Privacy Policy

Last updated: April 17, 2026

1. Introduction

Altare ("we," "us," or "our") operates a multi-tenant faith community platform delivered under each organization's own brand. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, platform, and related services (collectively, the "Service").

By using the Service you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account we collect your name, email address, and authentication credentials. If you sign in with Google, we receive your name, email, and profile photo from Google.

2.2 Organization & Membership Data

When you create or join a faith community on Altare we store your membership role, the organization you belong to, and activity within that community (e.g., event RSVPs, board posts, sermon views).

2.3 Donation & Payment Data

Donations are processed through Stripe. We store the donation amount, date, type (one-time or recurring), and Stripe payment identifiers. We do not store full credit card numbers — all payment credentials are handled directly by Stripe in accordance with PCI-DSS standards.

2.4 AI Spiritual Guide Conversations

If your community enables the AI Spiritual Guide feature, conversation messages between you and the AI are stored to provide continuity and improve the experience. Conversations are scoped to your organization and are not shared across communities.

2.5 Uploaded Content

Files you upload — such as profile avatars, organization logos, sermon recordings, and board images — are stored in cloud storage and associated with your account or organization.

2.6 Automatically Collected Data

We collect standard usage data including IP addresses, browser type, device information, pages visited, and referring URLs. We use Google Analytics to understand aggregate usage patterns.

3. How We Use Your Information

  • Provide, operate, and maintain the Service
  • Process donations and generate IRS-compliant tax receipts
  • Facilitate community features (events, board, sermons)
  • Power the AI Spiritual Guide with faith-tradition-aware responses
  • Send transactional notifications (donation confirmations, event reminders)
  • Enforce our Terms of Service and prevent fraud
  • Improve and develop new features based on aggregate usage data

4. How We Share Your Information

4.1 With Your Organization

Organization administrators can see member profiles, donation summaries, event participation, and board activity within their community. They cannot see your activity in other organizations.

4.2 Service Providers

We share data with third-party providers that help us operate the Service:

  • Firebase (Google Cloud) — authentication, database, hosting, and storage
  • Stripe — payment processing and connected account management
  • Anthropic / Google — AI language model providers for the Spiritual Guide feature
  • Google Analytics — anonymized usage analytics

4.3 Legal Requirements

We may disclose your information if required by law, subpoena, or court order, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Retention

We retain your account data for as long as your account is active. Donation records are retained for a minimum of seven (7) years to comply with IRS record-keeping requirements. AI conversation data is retained for the duration of your membership unless you request deletion. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law.

6. Data Security

We use industry-standard security measures including encrypted data transmission (TLS), Firebase Security Rules for access control, role-based permissions, and secure authentication. Payment data is handled exclusively by Stripe under PCI-DSS compliance. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Withdraw consent for data processing where consent is the legal basis
  • Export your data in a portable format
  • Object to processing based on legitimate interests

To exercise any of these rights, contact us at privacy@altare-usa.com.

8. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete it.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. Our infrastructure providers (Google Cloud, Stripe, Anthropic) maintain data centers in the United States and other regions. By using the Service, you consent to such transfers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@altare-usa.com.