Privacy Policy – Church Operating System

Draft document. This page is a starting template generated for Church Operating System and has not been reviewed by a lawyer or data-protection specialist. Review and adapt it to your jurisdiction's data protection law before relying on it.

Last updated: June 2026

1. Scope

This Privacy Policy explains how Church Operating System ("the Platform"), operated by Tiidon Innovations Limited, collects, uses, and protects information when a church ("Tenant Church") and its members, visitors, and staff use the Platform.

2. Who controls the data

Each Tenant Church controls the member, visitor, and ministry data it enters into the Platform — it decides who can access it (via roles and permissions) and how long to keep it. Tiidon Innovations Limited acts as the technical operator and processor of that data on the church's behalf, and as the data controller for platform-level account and billing information.

3. What information we collect

Account information: name, email, phone, and role of people who log in (church staff, leaders, members).
Member and visitor records: names, contact details, date of birth, address, marital status, and similar fields a church chooses to record.
Ministry activity: attendance, giving/financial records, event registrations, academy enrollment, department membership.
Sensitive pastoral information: some churches use the Platform to record counselling, welfare, or pastoral care notes. Access to this category is restricted to leadership roles and is covered by the Platform's internal Data Protection Agreement that leaders must accept.
Technical data: IP address, device/browser information, and login timestamps, used for security and audit logging.

4. Children's information

Some churches use the Platform's children's ministry features, which may include information about minors. This information should only be entered with appropriate parental/guardian consent obtained by the church, and access to it is limited to authorized church leaders.

5. How we use information

To provide and operate the features a church has enabled (member management, attendance, giving, communication, etc.).
To send notifications and emails the church or member has requested or that are necessary for the service (e.g. password resets, receipts).
To maintain security, investigate misuse, and enforce our Terms of Service.
To process payments for subscriptions or online giving through our payment partners (e.g. mobile money providers).

We do not sell member or visitor data to third parties.

6. Who can see what

Access within a church is restricted by role: for example, only finance-related roles can see individual giving records, and department leaders can generally only see members in their own department, unless a church admin grants broader access. Basic members do not have access to other members' contact details through the Platform.

7. Data retention and deletion

If a church account is deleted, its data is moved to a recoverable state for a limited period (currently 30 days) before being permanently removed, to protect against accidental deletion. Members and visitors who want their personal information corrected or removed should contact their church directly, as the church controls its own member records.

8. Third-party processors

We use third-party services to operate the Platform, which may include email delivery providers, SMS/WhatsApp providers, and mobile money/payment gateways. These providers process data only as needed to deliver their service (e.g. sending an email, processing a payment) and are not permitted to use the data for their own purposes.

9. Security

We use measures such as password hashing, role-based access control, session security, and audit logging to protect data. No system is completely secure, and we encourage churches to use strong passwords and limit leadership access to what each role actually needs.

10. Your rights

Depending on your location and applicable law, you may have rights to access, correct, or request deletion of your personal information. Requests about a specific church's records should go to that church; requests about platform-level account data can be sent to the support contact listed on the Platform.

11. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Platform or by email to Church Admins.

12. Contact

Questions about this Privacy Policy can be sent to the support contact listed in the Platform's settings or footer.