Privacy Policy

Last Updated: February 22, 2025

1. Introduction

Welcome to Communicate! We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you use our services.

By using Communicate, you agree to the terms of this Privacy Policy. If you do not agree with any part of this Privacy Policy, you should discontinue use of the app and services.

We encourage you to review this Privacy Policy regularly to stay informed about how we handle your personal data.

2. Information We Collect

We collect various types of information to provide and improve our services. The types of information we collect include:

2.1 Personal Information

We collect personal information when you sign up for an account, interact with the app, or subscribe to a paid plan. This includes:

• Account Information: Name, email address, church name, and user role within the organization.
• Multi-User Access: If you invite additional users to your account, they will have the same access level as you. At this time, there are no role-based restrictions, meaning all users can view, modify, and manage account data equally.
• Account Owner Responsibility: The account owner is fully responsible for managing invited users. Communicate is not responsible for any actions taken by invited users, including data modification, deletion, or sharing of information outside the platform.
• Login Credentials: Username and password (securely stored and encrypted).
• Profile Data: Profile picture (if uploaded), contact preferences, and optional phone number.
• Payment Information: If you subscribe to a paid plan (once introduced), we collect billing details. Payment processing is handled by third-party providers, and we do not store full payment details on our servers.

2.2 Usage Data

We collect information about how users interact with Communicate, including:

• App Interaction Data: Features used, campaigns and communications created, templates and categories set up.
• Feedback and Surveys: User-submitted feedback, survey responses, and suggestions to improve our services.

2.3 Technical Information

To ensure platform security and optimize performance, we collect technical data, including:

• Device Information: IP addresses, browser types, operating systems, and device identifiers.
• Cookies and Tracking Technologies: We use cookies to monitor activity, store preferences, and enhance user experience. For more details, see the Cookies and Tracking Technologies section below.

3. Legal Basis for Data Processing

For users in the European Economic Area (EEA) and United Kingdom (UK), our legal basis for processing personal data depends on the information collected and the context in which it is processed, in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the UK GDPR.

We process personal data based on the following legal grounds:

• Contract Necessity: When processing data is required to provide our services, including account creation, authentication, and feature access.
• Legitimate Interests: When data is used to improve our platform, conduct analytics, enhance security, or communicate with users about service updates.
• User Consent: When users opt in to marketing emails, provide feedback, or enable certain optional features.
• Legal Obligations: When we are required to process and retain data to comply with applicable laws, regulations, or legal processes.

If you have any questions about the legal basis under which we process your data or wish to exercise your GDPR rights, you can contact us at [email protected].

4. How We Use Your Information

We collect and process personal data for the following purposes:

4.1 To Provide and Improve Our Services

• Operate, maintain, and improve Communicate to ensure the platform functions correctly.
• Beta Feature Disclaimer: The multi-user feature is currently in beta and may be modified, removed, or replaced at any time. Participation in the beta does not guarantee that this feature will be free or available in its current form after public launch.
• Future Subscription & Pricing: While multi-user access is free during beta, future access will be subject to subscription plans and pricing tiers. Users who participate in beta will still need to select a paid plan upon full release if they wish to continue using multi-user access.
• Personalize the user experience based on account preferences and past interactions.
• Troubleshoot technical issues and provide customer support.

4.2 To Communicate with You

• Send account-related notifications, including security alerts, feature updates, and administrative messages.
• Respond to inquiries, feedback, and support requests.
• Users consent to receive essential service-related communications when signing up.

4.3 To Analyze and Enhance the App

• Track usage patterns and monitor system performance.
• Identify trends and optimize existing features.
• Develop and test new features based on feedback and engagement data.

4.4 To Ensure Security

• Authenticate users and prevent unauthorized access.
• Detect and prevent fraud, abuse, and security breaches.
• Monitor login activity and device data to protect user accounts.

4.5 For Marketing and Promotions

• With user consent, we may send promotional materials, feature announcements, and special offers.
• Users can opt out of marketing emails at any time by clicking the "unsubscribe" link in the email or adjusting their preferences in their account settings.

If you have any questions regarding how your data is used, please contact us at [email protected].

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. However, we may share your data in the following circumstances:

5.1 With Service Providers

We work with third-party service providers to help operate and improve Communicate. These providers may process your data only as necessary to perform the services we request, such as:

• Cloud storage and hosting to securely store data.
• Analytics services to understand user engagement and improve the platform.
• Email providers to send notifications and communications.
• Payment processors (when applicable) to handle billing and transactions securely.

All third-party providers are contractually obligated to keep your data confidential and use it only for the specified purposes.

5.2 For Legal Reasons

We may disclose user data if required by law, regulation, or legal process, such as:

• Complying with court orders, subpoenas, or legal investigations.
• Enforcing our Terms of Service or protecting the security of our platform.
• User Actions & Data Loss: Communicate is not liable for any loss, corruption, or unauthorized sharing of data caused by an invited user within an account. The account owner is responsible for managing users and ensuring that only trusted individuals are granted access.
• Preventing fraud, illegal activities, or security threats.

5.3 During a Business Transfer

If Communicate undergoes a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify users of any change in ownership before such a transfer occurs.

If you have questions about how your data is shared, you can contact us at [email protected].

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

6.1 Retention Periods

• Account Information: Retained as long as the account remains active. Deleted upon user request or after prolonged inactivity.
• Usage Data & Analytics: Stored for up to 24 months for platform improvement, unless anonymized for longer-term analysis.
• Customer Support & Communication Records: Retained for up to 12 months to assist with inquiries and issue resolution.
• Payment Information: If subscriptions are introduced, financial transaction records will be retained for a minimum of 7 years in compliance with tax and accounting regulations.

6.2 Data Deletion Requests

Users may request deletion of their personal data under the Right to Erasure (Right to be Forgotten) by contacting us at [email protected]. Upon verification of the request, we will:

• Delete personal information unless required for legal or operational purposes.
• Data Ownership for Multi-User Accounts: If multiple users have been invited to an account, the original account owner retains full ownership of all data. If an invited user leaves the account, they do not have rights to export or retain account data unless explicitly granted permission by the account owner.
• Anonymize retained data where full deletion is not feasible (e.g., aggregated analytics).

6.3 Legal & Compliance Retention

In some cases, we may retain certain information for compliance purposes, including:

• To comply with legal obligations (e.g., tax, audit, and regulatory reporting).
• To resolve disputes or enforce our agreements.
• To prevent fraud and abuse on the platform.

If you have questions about data retention, please contact us at [email protected].

7. Cookies and Tracking Technologies

Under GDPR, users in the EEA and UK have the right to explicitly opt in to non-essential cookies. Upon visiting Communicate, users will be presented with a cookie consent banner allowing them to accept, reject, or customize cookie preferences.

We use cookies and similar tracking technologies to enhance user experience, improve performance, and analyze app usage.

7.1 Types of Cookies We Use

• Session Cookies: These are temporary cookies that help with authentication and user experience while using the app. They are deleted when you close your browser.
• Analytics Cookies: We use cookies to collect information on how users interact with Communicate. This helps us understand user behavior, optimize features, and improve functionality.

7.2 Third-Party Tracking

We use Google Analytics to track user activity and gather insights into platform usage. This data helps us enhance features and improve user experience. Google Analytics may collect information such as:

• The pages you visit.
• How long you stay on a page.
• Browser and device information.

For more details on how Google Analytics handles data, you can visit Google’s Privacy Policy.

7.3 Managing Cookies

You can control or disable cookies through your browser settings. However, please note that disabling certain cookies may affect the functionality of Communicate.

In accordance with GDPR, you may also withdraw your consent at any time by adjusting your preferences in our Cookie Settings page, accessible through the footer of our website.

