Legal

Privacy Policy

Effective Date: January 1, 2025

At Shep, we are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our discipleship platform. Please read this policy carefully.

1. Introduction

Shep ("we", "us", or "our") operates the Shep platform, a discipleship tracking application for churches. This Privacy Policy applies to all information collected through our website, mobile application, and related services (collectively, the "Service").

By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with the terms of this policy, please do not access or use the Service.

2. Information We Collect

Information You Provide Directly

  • Account Information: When you register, we collect your name, email address, and password.
  • Church Information: Church name, address, timezone, and branding assets (logo, colours).
  • Profile Data: Profile photos, biographical information, and role within your church.
  • Discipleship Data: Spiritual growth records, relationship notes, prayer requests, and interaction logs that you or your church leaders choose to record.
  • Communications: Messages and enquiries you send to us.

Information Collected Automatically

  • Log Data: IP address, browser type, pages visited, time spent on pages, and referring URLs.
  • Device Information: Device type, operating system, and unique device identifiers.
  • Usage Data: Features used, actions taken, and interaction patterns within the Service.
  • Cookies and Tracking: We use cookies and similar technologies to enhance your experience. See our Cookie Policy for details.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Create and manage your account
  • Process transactions and send related information
  • Send administrative communications, such as updates, security alerts, and support messages
  • Send discipleship reminders and church communications if you have opted in
  • Respond to your comments, questions, and requests for customer service
  • Monitor and analyse usage and activity trends to improve the Service
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities
  • Comply with legal obligations

4. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

  • Within Your Church: Information you enter is visible to authorised leaders and administrators within your church, consistent with the role-based access controls you have configured.
  • Service Providers: We share data with trusted third-party vendors who assist in operating the Service (e.g., hosting, email delivery, analytics), subject to confidentiality obligations.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to a valid legal process.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.
  • With Your Consent: We may share your information for any other purpose with your explicit consent.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

When you delete your account, we will delete or anonymise your personal information within 90 days, except where we are required to retain it for legal or legitimate business purposes.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/HTTPS
  • Encryption of data at rest
  • Role-based access controls and row-level security
  • Regular security assessments and audits
  • Audit logging of privileged actions

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

7. Your Rights

Depending on your location, you may have certain rights regarding your personal information, including:

  • Access: The right to request a copy of the personal information we hold about you.
  • Correction: The right to request that we correct inaccurate or incomplete information.
  • Deletion: The right to request that we delete your personal information, subject to certain exceptions.
  • Portability: The right to receive your data in a structured, machine-readable format.
  • Objection: The right to object to our processing of your personal information.
  • Restriction: The right to request that we restrict the processing of your personal information.

To exercise any of these rights, please contact us using the details in the Contact section below.

8. Children's Privacy

Our Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to remove that information.

9. Cookies

We use cookies and similar tracking technologies to improve your experience on the Service. For detailed information about the cookies we use and your choices, please see our Cookie Policy.

10. International Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy when transferred internationally.

11. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by updating the "Effective Date" at the top of this page and, where appropriate, by sending you an email notification.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal information, please contact our Privacy team.

Email our Privacy team

We aim to respond to all privacy-related enquiries within 2 business days.

privacy@shephub.com

You can also reach us through our contact page.