Privacy Policy

Last updated: January 2026

1. Introduction

RegCamp ("we", "our", or "us") is committed to protecting the privacy of the individuals and organizations that use our platform. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

2. Data We Collect

We collect the following categories of data:

Account Information

When you create an account, we collect your name, email address, and (if applicable) a hashed password. Google OAuth users do not store a password with us.

Camp Registration Data

Registrations submitted through RegCamp forms may include camper names, dates of birth, medical information, emergency contacts, and other details requested by the camp organization. This data is entered by the registering user and managed by the organization.

Staff Information

Staff profiles may include personal details, certifications, and background check documents. Documents are stored securely on AWS S3.

Children's Data

RegCamp may store information about minors (campers) as part of the registration process. This data is provided by parents or guardians and is subject to the same protections as all other personal data. Camp organizations are responsible for ensuring they have appropriate consent to collect and process children's data.

3. How We Use Your Data

  • To provide and operate the RegCamp platform
  • To authenticate users and maintain account security
  • To send transactional emails (account verification, registration confirmations)
  • To enable camp organizations to manage their programs
  • To improve the platform based on usage patterns

We do not sell your personal data to third parties. We do not use your data for advertising purposes.

4. Third-Party Services

RegCamp uses the following third-party services:

  • Mailgun — for sending transactional emails. Email addresses are transmitted to Mailgun to deliver messages.
  • AWS S3 — for secure storage of uploaded files (e.g., background check documents). Files are stored with server-side encryption.
  • Google OAuth — if you choose to sign in with Google, your Google account email and name are shared with us by Google.
  • Hosting provider — our infrastructure provider may have access to server logs as part of operating the platform.

5. Data Retention

We retain account and registration data for as long as an organization actively uses the platform. Upon termination of an account, data is retained for a reasonable period to allow for export or dispute resolution, after which it is deleted. You may request earlier deletion by contacting us.

6. Your Rights

Depending on your location, you may have rights including:

  • Accessing the personal data we hold about you
  • Requesting correction of inaccurate data
  • Requesting deletion of your personal data
  • Objecting to or restricting processing of your data
  • Receiving a copy of your data in a portable format

To exercise these rights, contact us through the RegCamp website. We will respond within 30 days.

7. Security

We implement technical and organizational measures to protect your data, including encrypted connections (HTTPS), hashed passwords, JWT session management, and server-side encryption for stored files. However, no system is completely secure, and we cannot guarantee absolute security.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice within the platform. Continued use of RegCamp after changes take effect constitutes acceptance of the updated policy.

9. Contact

If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us at info@regcamp.com.