Privacy Policy

Last updated: June 24, 2026

1. Introduction

StewardMAX LLC ("we," "us," or "our") is committed to protecting your privacy and the privacy of your congregation members. This Privacy Policy explains how we collect, use, store, and protect information when you use the StewardMAX platform ("the Service").

2. Information We Collect

Information you provide directly:

  • Account registration details (name, email, password)
  • Ministry profile information (church name, address, logo)
  • Congregation member records you enter into the system
  • Giving and financial records
  • Communications, notes, and files you upload
  • Billing and payment information (processed securely via Stripe)

Information collected automatically:

  • Log data (IP address, browser type, pages visited, timestamps)
  • Device information
  • Usage analytics to improve the Service (via PostHog, with anonymization options)
  • Cookies and session tokens for authentication

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process transactions and send billing-related communications
  • Send account notifications, product updates, and support responses
  • Improve and personalize the Service
  • Monitor for security threats and prevent fraud
  • Comply with legal obligations

We do not sell your data or your congregation members' data to third parties. We do not use congregation member data for advertising.

4. Data Sharing

We may share information with:

  • Service providers: Supabase (database and authentication), Stripe (payments), Vercel (hosting), PostHog (analytics), and other infrastructure providers bound by data processing agreements
  • Law enforcement: When required by law, court order, or to protect the rights and safety of our users
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with notice provided to you

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, secure authentication, and regular security reviews. However, no system is completely secure and we cannot guarantee absolute security.

You are responsible for maintaining the security of your account credentials and for restricting access to your account.

6. Data Retention

We retain your account data for as long as your account is active. Upon account cancellation, data is retained for 90 days to allow for export, then permanently deleted. Certain records may be retained longer as required by law (e.g., financial records).

7. Your Rights

Depending on your location, you may have the right to:

  • Access, correct, or delete your personal data
  • Export your data in a portable format
  • Withdraw consent for certain processing
  • Lodge a complaint with a data protection authority

To exercise these rights, contact us at privacy@stewardmax.com.

8. Cookies

We use cookies and similar technologies for authentication sessions, remembering your preferences, and analytics. Session cookies are essential for the Service to function. You can configure your browser to reject cookies, but this may affect Service functionality.

9. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal data directly from children. Congregation members who are minors may have records entered by authorized ministry staff. These records are subject to all protections described in this policy.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through a notice in the Service before they take effect.

11. Contact Us

For privacy-related questions or requests, contact us at privacy@stewardmax.com or hello@stewardmax.com.