older. Customers may, however, store records of minor members of their academy at the customer's discretion and under their own privacy obligations. We do not knowingly collect personal information directly from children under 13 in the United States or under the equivalent age of consent in other jurisdictions.
9. International Data Transfers
DojoMesh operates from and may store data in countries that may not have the same data-protection laws as your country of residence. By using the service, you consent to the transfer of your information to those countries.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. For material changes, we will provide additional notice (e.g. via email or an in-app banner). Continued use of the service after the effective date constitutes acceptance of the revised policy.
11. Contact
Questions, requests, or complaints about this Privacy Policy can be sent to us@dojomesh.com.