Privacy Policy

1. Introduction

Kaleo Systems LLC ("Kaleo Systems," "we," "our," or "us"), operating under the brand name Ecclesly, is committed to protecting your privacy. This Privacy Policy describes how the Ecclesly Give mobile application (the "App") collects, uses, and safeguards your personal and financial information when you use the App to make donations to your church or organization.

By downloading or using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App.

2. Information We Collect

Information You Provide

When you use the App, we collect information you provide directly, including:

• Identity information: First name, last name, and email address
• Payment information: Credit or debit card number, expiration date, and security code. This information is transmitted directly to our payment processor, Stripe, and is never stored on our servers
• Giving preferences: Selected church, fund designation, donation amount, and recurring giving schedule
• Account credentials: Email and password used to sign in

Information Collected Automatically

When you use the App, we automatically collect:

• Device information: Device model, operating system version, and unique device identifiers
• Usage data: Features accessed, screens viewed, and time spent in the App
• Crash and diagnostic data: Error logs and performance data to help us improve the App
• IP address: Used for fraud prevention and approximate geographic location

Information We Do Not Collect

The Ecclesly Give app does not:

• Access your contacts, camera, microphone, or location
• Track your activity across other apps or websites
• Store your full payment card number on our servers
• Collect biometric data

3. How We Use Your Information

We use the information we collect to:

• Process your one-time and recurring donations
• Send you email receipts and giving statements
• Authenticate your account and prevent unauthorized access
• Detect and prevent fraud or suspicious transactions
• Provide customer support when you contact us
• Improve App performance and fix bugs using crash and usage data
• Comply with legal obligations (e.g., tax record-keeping)

We do not sell, rent, or share your personal information with third parties for their marketing or advertising purposes.

4. Payment Processing

All payment card transactions are processed by Stripe, Inc., a PCI-DSS Level 1 certified payment processor. Your card details are transmitted directly to Stripe using end-to-end encryption and are never stored on Ecclesly servers. Stripe's privacy policy is available at stripe.com/privacy.

Ecclesly stores a tokenized reference to your payment method provided by Stripe so that recurring donations can be processed without re-entering your card details. This token cannot be used to reconstruct your card number.

5. Information Shared with Your Church

When you make a donation through the App, your name, email address, donation amount, fund designation, and date of giving are shared with the church or organization you are donating to. Churches use this information to:

• Issue donation receipts and annual giving statements
• Record contributions in their church management system
• Communicate with you about your giving (if you have opted in)

Ecclesly acts as a technology intermediary. Each church is responsible for how they use the donor information they receive through the App.

6. Third-Party Service Providers

We work with trusted third-party providers who process data on our behalf:

• Stripe — Payment processing and fraud prevention
• Resend — Transactional email (donation receipts)
• Hostinger — Cloud infrastructure and hosting (ISO 27001 certified)

These providers are contractually obligated to protect your information and may not use it for their own purposes.

7. Data Security

We use industry-standard security measures to protect your information:

• All data transmitted between the App and our servers is encrypted using TLS
• Payment card data is handled exclusively by Stripe (PCI-DSS Level 1)
• Servers are hosted on ISO 27001 certified infrastructure
• Access to production systems is restricted and requires multi-factor authentication

8. Data Retention

We retain your data as follows:

• Donation records: Retained for 7 years to comply with IRS record-keeping requirements (IRC §6001, §6501)
• Account information: Retained while your account is active and for 90 days after deletion (excluding financial records)
• Payment tokens: Deleted when you remove a saved payment method or close your account
• Usage and diagnostic data: Retained for up to 90 days

When financial records must be retained after account deletion, your personal identifiers (name, email) are pseudonymized while the transaction amounts and dates are preserved for compliance purposes.

9. Children's Privacy

The Ecclesly Give app is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use the App or submit any personal information.

If we become aware that we have inadvertently collected personal information from a child under 13, we will promptly delete that information. If you believe we may have collected information from a child under 13, please contact us at support@ecclesly.com.

10. Your Rights and Choices

You have the following rights regarding your information:

• Access: Request a copy of the personal information we hold about you
• Correction: Update your name, email, or other account information in the App settings
• Deletion: Request deletion of your account and personal data
• Cancel recurring giving: Cancel any active recurring donation at any time from within the App
• Remove saved payment methods: Delete stored payment methods at any time in the App settings

To exercise your rights, contact us at support@ecclesly.com. We will respond within 30 days.

California Residents (CCPA/CPRA)

California residents have additional rights, including the right to know, delete, correct, and opt out of the sale of personal information. We do not sell personal information. To exercise your California rights, contact us at support@ecclesly.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date and, where appropriate, sending an in-app notification or email. Your continued use of the App after changes take effect constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights:

• Email: support@ecclesly.com
• Entity: Kaleo Systems LLC
• Location: South Carolina, United States