Some services only offer email support, which might not be sufficient when you have a mission-critical question or failure of the program. Along with privacy policies, the company you are dealing with should have clear contact information for the major modes of communication: phone, email, support community forum, and a postal address. Not having most of these published on their site is a red flag that you might have problems getting support down the line.
Do you have plans for a service failing or disappearing? If you are lured by a free service, are you prepared for the day the developer is no longer interested in supporting the programming? Even Google has retired more than 70 of its offerings; many of them after large communities already invest their time and energy in integrating the offering into their daily lives and businesses. This can be the loss of a valuable investment and result in severe damage to your brand, and the relationships you have painstakingly built-up over years.
This is becoming much more important in cloud options, but is still mostly under the purview of API developers and other software programmers. When you are trying to build your community, information on all the activities your members are involved in is important. Does a cloud solution offer historical analysis of event attendees coupled with membership history? Does your payment gateway update access for member-only documents or articles? Does the solution allow you in-depth data analysis across many years for all members? Do event registration and all the content that is related to your conference program integrate seamlessly onto your website?
Does the cloud solution fit with your governance requirements and business rules, or do you have to adapt/change your rules, or double-check frequently for violations. New focus on accountability means auditors are now frequently asking about data storage. In example: is your data password protected, on closed networks, and backed up regularly? Guaranteeing how your data is managed is more difficult if data servers are located around the world in jurisdictions that are not subject to the same laws as your organization.
Making use of the internet for computer and service offerings is the way of the future, but in this wild-west era of offerings, it is important, particularly for non-profits, to carefully consider many factors; not just costs. As non-profit leaders and board members, it is in fact your fiduciary duty to the organisation to ensure the long-term security and viability of operational data.