Legals & Compliance

Privacy Policy

Our policy details how we handle your data with transparency, security, and respect for your congregation's privacy.

Effective Date April 14, 2026

01. Introduction

Welcome to ChurchFlow ("we," "our," or "us"). We recognize that the privacy of your organization and its members is of paramount importance. Our mission is to provide powerful management tools while maintaining the highest standards of data integrity.

This Privacy Policy serves as a transparent roadmap of how we collect, process, and safeguard the information ecosystem within our church management platform. By using ChurchFlow, you entrust us with significant data, and we take that responsibility with the utmost seriousness.

02. Information We Collect

📝 Hand-Provided Information

Identity

Full legal names, verified email addresses, residential addresses, and encrypted authentication credentials.

Organization

Church demographics, leadership hierarchies, physical locations, and official contact channels.

Congregation

Family units, historical milestones (birthdays/anniversaries), and internal ministry involvement records.

Financials

Transaction tokens for tithes, offerings, and donations processed via PCI-certified gateway partners.

03. Usage Protocols

Platform Operations

Processing administrative tasks, managing global subscriptions, and maintaining the core functionality of your church management suite.

Security & Stability

Detecting fraudulent access attempts, conducting system-wide security audits, and responding to technical threats in real-time.

Optimization

Using anonymized analytics to identify feature friction points and engineering solutions to improve the user experience for all congregations.

Compliance

Meeting legal reporting requirements and enforcing our terms of service to maintain a safe ecosystem for our community.

04. Sharing & Disclosure

Zero-Sale Policy

Your data is not for sale.

We do not sell your personal or congregational information to third-party marketers or data brokers. Information is only shared with essential service providers (payment processors, cloud hosts), authorized organization leaders, or when legally compelled by court orders or governmental authority.

05. Security Protocols

Encryption

Industry-standard AES-256 encryption for all sensitive databases.

TLS 1.3

Every packet transferred is secured via advanced cryptographic protocols.

Auditing

Full audit logs of all administrative and data-access activities.

06. Digital Rights

Access
Correction
Deletion
Portability

07. Protect Children

"We strictly adhere to COPPA guidelines and do not knowingly collect information from individuals under the age of 13 without verifiable parental/guardian consent via church leadership."

08. Global Borders

While our platform serves a global audience, your data may be processed in countries outside your residence. We ensure that such transfers comply with standard contractual clauses and local privacy regulations.

09. Policy Updates

This policy is a living document. We reserve the right to modify these terms as platform capabilities expand. Significant updates will always trigger a platform-wide notification prior to enforcement.