Most browsers allow you to:

• Block or delete cookies through privacy settings.
• Opt out of analytics tracking by installing browser add-ons like the Google Analytics Opt-Out Add-on.

8. Your Data Rights

Depending on your location, you may have certain rights regarding your personal data. These rights may include:

8.1 Access and Correction

• You can request access to the personal information we hold about you.
• If any of your information is inaccurate or incomplete, you may request a correction.

8.2 Data Deletion

• You can request the deletion of your personal data, subject to exceptions required by law (e.g., financial records for compliance).
• Once deleted, some data may remain in backup archives for a limited time before being fully removed.

8.3 Opt-Out of Marketing Communications

• Users may opt out of marketing emails at any time by clicking the "unsubscribe" link in any email or adjusting preferences in their account settings.
• Even if you opt out of marketing emails, we may still send important service-related messages (such as security updates).

8.4 Data Portability (Applicable where required by law)

• You may request a copy of your personal data in a structured, commonly used format.

8.5 How to Exercise Your Rights

To submit a request regarding your data, please contact us at [email protected]. We will respond within the timeframes required by applicable laws, including within 30 days for GDPR-related requests. You may also lodge a complaint with your local Data Protection Authority (DPA) if you are not satisfied with our response.

If your request falls under the General Data Protection Regulation (GDPR) or California Consumer Privacy Act (CCPA), additional rights may apply, and we will process your request accordingly.

9. Data Security

We take data security seriously and implement industry-standard measures to protect your personal information from unauthorized access, loss, misuse, or alteration.

9.1 Encryption & Secure Data Transmission

• All user data is encrypted in transit and at rest using SSL/TLS and AES-256 encryption where applicable.
• Passwords are hashed and stored securely to prevent unauthorized access.

9.2 Two-Factor Authentication (2FA)

• To enhance security, Communicate offers two-factor authentication (2FA) for user accounts.
• Users are encouraged to enable 2FA to protect against unauthorized logins.

9.3 Access Control & Internal Safeguards

• User data is accessible only to authorized personnel who require access for operational purposes.
• Internal access is strictly controlled and monitored for security compliance.

9.4 Security Breach Notification

In the event of a data breach, we will:

• Notify affected users without undue delay, and within 72 hours when required under GDPR.
• Investigate the incident and take immediate action to contain the breach.
• Notify affected users via email or in-app notification if their data is compromised.
• Comply with applicable legal requirements for breach disclosure and mitigation.

While we follow best security practices, no system is completely secure. If you suspect a security issue with your account, please contact us at [email protected] immediately.

10. Third-Party Links

Communicate may contain links to third-party websites or services that are not operated or controlled by us. These external services may have their own privacy policies and practices.

We are not responsible for the content, policies, or practices of any third-party websites or services. Clicking on a third-party link means you will be subject to their policies, not ours.

We encourage users to review the privacy policies of any third-party services they interact with to understand how their information may be collected and used.

11. Children's Privacy

Communicate is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13.

If we become aware that we have inadvertently collected personal information from a child under 13, we will:

• Delete the information immediately from our records.
• Take appropriate steps to prevent further collection.

If you believe that a child has provided us with personal data, please contact us at [email protected] so we can take the necessary actions.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When significant changes are made, we will notify users through one or more of the following methods:

• Posting the updated Privacy Policy on our website.
• Sending an email notification to registered users.
• Displaying an in-app notice about the update.

We encourage users to review this Privacy Policy periodically to stay informed about how we protect and use their information. The "Last Updated" date at the top of this document will indicate the most recent changes.

If you continue to use Communicate after an update takes effect, you agree to the revised Privacy Policy. If you do not agree with the changes, you should discontinue use of the platform.

13. Contact Us

If you have any questions about this Privacy Policy, need support, or wish to exercise your data rights, you can contact us at:

📧 Email: [email protected]

We aim to respond to inquiries in a timely manner, but response times may vary depending on the nature of the request.