Security

The Club Schedule Security

Your Club’s Data Security is Our Priority

The Club Schedule is built on enterprise-grade security standards to protect your members’ information and ensure your club’s data remains private and secure.

Data Protection

Bank-Level Encryption

We protect your data using the same security standards trusted by financial institutions:

  • All data transmitted between your browser and our servers is encrypted using industry-standard TLS/SSL protocols
  • Your passwords are protected using PBKDF2 encryption, the same technology used by major tech companies
  • Member information is stored in secure, monitored databases with restricted access

PCI DSS Compliant Payment Processing

Your billing information is handled by Stripe, a certified PCI DSS Level 1 Service Provider — the highest security certification in the payments industry. We never see or store your credit card information.

Privacy First

Minimal Data Collection

We only collect information necessary to provide scheduling services to your club:

  • Member names and contact information
  • Role assignment history and availability
  • Club meeting schedules

Automatic Data Deletion

When a club cancels their subscription:

  • Members receive 15 days to export their data
  • All club data is automatically deleted after 30 days
  • Financial records are retained only as required by law (7 years for tax compliance)

No Data Selling

We will never sell, rent, or share your club’s data with third parties for marketing purposes. Your information belongs to your club.

Access Control

Role-Based Permissions

Not everyone needs access to everything. Our system enforces strict permission controls:

  • Club officers (President, VP Education, Secretary) have administrative access
  • Regular members can only view and respond to their own assignments
  • Multi-club members maintain separate, secure access to each club

Session Security

Every login session is monitored and protected:

  • Automatic timeout after periods of inactivity
  • Session validation on every page to prevent unauthorized access
  • Secure password reset process with time-limited tokens

Compliance

GDPR & CCPA Ready

We respect your rights under data protection laws:

  • Right to access your data
  • Right to data portability (export your information)
  • Right to deletion (30-day automatic deletion policy)
  • Clear consent for email communications

Audit Trail

All sensitive actions are logged for security and accountability:

  • Member additions and deletions
  • Schedule changes and publications
  • Payment and subscription events
  • Data export requests

Infrastructure Security

Monitored & Maintained

Our infrastructure is continuously monitored to ensure reliability and security:

  • Real-time system health monitoring
  • Automated security updates
  • Daily encrypted backups
  • 24/7 uptime monitoring

Secure Development Practices

Security is built into our development process:

  • Regular security updates and patches
  • Code reviews focused on security
  • CSRF and SQL injection protection
  • Input validation on all forms

Transparency

Incident Response

In the unlikely event of a security incident:

  • Affected clubs will be notified within 72 hours
  • We will provide clear information about the incident
  • We will explain steps taken to resolve the issue

Questions About Security?

We’re committed to transparency about our security practices. If you have questions or concerns, contact our security team at security@theclubschedule.com

Ready to Schedule Securely?

Join other Toastmasters clubs who trust The Club Schedule to protect their data while simplifying their meeting management.

Join Now!