← Back to Home

Privacy Policy

Last updated: January 24, 2026

Available in:

EnglishFrançais

Introduction

Connectus ("we," "us," "our," or "Company") is operated by JOKALALA Tecnologias, Lda and is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our church management platform (the "Service").

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service. By accessing and using Connectus, you signify that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you voluntarily provide when using our Service:

  • Account Information: Name, email address, phone number, organization name, position, and password
  • Church/Organization Data: Church name, address, denomination, contact information, and organizational details
  • Member Data: First name, last name, email, phone number, address, date of birth, membership status, emergency contacts, and notes
  • Member Photos: Profile photos and identification card images for members
  • Attendance Records: Check-in information, attendance dates, and related metadata
  • Visitor Information: Visitor names, contact information, visit dates, and interest areas
  • Financial Information: Donation amounts, fund allocations, and giving patterns (stored securely)
  • Payment Information: Credit card details processed through our secure payment processor (Paddle)
  • Communication Data: Messages, support requests, feedback, and correspondence with our team

1.2 Information Collected Automatically

When you access our Service, we automatically collect:

  • Device Information: Device type, operating system, browser type, and device identifiers
  • Usage Data: Pages visited, features used, time spent, clicks, and interactions
  • Location Information: IP address, approximate location based on IP geolocation
  • Cookies and Tracking: Session identifiers, user preferences, and analytics tracking
  • Log Data: Access times, pages accessed, and error information

1.3 Information from Third Parties

We may receive information from:

  • Payment processors (transaction information)
  • Cloud service providers (system logs)
  • Third-party integrations (authorized by you)
  • Other churches or organizations (if you're invited to multiple accounts)

2. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: Providing, maintaining, and improving the Connectus platform
  • Account Management: Creating and managing your account, authentication, and authorization
  • Communications: Sending service updates, support responses, and administrative notifications
  • Feature Enhancement: Understanding usage patterns to develop new features and improvements
  • Security: Detecting, preventing, and addressing fraud, security issues, and technical problems
  • Compliance: Meeting legal, regulatory, and contractual obligations
  • Analytics: Analyzing usage patterns to understand how churches use our Service
  • Marketing: Sending promotional materials (only with your consent)
  • Support: Providing customer support and responding to inquiries
  • Legal Claims: Establishing, exercising, or defending legal claims

3. Data Security

We implement comprehensive security measures to protect your data:

  • Encryption: All data transmitted over HTTPS/TLS encryption (256-bit)
  • Database Security: Encrypted storage in PostgreSQL with access controls
  • Authentication: Multi-factor authentication support and secure password handling
  • Access Control: Role-based access control with principle of least privilege
  • Backup: Regular automated backups with encryption
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Compliance: SOC 2 compliance roadmap and security audits
  • Staff Training: Regular security training for our team
  • Incident Response: Documented incident response procedures

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

4. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy:

  • Active Accounts: Data retained while your account is active and for 30 days after account deletion
  • Deleted Accounts: You can request complete data deletion after account closure
  • Backups: Backup data retained for up to 90 days for disaster recovery
  • Logs: Server logs retained for 30 days for security and technical support
  • Legal Hold: Data retained as required by law or legal proceedings
  • Church Records: Historical attendance and financial records remain available for your review

You can request data deletion at any time by contacting us. We will comply within 30 days unless legal retention is required.

5. Sharing Your Information

We do not sell your personal information. We share information only in these circumstances:

5.1 Authorized Users

Information is shared with authorized users within your organization based on their role and permissions. Church administrators control who has access to member data.

5.2 Service Providers

We may share information with trusted service providers who help us operate our Service, including:

  • Payment processors (Paddle)
  • Cloud infrastructure providers (Neon Database, Vercel)
  • Email service providers
  • Analytics providers
  • Security providers

These providers are bound by confidentiality agreements and only access information necessary for their functions.

5.3 Legal Requirements

We may disclose information when required by law or in response to valid legal requests, such as:

  • Court orders or subpoenas
  • Government investigations
  • Law enforcement requests
  • Protection of our legal rights

5.4 Business Transfers

If Connectus is involved in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction, your information may be transferred as part of that transaction. We will notify you of any such change.

6. Children's Privacy (COPPA Compliance)

Connectus is used primarily to manage children's ministry and track children's participation. We take children's privacy seriously:

  • Parental Control: Churches must obtain parental consent before collecting children's information
  • Limited Collection: We collect only information necessary for church operations
  • Photo Protection: All children's photos are stored securely and not used for marketing
  • Access Control: Only authorized church staff can access children's information
  • Data Protection: Enhanced security for all children's personal information
  • No Disclosure: Children's information is never shared with third parties without explicit consent

Churches using Connectus must comply with applicable children's privacy laws including COPPA (Children's Online Privacy Protection Act). We provide tools to help churches manage parental consent and permissions.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

7.1 GDPR Rights (European Union)

If you are in the EU, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion of your data ("Right to be Forgotten")
  • Restriction: Restrict processing of your data
  • Portability: Receive your data in a structured format
  • Objection: Object to processing based on our legitimate interests
  • Withdrawal: Withdraw consent at any time

7.2 CCPA Rights (California)

If you are a California resident, you have the right to:

  • Know: Request what personal information we collect
  • Delete: Request deletion of collected information
  • Opt-Out: Opt-out of the sale or sharing of personal information
  • Non-Discrimination: No discrimination for exercising your rights
  • Limit Use: Limit use of sensitive personal information

7.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@manageflock.com. We will respond to your request within 30 days (or as required by law).

8. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience:

8.1 Types of Cookies

  • Essential: Required for authentication and security
  • Performance: Analyze how you use our Service
  • Functional: Remember your preferences and settings
  • Marketing: Track interactions for service improvement (optional)

8.2 Cookie Management

You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that some features may not work properly if cookies are disabled.

9. Multi-Tenant Data Isolation

Connectus is a multi-tenant SaaS platform serving multiple churches. We maintain strict data isolation:

  • Complete Isolation: Each church's data is completely isolated from others
  • Database Partitioning: Data partitioned by church_id at the database level
  • Access Control: Middleware ensures users can only access their church's data
  • Backup Isolation: Backups maintain data isolation
  • No Cross-Tenant Access: Impossible for one church to access another's data

10. Third-Party Links

Our Service may contain links to third-party websites and services that are not operated by us. This Privacy Policy does not apply to third-party websites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites before providing your information.

11. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from your home country. By using Connectus, you consent to the transfer of your information to countries outside your country of residence, which may provide a different level of data protection than your home country.

For users in the EU, we rely on Standard Contractual Clauses and other mechanisms to ensure adequate protection for international data transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated Privacy Policy on our website with the new effective date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on our platform

Your continued use of Connectus after such modifications constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@manageflock.com

Support: support@manageflock.com

Data Protection Officer: Available upon request

Mailing Address: JOKALALA Tecnologias, Lda, ManageFlock Division, Angola

We will respond to privacy inquiries within 30 days. For GDPR/CCPA requests, we will respond within the timeframes specified by law.

14. Dispute Resolution

If you have a privacy complaint, we encourage you to contact us first so we can resolve the matter. If you are not satisfied with our response, you may have the right to:

  • GDPR Complaint: Lodge a complaint with your local data protection authority
  • CCPA Complaint: Contact the California Attorney General's office
  • Legal Action: Pursue legal remedies in accordance with applicable law

Related Pages: Terms of Service Contact Support