Legal

Privacy Policy

Last updated: May 2026

The short version: We collect only what we need to run ChurchMRM. We don't sell your data. We don't use it for advertising. Your congregation's information is yours.

Who we are

ChurchMRM is a church management software service operated as a sole proprietorship based in Canada. We can be reached at [email protected].

What data we collect

We collect and store the following information on behalf of your church:

Church administrator account information (name, email address)
Congregation member profiles (names, contact details, family relationships, ministry involvement)
Attendance records and session notes
Pastoral interaction notes and follow-up records
Ministry rota and scheduling data
Form responses submitted by congregation members (RSVP, volunteer sign-ups, child registration)

How we use your data

Data collected through ChurchMRM is used solely to provide the service to your church. Specifically:

To display and manage your congregation records
To generate AI-powered insights, notes, and meeting minutes on your behalf
To send transactional emails such as login links, rota notifications, and follow-up reminders
To back up your data securely

We do not use your data for advertising, analytics, or any purpose beyond operating ChurchMRM for your church.

AI features and data processing

ChurchMRM uses third-party AI services to power features such as Intelligent Insights, Smart Notes, and meeting minutes. When you use these features, personal identifiers are anonymized before the request leaves our infrastructure — your congregation's personal data is never sent to an AI provider in identifiable form.

AI providers we use do not store or train on API data by default
AI processing is used only to generate the output you requested — notes, insights, minutes
Personal identifiers are pseudonymized at the infrastructure level before AI processing and reversed only for your own use

Voice audio is never stored — only the transcribed text is saved. Photos used for note-taking are never stored — only the extracted text is saved.

Third-party services

ChurchMRM relies on the following categories of third-party services to operate:

Cloud hosting and security provider — hosting, content delivery, and infrastructure security
Email delivery provider — transactional email delivery such as login links and notifications
AI processing providers — powering intelligent insights, smart notes, and meeting minutes features
Web font provider — fonts used in the application interface

These providers are carefully selected and are contractually required to handle data securely. We do not authorise any third party to use your data for their own purposes. If you would like details of specific providers, contact us at [email protected].

Data storage and location

Your church's data is stored on servers located in Canada. Automated backups are stored on Cloudflare R2 infrastructure, which may be located outside Canada. AI processing by Anthropic and Google occurs on servers located in the United States.

Data retention and deletion

When a member record is deleted in ChurchMRM, it is soft-deleted and held for 30 days before permanent removal. During this period it can be restored. After 30 days it is permanently purged from our systems.

Church administrators can request a full hard purge of any member's data at any time through the application.

If you close your ChurchMRM account, all associated data will be permanently deleted upon request.

Your rights

You have the right to:

Access the data we hold about your church
Request correction of inaccurate data
Request deletion of your data (right to erasure)
Withdraw consent and close your account at any time

To exercise any of these rights, contact us at [email protected].

Privacy of congregation members

Churches using ChurchMRM are responsible for ensuring they have appropriate consent from their congregation members to store personal information in a third-party system. ChurchMRM processes this data on behalf of the church as a data processor.

Security

We take the security of your data seriously. ChurchMRM uses industry-standard security practices including encrypted connections (HTTPS), access controls, and regular backups. Administrative access to our infrastructure is protected by multi-factor authentication and Cloudflare Zero Trust.

ChurchMRM enforces role-based access controls (RBAC) across all user accounts. Every significant action in the system is logged with a record of who performed it and when, providing a full audit trail for church administrators.

Pastoral notes and meeting minutes are private by default — they are visible only to the user who created them. No other user, including administrators, can access another user's private notes unless explicitly shared.

Children's data

ChurchMRM may store information about children as part of family group and child registration features. This data is collected and managed by church administrators on behalf of the church. We do not knowingly collect personal data directly from children.

Access to children's profiles and attendance records is restricted by design — these records are only visible to administrators and ministry leaders with a direct role in the relevant ministry. Other users cannot access child data outside their ministry scope.

Changes to this policy

We may update this privacy policy from time to time. The date at the top of this page reflects the most recent update. We will notify active churches of any material changes by email.

Contact

If you have any questions about this privacy policy or how we handle your data, please contact us at [email protected].

ChurchMRM is operated in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Canadian privacy legislation.