Legal

Privacy Policy

Last updated: May 25, 2026

Overview

Shepherd is a church health platform built on the conviction that pastoral care requires trust. This policy explains how we collect, use, and protect the information you and your team share with us.

Data in Transit

All communication between your device and Shepherd is encrypted in transit using HTTPS (TLS 1.2 or higher). This includes every check-in response, every pastoral message, and every piece of data your team submits through the platform.

Check-In Privacy

Check-in responses — including the Win of the Week and On Your Heart text fields — are private by design. Specifically:

  • Text content shared in check-ins is accessible only to the ministry lead who submitted it and the pastor of their church.
  • Church administrators (Shepherd Stewards) can see health states and trends but cannot read the text content of check-in responses.
  • No other ministry lead can see another lead’s check-in responses.
  • No data from one church is ever visible to another church.

Shepherd Staff Access

Shepherd staff do not read individual check-in responses. We may access aggregated, anonymized data for product improvement purposes, but we do not inspect the personal content your ministry leaders share with their pastors. Your team’s honesty belongs to your church, not to us.

AI Processing

When AI features are enabled, check-in data may be processed by Anthropic’s API to generate suggested pastor responses. This processing is server-side only — no check-in data is stored by Anthropic beyond what is needed to fulfill the individual request, and Anthropic does not train on your data by default under its standard API terms. No church names or personally identifying information beyond what is strictly necessary is sent to the AI API.

Data Retention and Deletion

You own your data. When a church account is canceled:

  • You may request permanent deletion of all church data by contacting us at hello@shepherd-church.com.
  • Upon request, all church data — including check-in responses, member records, and ministry data — will be permanently and irreversibly deleted within 30 days of account cancellation.
  • Church deletion can also be initiated directly from your settings, which permanently removes all associated data after a 24-hour cancellation window.

Authentication and Sessions

Shepherd uses Clerk for authentication. Passwords are never stored by Shepherd — they are managed securely by Clerk. Session tokens expire after a maximum of 7 days, after which you will be prompted to sign in again. Invitation links sent to new ministry leads expire after 7 days.

What We Collect

We collect only what is necessary to provide the service:

  • Name and email address (for account creation and notifications)
  • Check-in responses submitted through the platform
  • Health scores computed from check-in responses (used for dashboard display)
  • Reminder preferences and timezone (for email scheduling)
  • Billing information (handled by Polar — we do not store card details)

Third-Party Services

Shepherd uses the following third-party services to operate:

  • Convex — real-time database and backend infrastructure
  • Clerk — authentication and session management
  • Resend — transactional email delivery
  • Polar — billing and subscription management
  • Anthropic — AI-generated response suggestions (when AI features are enabled)

Each provider operates under its own privacy policy and data processing terms. We select providers that meet our standards for data security and confidentiality.

Security Concerns

If you discover a security vulnerability or have concerns about how your data is being handled, please contact us directly at hello@shepherd-church.com. We take security disclosures seriously and will respond promptly.

Changes to This Policy

We may update this Privacy Policy as Shepherd evolves. If we make material changes, we will notify church administrators by email before those changes take effect. Continued use of Shepherd after notification constitutes acceptance of the updated policy.

Contact

Questions about this policy or your data? Reach us at hello@shepherd-church.com. We are a small team that genuinely cares about the trust you place in us.

← Back to Shepherd