Privacy Policy

1. Introduction

Flowbudd Inc. ("Flowbudd," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our church management platform and services (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

We collect information that you directly provide to us, including:

• Account Information: Name, email address, phone number, organization name, role/title
• Church Member Data: Names, contact information, family relationships, attendance records, giving history, group memberships, notes, and custom data fields
• Financial Information: Donation records, payment methods (processed securely via Stripe - we do not store full credit card numbers)
• Communications: Emails, SMS messages, form responses, support tickets
• Content: Sermons, media files, event details, announcements, documents

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

• Usage Data: Pages visited, features used, time spent, click patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Error logs, API requests, authentication events
• Cookies: Session cookies, preference cookies, analytics cookies (see our Cookie Policy)

2.3 Information from Third Parties

We may receive information from:

• Payment Processors: Stripe provides transaction confirmation and payment status
• Authentication Providers: Google OAuth, Microsoft OAuth (if you use social login)
• Communication Services: Resend (email delivery status), Twilio (SMS delivery status)

3. How We Use Your Information

3.1 Service Delivery

• Provide, operate, and maintain the church management platform
• Process donations and manage financial records
• Send transactional emails and SMS messages
• Generate reports, analytics, and insights
• Provide customer support and respond to inquiries

3.2 AI-Powered Features

We use OpenAI's API to power AI features (bulletin generation, email drafting, pastoral care suggestions). Your data sent to OpenAI:

• Is processed according to OpenAI's data processing agreement
• Is NOT used to train OpenAI's models (per our enterprise agreement)
• Is encrypted in transit and at rest
• Is retained by OpenAI for 30 days for abuse monitoring, then deleted

3.3 Service Improvement

• Analyze usage patterns to improve features and user experience
• Detect and prevent fraud, abuse, and security threats
• Conduct A/B testing and product research
• Develop new features and functionality

3.4 Communications

• Send service updates, security alerts, and important notices
• Respond to support requests and provide assistance
• Send marketing communications (with your consent, opt-out available)
• Solicit feedback and conduct surveys

4. Data Storage & Location

4.1 Where Your Data Is Stored

While Flowbudd is a Canadian corporation, your data is primarily stored in United States data centers for performance and cost optimization:

• Database: Neon (PostgreSQL) - US East region
• File Storage: Cloudflare R2 - Global distribution, primary US storage
• Application Hosting: Railway (US) and Cloudflare Pages (global edge)

4.2 International Data Transfers

If you are located in Canada, the European Union, or other jurisdictions outside the United States, your data will be transferred to and processed in the United States. We implement appropriate safeguards, including Standard Contractual Clauses (SCCs) where required.

5. Data Security

We implement industry-standard security measures:

• Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
• Access Controls: Role-based permissions, multi-factor authentication
• Infrastructure Security: DDoS protection (Cloudflare), firewalls, intrusion detection
• Regular Audits: Security assessments, penetration testing, vulnerability scanning
• Backups: Daily automated backups with 7-day retention
• Employee Training: Security awareness and data protection training

6. Data Sharing & Disclosure

6.1 Service Providers

We share data with third-party service providers who assist us:

• Stripe: Payment processing (PCI DSS compliant)
• OpenAI: AI features (data processing agreement in place)
• Resend: Transactional email delivery
• Twilio: SMS messaging
• Neon, Railway, Cloudflare: Infrastructure and hosting

All service providers are contractually bound to protect your data and use it only for specified purposes.

6.2 Legal Requirements

We may disclose your information if required by law:

• To comply with legal obligations, court orders, or subpoenas
• To protect our rights, property, or safety
• To investigate fraud, abuse, or security threats
• In connection with a merger, acquisition, or asset sale (with notice)

6.3 No Selling of Data

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.

7. Your Privacy Rights

7.1 Access & Portability

You have the right to:

• Access your personal information
• Export your data in standard formats (CSV, JSON, PDF)
• Request a copy of your data

7.2 Correction & Deletion

You have the right to:

• Correct inaccurate or incomplete data
• Delete your personal information (subject to legal retention requirements)
• Request account closure and data deletion

7.3 Objection & Restriction

You have the right to:

• Object to processing of your data for marketing purposes
• Restrict processing in certain circumstances
• Opt out of promotional communications (unsubscribe links provided)

7.4 Region-Specific Rights

• GDPR (EU/EEA): Right to data portability, right to be forgotten, right to lodge complaints with supervisory authorities
• CCPA (California): Right to know, right to delete, right to opt-out of sale (we don't sell data)
• PIPEDA (Canada): Right to access, right to correction, right to challenge compliance

8. Data Retention

We retain your data:

• Active Accounts: For as long as your account is active
• After Termination: 30-day grace period (read-only), then permanent deletion from production
• Backups: Up to 90 days in disaster recovery backups, then permanent deletion
• Legal Requirements: Longer if required by law (e.g., financial records for 7 years)

9. Children's Privacy

The Service is not directed to children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@flowbudd.com.

10. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights:

• Email: privacy@flowbudd.com
• Data Protection Officer: dpo@flowbudd.com
• Website: flowbudd.com/legal