GDPR & Communications Compliance

How ClubPilot helps you communicate with members responsibly.

Who’s responsible for what?

  Role What it means
Your club Data controller You decide what to send, who to send it to, and why. You’re legally responsible for how member data is used.
ClubPilot Data processor We provide the tools and store the data on your behalf. We follow your instructions and help you stay compliant.

What ClubPilot does for you

  • Consent capture at registration — Members tick opt-in at signup. That preference is stored immediately.
  • Per-channel opt-in controls — Email consent is tracked separately from future SMS or WhatsApp channels.
  • Immutable audit log — Every consent change is timestamped and stored permanently — your evidence if challenged.
  • One-click unsubscribe — Every bulk email includes a link that unsubscribes instantly with no login needed. Email clients like Gmail can also trigger this automatically.
  • Hard-bounce suppression — If a member’s email address is invalid, we stop sending to it automatically. This protects deliverability for you and across the platform.
  • Admin visibility — You can see each member’s consent status and full history in their profile.

What’s still your responsibility

  • The content of what you send — ClubPilot doesn’t review or approve messages.
  • Keeping member data accurate and up to date.
  • Responding to data subject requests (access, erasure, portability) within the statutory timeframe.
  • Maintaining your own privacy policy that covers your use of member data.
  • Ensuring any consent you collected outside ClubPilot (e.g. paper forms) meets the required standard.

Marketing vs service emails

Not every email to a member is “marketing.” UK law treats them differently.

Marketing — needs opt-in

  • Newsletters and club updates
  • Event invitations and announcements
  • Promotional offers
  • Bulk emails to lists of members

Service emails — no opt-in needed

  • Renewal reminders and membership confirmations
  • Invoices and payment receipts
  • Booking confirmations and cancellations
  • 1:1 admin emails about a member’s account

ClubPilot enforces opt-in for marketing emails automatically. Service emails (booking confirmations, renewal reminders, etc.) are always sent regardless of consent status.

Further reading

ClubPilot provides tools, not legal advice. For authoritative guidance:

Need help?

If you have questions about compliance or data handling, contact us at [email protected].