Privacy Policy

Last updated: February 26, 2026

1. Information We Collect

Account Information: Name, email address, and password (or Google account identifier) when you create an account.

Profile Information: Phone number, birthday, bio, LinkedIn URL, profile photo, and name pronunciation audio that you choose to provide.

Church Membership: Which churches you belong to, your role, ministry tags, family group associations, and contact visibility preferences.

Activity Data: Prayer requests, event RSVPs, connections, and feature suggestions you create within the platform.

Technical Data: IP address and user agent for security logging and audit purposes only.

2. How We Use Your Information

We use your information to: operate and maintain the directory service; display your profile to members of your church directories (according to your visibility settings); send email notifications you've opted into; provide customer support; detect and prevent abuse.

We do not use your information for advertising, sell your data to third parties, or track you across other websites.

3. Who Can See Your Information

Church Members: Only active members of your church directory can see your profile. You control which contact details are visible per church through your contact visibility settings.

Church Admins: Church administrators can see all member profiles within their church for management purposes.

Platform Administrators: Platform administrators may access account data for support and security purposes. All admin access is logged in an audit trail.

Public: No profile information is publicly visible. There are no public profile pages.

4. Contact Visibility Controls

You have per-church control over whether the following are visible to other members: phone number, email address, birthday (and whether to show your birth year), LinkedIn profile URL.

Your name and profile photo are always visible to members of your church directories.

5. Photos & Audio

All uploaded photos are stripped of EXIF metadata (which may include GPS location and camera information) before being stored. Photos are resized and compressed for optimal performance.

Name pronunciation audio recordings are stored securely and only playable by members of your church directories.

6. Data Security

We protect your data using: HTTPS encryption for all connections; password hashing with Argon2id; CSRF protection on all forms; prepared SQL statements to prevent injection; rate limiting on login attempts; secure session management; Content Security Policy headers.

7. Data Retention & Deletion

Your data is retained as long as your account is active. You may request account deletion at any time. Upon deletion request, your account enters a 30-day grace period. After the grace period, all personal data is permanently deleted including: profile information, photos, audio recordings, prayer requests, and church memberships.

Audit log entries may be retained in anonymized form for security purposes.

8. Cookies & Local Storage

We use a session cookie to keep you logged in and an optional "remember me" cookie. We use browser localStorage to save your theme preference (light/dark mode) and font size setting. We do not use tracking cookies, analytics pixels, or third-party advertising cookies.

9. Third-Party Services

We use the following third-party services: Google OAuth for optional sign-in (governed by Google's privacy policy); SMTP email delivery for sending notifications. We do not share your personal data with any other third parties.

10. Your Rights

You have the right to: access your personal data; correct inaccurate data; delete your account and data; control your contact visibility settings; opt out of email notifications; export your data upon request.

11. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes via email or in-app notification.

13. Contact

For privacy-related questions or data requests, contact us at privacy@churchlinkup.com.