Effective April 16, 2026

Privacy Policy

1. Introduction

ChurchAgent.ai ("ChurchAgent," "we," "us," or "our") operates an AI-powered platform that enables churches and similar organizations to deploy a persistent AI agent across voice, chat, email, SMS, and workplace messaging channels (the "Services"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have.

Because ChurchAgent is an agentic AI platform, the Services may read from and write to third-party systems on behalf of a customer based on configured scopes. This policy covers how data flows through those tool calls in addition to traditional account and usage data.

2. Information We Collect

2.1 Account & contact information

• Name, email address, phone number, postal code
• Church or organization affiliation and role
• Account credentials and authentication tokens

2.2 Communications data

• Voice call recordings and transcripts routed through our Services
• SMS, chat, email, Slack, Telegram, and Google Chat messages handled by the agent
• Phone numbers collected with explicit SMS consent, along with timestamp and consent source

2.3 Connected-systems data

When a customer authorizes ChurchAgent to connect to third-party systems (e.g., Planning Center, Google Workspace, Slack, Mailchimp, Notion, Zoom, etc.), the agent may read, write, or act on records in those systems within the scope the customer has granted. Examples include people records, giving history, calendar events, documents, and email drafts.

2.4 Usage & device data

• IP address, browser, device, operating system
• Log data, timestamps, feature usage, and error traces
• Cookies and similar tracking technologies (see Section 10)

2.5 AI-derived insights

Session summaries, cross-channel identity links, memory entries, and aggregated patterns the agent infers from conversations and actions over time.

3. How We Use Information

• Deliver, operate, and improve the Services
• Enable the AI agent to perform tasks across the customer's connected tools
• Personalize responses and maintain persistent memory for the customer's tenant
• Provide technical support and troubleshoot issues
• Comply with legal obligations, enforce our Terms, and prevent fraud or abuse
• Send product and marketing communications where you have opted in

4. AI, Tool Use, and Human Oversight

ChurchAgent is built on large language models, including Anthropic's Claude. The agent is designed to take actions (send messages, draft emails, query databases, create records) on behalf of a customer through configured tools and connectors.

• Scoped autonomy. Customers define which tools the agent may use and what scopes it is granted in each connected system. Actions outside a granted scope are not executed.
• Human-in-the-loop. Sensitive actions (financial changes, mass communications, destructive operations) can require explicit human approval. Customers can override, pause, or revoke the agent at any time.
• Training. Customer content is not used to train foundation models. Underlying model providers process data subject to their own terms; see Anthropic's Privacy Policy.
• Accuracy. AI output may be inaccurate or incomplete. Customers are responsible for reviewing agent-produced content before relying on or distributing it.
• Audit logging. We retain tool-use audit logs so customers can review what the agent did and why.

5. How We Share Information

• Service providers. Hosting, analytics, payment processing, SMS/voice delivery, and model providers operate under confidentiality and data-processing agreements.
• Third-party connectors. When the customer connects an external system, data is exchanged with that system as directed by the customer. Use of that system is governed by its own terms.
• Within the customer organization. Authorized administrators may access communications handled by their tenant.
• Legal compliance. We may disclose information to comply with applicable law, enforce our rights, or respond to lawful requests.
• Business transfers. Information may transfer as part of a merger, acquisition, or asset sale, subject to this Policy.

We do not sell personal information. SMS opt-in data is not shared with third parties for marketing.

6. Data Retention

We retain information as long as needed to provide the Services, meet legal obligations, resolve disputes, and enforce our agreements. Customers can request deletion or export of tenant data at any time, subject to legal retention requirements.

7. Security

We use administrative, technical, and physical safeguards designed to protect information. No system is perfectly secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the right to access, correct, delete, restrict processing of, port, or withdraw consent regarding your personal information. Contact us to exercise these rights.

9. Children's Privacy

The Services are not directed to children under 16. We do not knowingly collect information from children under 16 without parental consent.

10. Cookies & Tracking

We use cookies and similar technologies for authentication, preferences, and analytics. You can control cookies via your browser settings.

11. International Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards for cross-border transfers.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted on this page with an updated effective date.

13. Contact

Questions or requests: [email protected].