Koinonia Cloud™ — Privacy Policy
Effective Date: May 23, 2026
Version: 1.1
Provider: Unbalanced Force Dynamics LLC ("Provider," "we," "us," "our")
1. Introduction
Unbalanced Force Dynamics LLC operates Koinonia Cloud™, a cloud-hosted church management platform. This Privacy Policy describes how we collect, use, store, and protect information when you use our Service, and your rights regarding that information.
This policy applies to:
- Church administrators, staff, and volunteers who use the platform ("Users")
- The personal data of church members, families, and children entered into the platform by subscribing churches ("Data Subjects")
- Visitors to our website at www.koinoniacloud.com
By using the Service, you agree to the practices described in this policy.
2. Our Role: Data Processor
It is important to understand the distinction between our role and your church's role:
| Role | Party | Responsibility |
|---|---|---|
| Data Controller | Your Church | Decides what personal data to collect, why, and how it is used |
| Data Processor | Unbalanced Force Dynamics LLC | Processes and stores data on behalf of your church, following your instructions |
We process personal data only at the direction of the subscribing church. We do not sell, rent, share, or use Subscriber Data for our own marketing or advertising purposes. Ever.
3. Information We Collect
3.1 Account Information (collected directly from you)
- Church name, address, and contact information
- Administrator name, email address, and phone number
- Billing information (processed and stored by Stripe; we do not store credit card numbers)
- EIN (Employer Identification Number) for verification purposes
3.2 Subscriber Data (entered by your church's users)
Your church's users may enter the following types of personal data into the platform:
- Identity data: Names, dates of birth, gender, marital status, photos
- Contact data: Addresses, phone numbers, email addresses
- Family data: Family relationships, household composition, guardian assignments
- Membership data: Member status, join date, membership type, baptism records
- Ministry data: Group memberships, volunteer roles, spiritual gifts, skills
- Attendance data: Event attendance records, check-in/check-out timestamps
- Financial data: Giving records, donation amounts, fund designations
- Children's data: Names, ages, grade levels, medical/allergy notes, authorized guardians, classroom assignments
- Communication data: Email/SMS message logs, contact preferences
- Documents: Uploaded files, background check records, certificates
- Notes: Pastoral notes, care records, administrative notes
3.3 Usage Data (collected automatically)
- IP addresses and approximate geolocation (country/region level)
- Browser type, device type, and operating system
- Pages visited, features used, and timestamps
- Error logs and performance data
We collect usage data to maintain security, diagnose issues, and improve the Service. We do not use usage data to build profiles of individual church members.
4. How We Use Information
4.1 Subscriber Data
We use Subscriber Data exclusively to:
- Provide and operate the Service as directed by your church
- Store, back up, and restore your data
- Provide technical support when requested
- Comply with legal obligations
We do not use Subscriber Data to:
- Market or advertise to your church members
- Build behavioral profiles or audience segments
- Train machine learning models
- Sell or share with third parties for their own purposes
- Conduct analytics beyond aggregated, anonymized service metrics
4.2 Account Information
We use account information to:
- Create and manage your subscription
- Process billing and payments
- Communicate with you about the Service (updates, security notices, billing)
- Verify organizational identity during onboarding
- Comply with legal and tax obligations
4.3 Usage Data
We use usage data to:
- Monitor and maintain platform security
- Detect and prevent unauthorized access
- Diagnose technical issues and improve reliability
- Generate aggregated, anonymized metrics about platform usage (e.g., total API requests, feature adoption rates)
5. Data Storage and Security
5.1 Infrastructure
Subscriber Data is hosted on Google Cloud Platform (GCP) in the United States (us-central1 region). Koinonia Cloud™ is a single-tenant platform — your church receives its own dedicated infrastructure stack, including a separate frontend application, a separate backend application, a separate database instance, and separate file storage. There is no shared database and no architectural pathway by which another church's data could be reached from your instance.
