Privacy Policy

Effective Date: January 22, 2025
Last Updated: October 28, 2025

Daily One Accord ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our church management platform and services (the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

1. Information We Collect

Personal Information

We collect information that you provide directly to us when you:

• Create an account (name, email address, phone number, church affiliation)
• Subscribe to a paid plan (billing information processed through Stripe)
• Use our Service (attendance records, event registrations, volunteer schedules)
• Contact our support team (support tickets, feedback, inquiries)
• Communicate through the platform (messages, emails, SMS communications)

Church and Ministry Data

When you use Daily One Accord, we collect and store data related to your church operations:

• Member and visitor information (names, contact details, attendance history)
• Event and calendar data (service times, ministry events, registrations)
• Team and volunteer information (schedules, roles, availability)
• Service planning data (rundowns, worship songs, team assignments)
• Communication records (emails sent, SMS messages, Slack notifications)
• Giving and donation data (donor information, donation amounts, payment methods, recurring gifts, campaigns)
• Blog engagement data (page views, reading time, social sharing activity)
• Business plan access (NDA signatures, document viewing history, access timestamps)

Automatically Collected Information

When you access our Service, we automatically collect certain information:

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent on platform)
• Log data (access times, error logs, performance metrics)
• Cookies and similar tracking technologies (see Section 8)

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and maintain the Service: Enable core features like attendance tracking, event management, and team coordination
• Process transactions: Handle subscription payments and giving transactions through Stripe
• Send communications: Deliver service notifications, updates, and support messages
• Improve our Service: Analyze usage patterns to enhance features and user experience
• Ensure security: Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations: Meet regulatory requirements and respond to legal requests
• Customer support: Respond to inquiries, troubleshoot issues, and provide assistance

3. Data Sharing and Third-Party Services

We share your information with trusted third-party service providers who help us operate our Service:

We do not sell your personal information to third parties. We only share data with service providers who are contractually obligated to protect your information and use it solely for providing services to us.

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
• Row-Level Security (RLS): Database-level tenant isolation ensures churches can only access their own data
• Access Controls: Role-based permissions and principle of least privilege
• Regular Backups: Automated daily backups with disaster recovery procedures
• Security Monitoring: Real-time error tracking and intrusion detection via Sentry
• Secure Authentication: Password hashing with bcrypt and optional two-factor authentication
• Giving Data Isolation: Donor and donation data is strictly isolated per church tenant. Platform administrators have no access to sensitive giving information.

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5. Your Data Rights

Depending on your location, you may have the following rights regarding your personal information:

GDPR Rights (European Union)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Opt-out of certain data processing activities
• Right to Withdraw Consent: Revoke consent for data processing at any time

CCPA/CPRA Rights (California)

• Right to Know: Request disclosure of personal information collected
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale or sharing of personal information (we do not sell data)
• Right to Non-Discrimination: Equal service regardless of privacy rights exercise
• Right to Correct: Request correction of inaccurate personal information

To exercise any of these rights, please contact us at privacy@dailyoneaccord.com. We will respond to your request within 30 days.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. When you delete your account or request data deletion, we will permanently remove your personal information within 30 days, except where we are required to retain it for legal, regulatory, or security purposes. Backup copies may persist for up to 90 days before permanent deletion.

7. International Data Transfers

Daily One Accord is based in the United States. If you access our Service from outside the U.S., your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using the Service, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

For users in the European Economic Area (EEA), we ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses approved by the European Commission.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

• Essential Cookies: Required for authentication and core functionality
• Analytics Cookies: Help us understand how users interact with the Service
• Preference Cookies: Remember your settings and preferences
• Session Cookies: Stored in Upstash Redis for secure session management and caching

You can control cookies through your browser settings. Note that disabling cookies may limit your ability to use certain features of the Service.

9. Children's Privacy

Daily One Accord is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hello@dailyoneaccord.com, and we will delete such information from our systems.

Churches may use our Service to manage children's ministry programs. In such cases, the church is responsible for obtaining appropriate parental consent and complying with applicable laws regarding children's data.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: