You must not release data to any third party without the explicit consent of the people whose personal data it is, and without a suitable data sharing agreement in place. This includes using an external service in a data processing capacity – such as any service which could potentially expose your data to an external organisation.
If a Society contact wants to send a message or some information to your Members, for example, the safest method is to have them send the message to an Exec and then copy that across to the Message tool within your online Admin Tools to send on to all Members.
If you are emailing a list of people from anywhere other than the Message tool make sure you do not show them all the recipients - use the bcc function so that they only see their own email address.