5.2 Encryption
- At rest: All data is encrypted using AES-256 encryption via Google-managed encryption keys
- In transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher
- Backups: Encrypted using the same standards as production data
5.3 Access Controls
- Access to production infrastructure is restricted to authorized Provider personnel only
- Administrative access requires multi-factor authentication
- All infrastructure access is logged and audited
- Subscriber Data is never accessed by Provider personnel except as necessary for technical support (with your permission) or to comply with legal obligations
5.4 Incident Response
In the event of a data breach affecting your Subscriber Data, we will:
- Notify your SuperAdmin via email within seventy-two (72) hours of discovery
- Provide details of the nature and scope of the breach
- Describe the measures taken to contain and remediate the incident
- Cooperate with your organization's own notification obligations
6. Data Sharing and Third Parties
6.1 We Do Not Sell Your Data
We do not sell, rent, lease, or trade personal data to any third party. Period.
6.2 Service Providers
We use the following categories of service providers who may process data on our behalf, subject to contractual data protection obligations:
| Provider | Purpose | Data Accessed |
|---|---|---|
| Google Cloud Platform | Infrastructure hosting, database, storage, backups | All Subscriber Data (encrypted) |
| Stripe | Subscription billing for your church's Koinonia Cloud™ plan | Church billing info only (not member data) |
| Postmark | Transactional email delivery (password resets, notifications) | Email addresses, message content |
| Twilio | SMS messaging (if enabled by your church) | Phone numbers, message content |
When your church connects its own payment processor (Stripe Connect, PayPal, Square) for donation processing, transactions flow directly between your church members and your payment processor account. We do not process, store, or have access to donors' payment card information.
6.3 Optional Third-Party Integrations You Enable
When your church explicitly enables an optional third-party integration through the Service (for example, a background-check provider such as Checkr, GoodHire, MinistrySafe, or Protect My Ministry), the Service transmits relevant data between your instance and that provider on your behalf. Specifically for background-check integrations:
- The provider — not us — is the consumer-reporting agency that performs the check and returns the results
- We transmit the identity data your church submits (typically name, date of birth, and other identifiers the provider requires) to the provider, and transmit the provider's results back to your instance
- Your direct legal relationship for the background check is with that provider, governed by their terms of service and privacy policy, plus applicable laws including the Fair Credit Reporting Act (FCRA)
- We do not retain a separate copy of the background-check results outside your church's own instance; the results live with your other Subscriber Data and are subject to this Privacy Policy
The same general principle applies to other optional third-party integrations: you enable them, you remain the data controller, and the third-party provider is the entity actually performing the underlying service. See Terms of Service §9 for the full liability allocation.
6.4 Legal Requirements
We may disclose information if required by law, subpoena, court order, or government request. We will notify you of such requests unless legally prohibited from doing so.
6.5 Business Transfers
If Unbalanced Force Dynamics LLC is acquired or merged, Subscriber Data may be transferred to the successor entity, subject to the same privacy commitments described in this policy. You will be notified of any such transfer.
7. Children's Privacy
7.1 COPPA Compliance
The Service includes children's ministry features. We recognize the sensitivity of children's personal information and are committed to protecting it.
- We do not collect personal information from children under 13 directly. All children's data is entered by authorized church personnel acting under the authority of the subscribing church.
- The subscribing church acts as the data controller for children's data and is responsible for obtaining verifiable parental or guardian consent as required by the Children's Online Privacy Protection Act (COPPA).
- Children's data is used solely for the church's ministry operations (classroom assignments, check-in/check-out, medical/allergy alerts, attendance tracking).
- We do not display advertising to children or use children's data for marketing purposes.
- Parents or guardians may contact their church to request access to, correction of, or deletion of their child's information. Churches may fulfill these requests using the platform's built-in tools.
7.2 Children's Data We Process
At the direction of subscribing churches, we may process the following children's data:
- Name, date of birth, age, grade level
- Guardian/parent names and relationships
- Medical notes and allergy information (for safety during church programs)
- Classroom assignments and attendance records
- Check-in/check-out timestamps and authorized pick-up persons
- Photos (if uploaded by church staff)
8. Data Retention
8.1 Active Subscriptions
We retain Subscriber Data for as long as your subscription is active and your church directs us to store it.
8.2 Archived Records
The Service provides archive functionality for inactive member records. Archived records remain in your isolated database and are subject to the same security and retention policies.
