Privacy and data handling
This page explains the practical data storage and retention behaviour currently built into GoJoin. It is designed to help members, venues, and staff understand what is collected, where it is stored, and when sensitive records are cleaned up.
When someone joins a venue, GoJoin stores the details needed to process that application: name, date of birth, gender, contact details, residential and postal address, occupation when supplied, membership selection, marketing preferences, and any custom form answers configured by the venue.
If a venue requires ID verification, uploaded document images are stored securely on AWS infrastructure located in Australia. Staff access is permission controlled, view links expire after 15 minutes, ID document views are logged, and uploaded ID documents are deleted after 7 days even if they are not viewed or the application is incomplete.
Card details are handled by Stripe. GoJoin stores Stripe identifiers such as customer, payment method, payment intent, subscription, invoice, and charge IDs so payments, renewals, and receipts can be reconciled.
For Apple Wallet and Google Wallet passes, GoJoin stores pass identifiers, display card details, wallet type, pass update timestamps, and wallet registration details such as Apple device identifiers, push tokens, and Google pass object IDs.
Account and support records can include names, email addresses, roles, venue associations, support messages, replies, session information, IP address, user agent, and security settings such as two-factor status.
Application data is stored in GoJoin's database and linked to the relevant venue.
ID documents, wallet certificates, generated passes, and venue assets are stored securely on AWS infrastructure located in Australia.
Generated pass files are stored separately from the application record and are protected by pass-specific secrets and provider identifiers.
Payment details are processed by Stripe, and GoJoin stores only the provider references needed for reconciliation, renewals, receipts, and support.
Member applications are created with a 30 day expiry. Uploaded ID documents are deleted after 7 days even if the application remains incomplete, pending, or rejected. A daily cleanup job removes expired application records.
After a member is successfully created, application records are retained for 7 days after completion. ID documents are deleted during member creation or by the daily cleanup process, and are not kept longer than 7 days.
Member cards, wallet pass records, payment references, support requests, email logs, audit logs, venue settings, and staff records are retained while needed to operate the service, support venues, reconcile payments, maintain security, and meet business or legal obligations.
Venue logos, pass artwork, email images, and wallet certificate metadata are retained while the venue uses those features. Some images may be publicly accessible where required for email delivery or wallet display.
Venue staff can access member and application records according to their assigned permissions. Sensitive ID document views are restricted to authorised staff and recorded in the staff audit log. Members or venues who need help with access, correction, deletion, or retention questions can contact GoJoin support.
Contact Support