Skip to content

Privacy Policy

Last updated: April 27, 2026

1. Introduction

Holy Insights ("we," "us," or "our") provides a church analytics platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Account Information

  • Name, email address, job title, and phone number provided during registration
  • Church/organization name and contact details
  • Authentication credentials managed through Auth0

Church Data

  • Attendance figures, giving totals, volunteer counts, and other aggregate ministry metrics you enter or sync
  • Demographic data imported from your Church Management System (e.g., Planning Center)
  • Service schedules, campus information, and group configurations

Usage Data

  • Pages visited, features used, and actions taken within the Service
  • Device type, browser, IP address, and general location (country/region)

Payment Data

  • Billing information is processed by Stripe. We do not store credit card numbers on our servers. We retain Stripe customer and subscription identifiers to manage your account.

3. How We Use Your Information

  • To provide, operate, and maintain the Service
  • To process transactions and send billing-related communications
  • To generate analytics, insights, and AI-powered recommendations for your church
  • To send weekly digest emails and product updates (with opt-out)
  • To respond to support requests and feedback
  • To improve the Service and develop new features
  • To detect and prevent fraud, abuse, or security incidents

4. Data Sharing & Third Parties

We do not sell your data. We share information only with:

  • Service providers that help us operate (Auth0 for authentication, Stripe for payments, Resend for email, Railway for hosting, Anthropic for AI features)
  • Your Church Management System (e.g., Planning Center) when you authorize a connection
  • Law enforcement if required by law or to protect our rights

All service providers are bound by contractual obligations to protect your data.

5. Data Retention

We retain your data for as long as your account is active. If you cancel your subscription, we retain your data for 90 days to allow for reactivation, after which it is permanently deleted. You may request immediate deletion by contacting us.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS) and at rest, tenant isolation ensuring each church's data is separated, OAuth tokens encrypted with AES-256-GCM, role-based access controls, and audit logging of administrative actions.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal data
  • Export your data in a portable format
  • Object to or restrict certain processing
  • Withdraw consent at any time

To exercise these rights, email privacy@holyinsights.org.

8. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. Analytics cookies may be used to understand usage patterns and are anonymized.

9. Children's Privacy

The Service is not directed to individuals under 16. We do not knowingly collect personal information from children. Aggregate demographic data (e.g., age-bracket counts) does not identify individual children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice within the Service. Continued use after changes constitutes acceptance.

11. Contact Us

If you have questions about this Privacy Policy, contact us at:
privacy@holyinsights.org