8.3 After Cancellation
Upon subscription cancellation or other termination:
- You have ninety (90) days following termination to export all Subscriber Data using the platform's built-in export tools — these tools remain fully available throughout the window
- After the ninety (90) day window, all Subscriber Data is permanently deleted from production systems
- Subscriber Data in encrypted backups is purged as those backups rotate through their standard retention cycle
- Account information (church name, billing history) may be retained for up to seven (7) years for tax and legal-compliance purposes — this is separate from Subscriber Data and consists only of the records needed for our own books and regulatory obligations
If you need additional time beyond the standard 90-day window to complete migration to another system, contact us at support@koinoniacloud.com — we generally accommodate reasonable extensions for churches actively transitioning.
8.4 Deletion Requests
You may delete individual records at any time using the platform's built-in tools. Permanently deleted records are removed from the active database immediately and from backups as they rotate.
9. Your Rights
9.1 Church Administrators
As a subscribing church, you have the right to:
- Access all Subscriber Data stored in your instance at any time — every field your church has entered is visible and queryable through the platform
- Export all of your data in standard portable formats (CSV, JSON, and ZIP archives for binary assets such as photos and uploaded documents). Exports include member records, family relationships, groups, attendance history, giving records, volunteer information and certifications, communications history, event registrations, children's-ministry records, pastoral notes, uploaded documents, uploaded photos, and any other data your church has entered. We do not gate, throttle, or charge for exports
- Correct any inaccurate data using the platform's editing features
- Delete any records, including permanent deletion
- Restrict user access through the platform's permission system
- Cancel your subscription at any time and receive a complete data export through the standard 90-day post-termination window described in Section 8.3
9.2 Church Members (Data Subjects)
Individual church members whose data is stored in the platform should direct privacy requests to their church, which controls the data. Churches can fulfill these requests using the platform's tools.
9.3 California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.
9.4 Other Jurisdictions
We are committed to complying with applicable data protection laws. If you are located outside the United States and have questions about your rights, please contact us at support@koinoniacloud.com.
10. Cookies and Tracking
10.1 Essential Cookies
The Service uses essential cookies for:
- Authentication (maintaining your login session)
- Security (CSRF protection)
These cookies are strictly necessary for the Service to function and cannot be disabled.
10.2 No Tracking Cookies
We do not use:
- Third-party advertising or tracking cookies
- Analytics cookies that track individual behavior across sites
- Social media tracking pixels
- Fingerprinting or cross-device tracking techniques
11. Communication
11.1 Service Communications
We may send you emails related to the operation of the Service, including:
- Security alerts and breach notifications
- Billing confirmations and payment failure notices
- Scheduled maintenance announcements
- Terms of Service or Privacy Policy updates
These communications are transactional and cannot be opted out of while your subscription is active.
11.2 Product Communications
We may occasionally send product update announcements. You may opt out of these at any time by clicking the unsubscribe link or contacting us.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect operational changes, new features, evolving legal requirements, or other legitimate business reasons. Material changes follow the same notice-and-acceptance process as changes to our Terms of Service (see Terms of Service §16):
- 30-day advance notice via email to your SuperAdmin, with a link to the revised document, a plain-language summary of material changes, and the Effective Date
- A 30-day review period during which the existing Privacy Policy continues to govern. The Service displays a non-blocking in-application banner so all administrators are aware updated terms are pending
- Explicit acceptance required on or after the Effective Date — your SuperAdmin must formally accept the revised Policy via an in-application acceptance flow. Until acceptance is recorded, the Service restricts normal operations to read-only access plus data export. We do not treat continued use alone as acceptance of material changes
- Graceful off-ramp — if your SuperAdmin declines to accept, your subscription ends per Terms of Service §16.4, and the standard 90-day post-termination data-export window applies (Section 8.3)
Non-material changes (typo corrections, contact-information updates, clarifications that do not alter substantive obligations) may be made without invoking this process; the "Version" and "Effective Date" at the top of this document will be updated accordingly in all cases.
13. Contact Us
For privacy questions, data requests, or concerns:
Unbalanced Force Dynamics LLC
Email: support@koinoniacloud.com
Website: www.koinoniacloud.com
For security incidents:
Email: support@koinoniacloud.com
Your congregation's data is sacred. We treat it that way.