Back to MOTION RUN CLUB
§ Legal · Privacy

Privacy Policy

Effective 20 May 2026

MOTION RUN CLUB is a Leicestershire community running club. We take member privacy seriously and only collect the information we need to run safe, well-organised club runs. This policy explains what we collect, why, and the rights you have under UK GDPR.

§ 01

Information we collect

When you join MOTION RUN CLUB or complete our online forms, we collect:

  • Your name, email address and mobile number
  • Emergency contact name and number
  • Health acknowledgements and notes you choose to share (medical conditions, allergies, accessibility)
  • Waiver acceptance with timestamp and policy version
  • Run reservation, attendance and check-in records
  • Optional Strava activity data — only when YOU explicitly connect your Strava account inside the member dashboard
  • Diagnostic information from your browser (basic analytics, no third-party advertising trackers)
§ 02

How we use it

  • To register you as a member and verify your waiver
  • To run reservations and check-ins for individual runs
  • To send confirmation, 24-hour reminder and event-related emails (transactional)
  • To respond to medical or emergency situations during runs
  • To display approved, privacy-safe member activity on the public "Live from the Club" feed (first name only, no GPS, no notes — and only if you have opted in via your dashboard)
  • To improve the club experience based on attendance trends
§ 03

Marketing communications

We do not send unsolicited marketing emails. Members may receive occasional updates about new club initiatives. You can opt out at any time by replying to any email or by emailing us at the address below.

§ 04

Cookies & analytics

MOTION RUN CLUB uses strictly necessary cookies (member session, CSRF protection) and lightweight first-party analytics. We do not run third-party advertising trackers, retargeting pixels or data broker scripts.

§ 05

Strava integration

Strava integration is opt-in and lives inside the logged-in member dashboard. Access tokens are encrypted at rest. When you disconnect Strava from your dashboard, your stored tokens and synced activities are wiped immediately and a deauthorisation request is sent to Strava on your behalf. Public feed display can be toggled off without disconnecting your account.

§ 06

Data retention

  • Member profile + waiver: kept while you are an active member, plus 12 months after your last attendance for insurance / safeguarding records
  • Run attendance + check-in history: retained for the lifetime of your membership, then anonymised
  • Email logs (transactional): retained for 90 days
  • Strava data: removed immediately when you disconnect or close your account
§ 07

Data security

Member data is stored on UK / EU-based managed databases with encryption at rest and TLS in transit. Access is restricted to the founder and named volunteer admins. Strava tokens are encrypted with Fernet using a server-managed key never exposed to any frontend.

§ 08

UK GDPR — your rights

Under the UK GDPR you have the right to:

  • Request a copy of the personal data we hold about you
  • Correct any inaccurate information
  • Request deletion of your data ("right to be forgotten")
  • Restrict or object to specific uses
  • Withdraw consent (e.g. by unchecking the Strava share toggle, or by closing your member account)
  • Lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk
§ 09

Children

MOTION RUN CLUB is intended for adults aged 18 and over. Under-18s may attend only when accompanied by a parent or legal guardian who accepts the waiver and these terms on their behalf.

§ 10

Contact

Questions, requests or complaints — email hello@motionrunclub.co.uk and we'll respond within 30 days as required by UK GDPR.

© 2026 MOTION RUN CLUB

Made with Emergent