Privacy Policy

We collect information you provide when creating an account, setting up your church, or using features. This includes name, email, church details, and usage data.

Church owners and administrators provide contact details, church names, and branding preferences. This information is used to identify your workspace and power your public church website.

You control the member, branch, and ministry data stored in GraceFlow. We process this data on your behalf and do not use it for advertising or sell it to third parties.

When visitors use public forms (plan a visit, prayer requests, suggestions), the submitted data is routed directly to the church. GraceFlow stores it securely but the church is the data controller for that information.

Content submitted through prayer walls, suggestion boxes, and custom forms is visible to authorised church staff according to the permissions you set. Anonymous submissions are stored without identifiable contact details unless voluntarily provided.

We use data to:

• Provide and improve the GraceFlow platform.
• Support your church workspace and public sites.
• Send important service updates and security notices.
• Analyse usage trends to improve performance and features.

Access is controlled by role-based permissions set by the church owner. Admins, branch leaders, and team members only see data they are authorised to view. GraceFlow staff may access data only when necessary to provide support or maintain security.

We use trusted third-party providers for hosting, analytics, and email delivery. We do not sell or rent your data. All providers are bound by confidentiality and data protection obligations.

GraceFlow uses cookies and browser local storage to keep you signed in, remember preferences, and measure platform usage. You can clear these at any time through your browser settings.

We implement industry-standard security measures including encryption in transit, row-level access controls, and regular security reviews. However, no system is completely secure, and we cannot guarantee absolute protection.

We retain your data for as long as your account is active or as needed to provide services. You can request deletion of your account and associated data by contacting support.

Depending on your location, you may have the right to access, correct, or delete your personal data. To exercise these rights, contact your church admin or email us directly.

GraceFlow is not directed at children under 13. If you believe a child has provided personal data without appropriate consent, please contact us so we can remove it.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notice.

For privacy questions or data requests, contact us: