1. Introduction
FlexiCHURCH ("we", "us", "our") is committed to protecting your privacy and the privacy of your church members. This Privacy Policy explains how we collect, use, store, and protect information when you use our church management platform ("Service").
2. Information We Collect
Account Information
- Church name, address, and contact details
- Administrator name, email address, and phone number
- Billing and payment information (processed by third-party payment providers)
Church Member Data
- Names, contact details, and demographic information entered by your administrators
- Attendance records and event participation
- Financial contributions and giving records
- Department and group assignments
Usage Data
- Login activity and session information
- Feature usage patterns and preferences
- Browser type, IP address, and device information
3. How We Use Your Information
- To provide and maintain the Service
- To process subscriptions and payments
- To send service-related communications (billing, updates, security alerts)
- To provide technical support
- To improve the platform and develop new features
- To comply with legal obligations
We do NOT: sell your data, use your member data for advertising, or share your data with third parties for marketing purposes.
4. Data Ownership
Your church retains full ownership of all data entered into the platform. You may export your data at any time. We act solely as a data processor on your behalf.
5. Data Storage & Security
- All data is stored on secure servers with encryption at rest and in transit (TLS/SSL).
- Each church tenant's data is logically isolated from other tenants.
- We implement industry-standard security measures including firewalls, access controls, and regular security audits.
- Database backups are performed regularly and stored securely.
6. Third-Party Services
We use the following third-party services to operate the platform:
- Payment Processors: Paystack, Stripe, Flutterwave — for subscription and add-on payments
- SMS Gateway: KudiSMS — for SMS communications
- WhatsApp API: APIWHA — for WhatsApp messaging
- Email: Your configured SMTP provider
Each third-party service has its own privacy policy. We only share the minimum data necessary for these services to function.
7. Data Retention
- Active accounts: Data is retained for the duration of your subscription.
- Cancelled accounts: Data is retained for 30 days after cancellation, then permanently deleted.
- Billing records: Retained as required by applicable tax and accounting laws.
8. Your Rights
You have the right to:
- Access and export all your data
- Correct inaccurate information
- Request deletion of your account and data
- Withdraw consent for optional data processing
- Lodge a complaint with a supervisory authority
9. Cookies
We use essential cookies for authentication and session management. We do not use tracking or advertising cookies. By using the Service, you consent to the use of essential cookies.
10. Children's Privacy
The Service is designed for use by church administrators (age 18+). While member records may include information about minors (e.g., children's ministry), such data is entered and managed solely by authorized church administrators.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. We will notify administrators of material changes via email or in-app notification.