← Back to home

Privacy Policy

Last updated: May 6, 2026

Who we are

ChurchCompass.org (“ChurchCompass”, “we”) provides a platform that helps churches share their profile with visitors via QR codes, collect guest book entries, and send event alerts to followers.

Information we collect

Church accounts: name, email address, hashed password, church profile content, and uploaded images.

Visitor accounts: name, email address, hashed password, optional phone number, churches you follow, and your opt-in preferences for email, SMS, and browser push notifications.

Guest book entries: first name, message, and optional email entered on a public church profile. No login is required.

Push notification subscriptions: the encrypted push endpoint and keys provided by your browser if you grant push permission.

We do not collect or store geolocation data.

How we use information

  • To create and authenticate your account.
  • To deliver the event alerts and church updates you opt in to receive (email, SMS, push).
  • To notify a church admin when a visitor signs their guest book.
  • To operate, secure, and improve the service.

We do not sell your personal information. We do not use your data to train third-party advertising or AI models.

Third-party services

We rely on these processors to operate the service:

  • Vercel — application hosting.
  • Neon — database hosting.
  • Cloudinary — image storage and delivery.
  • Resend — transactional and event email delivery.
  • Twilio — SMS delivery (when enabled).
  • QR.io — QR code generation.

Your rights

You can update your name, phone, and notification preferences from the visitor dashboard at any time. To delete your account or request a copy of the data we hold about you, email us at the address on the contact page. We will respond within 30 days.

You can unsubscribe from marketing email at any time using the unsubscribe link in the email or by toggling email off on your visitor dashboard. You can revoke push permission from your browser’s site settings.

Security

Passwords are hashed with bcrypt before storage. All traffic is served over HTTPS. We use signed Cloudinary uploads so your images cannot be tampered with in transit.

Children

ChurchCompass is not directed to children under 13. If you believe a child has provided us personal information, please contact us and we will delete it.

Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top of this page reflects the most recent change.