Privacy Policy

Last updated: May 4, 2026

OurChurchCare is built to serve churches, not to monetize their data. This policy explains what information we collect, why we collect it, and how it is protected.

1. Information We Collect

Information you provide directly:

  • Church name, address, and contact details provided during registration
  • Administrator name and email address used to create the account
  • Names, phone numbers, email addresses, and other details of church families and members that you enter into the Service
  • Contact log entries, assignment notes, and other records you create

Information collected automatically:

  • Server logs including IP addresses and browser type, retained briefly for security and debugging
  • Aggregated, anonymized visit counts on public pages using a cookie-free, privacy-preserving method. No personal data is stored and no tracking cookies are set.
  • Anonymized IP subnet (last octet of IPv4 addresses and the last 80 bits of IPv6 addresses are zeroed before storage, making individual identification impossible) and browser user-agent strings, retained solely for security and automated bot detection. This processing is carried out under legitimate interests and the data is never used to identify individuals.

Payment information:

  • Billing is processed by Stripe. We do not store credit card numbers or full payment details on our servers. Stripe's privacy policy applies to payment data.
2. How We Use Your Information

We use the information you provide solely to:

  • Operate and deliver the Service to your church
  • Process subscription payments and send billing-related communications
  • Respond to support requests
  • Send important service notices (security alerts, policy updates, downtime notifications)
  • Improve the reliability and performance of the Service

We do not use your data for advertising, and we do not sell or share it with third parties for marketing purposes.

3. Data Isolation

Each church's data is logically isolated. Users belonging to one church cannot access the data of another church. Our platform architecture enforces this at the database level on every query.

4. Who Has Access to Your Data

Within OurChurchCare, access to church data is role-based:

  • Church Admins can view and manage all data for their church
  • Staff can view all families and manage assignments
  • Volunteers can view families and log contacts for their assigned families

OurChurchCare platform administrators (super admins) may access account-level data (church name, subscription status) for support and billing purposes only. They do not have routine access to family or member data.

5. Data Retention

Your data is retained for as long as your account is active. If you cancel your subscription:

  • Your data remains accessible for 30 days to allow you to export it
  • After 30 days, data may be permanently deleted from our systems
  • You may request immediate deletion by emailing help@ourchurchcare.com
6. Cookies

The Service uses one strictly necessary session cookie to keep you logged in. This cookie contains no personal information and expires when you close your browser or sign out.

We do not set advertising cookies, tracking cookies, or third-party analytics cookies. No cookie consent banner is required because we do not use non-essential cookies.

7. Security

We implement reasonable technical and organizational measures to protect your data, including:

  • Passwords stored using bcrypt hashing (never in plain text)
  • CSRF protection on all forms
  • HTTPS enforced for all connections
  • Tenant data isolation enforced at the query level

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we take it seriously and will notify affected users promptly in the event of a breach.

8. Third-Party Services

We use a small number of third-party services to operate OurChurchCare:

We do not use Google Analytics, Facebook Pixel, or any other third-party tracking or advertising services.

9. Children's Privacy

The Service is intended for use by church administrators and staff. We do not knowingly collect personal information from children under 13 as account holders. Family member records (which may include children) are entered by church administrators and are subject to the church's own data stewardship responsibilities.

10. Your Rights

Depending on your location, you may have rights including access to, correction of, or deletion of your personal data. To exercise any of these rights, email us at help@ourchurchcare.com. We will respond within 30 days.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify account administrators by email before material changes take effect. Continued use of the Service after that date constitutes acceptance of the updated policy.

12. Contact

Questions or concerns about this policy? Email us at help@ourchurchcare.com.

Terms of Service Get Started Free