Apostolic Path

Privacy Policy

Effective Date: January 16, 2026

1. Introduction

Apostolic Path ("we," "us," or "our") is a software-as-a-service (SaaS) discipleship platform designed for Apostolic churches. This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your data. By using Apostolic Path, you agree to the practices described in this policy.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, phone number (optional), church affiliation, and your role within the platform (such as admin, leader, teacher, or student).

Church Information

Church administrators provide church details including the church name, address, pastor name, contact information, and optionally a church logo.

Discipleship Data

The platform stores student records, New Birth milestones (repentance, water baptism, Holy Ghost), First Steps discipleship progress, Bible study sessions and lesson progress, teacher assignments, and notes entered by authorized users.

Usage Data

We automatically collect certain technical information when you use the platform, including login timestamps, IP addresses (for security purposes), and browser and device information.

Uploaded Content

Users may upload content such as profile photos and study materials. These files are stored securely using Amazon Web Services (AWS) S3.

3. How We Use Your Information

We use the information we collect to:

  • Provide and operate the Apostolic Path discipleship platform
  • Manage church accounts and user access
  • Generate reports and analytics for church leadership
  • Send service-related notifications (such as account updates or system alerts)
  • Improve the platform, fix bugs, and develop new features

4. Data Isolation and Multi-Tenancy

Apostolic Path is a multi-tenant platform. We take data isolation seriously:

  • Each church's data is completely isolated from other churches on the platform.
  • Users can only access data within the church or churches they are authorized to view.
  • Church administrators control who has access to their church's data and can manage user roles and permissions.
  • There is no cross-church data sharing without explicit authorization from the respective church administrators.

5. Data Storage and Security

  • All data is stored on Amazon Web Services (AWS) infrastructure located in the United States.
  • Data is encrypted in transit using TLS/HTTPS and encrypted at rest.
  • User authentication is handled through AWS Cognito with JSON Web Tokens (JWT).
  • Role-based access controls (RBAC) enforce data boundaries at every level of the platform, ensuring users can only access the data their role permits.

6. Data Sharing

We do not sell your personal information. We do not share your data with third parties for marketing purposes.

We may share data in the following limited circumstances:

  • Infrastructure providers: We use Amazon Web Services (AWS) to host and operate the platform. AWS processes data on our behalf in accordance with their security and privacy commitments.
  • Legal requirements: We may disclose information if required to do so by law, regulation, or legal process.
  • Church data exports: Church administrators may export their church's data at any time.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of any inaccurate information
  • Request deletion of your account and associated personal data
  • Export your personal data in a portable format

For church-level data requests (such as accessing or exporting records for your church), please contact your church administrator. For personal account requests, contact us at legal@apostolicpath.com.

8. Data Retention

  • Account data is retained for as long as your account remains active.
  • Upon church account termination, all associated data is retained for 30 days and then permanently deleted.
  • You may request immediate deletion of your data at any time by contacting us at legal@apostolicpath.com.

9. Cookies and Tracking

We use essential cookies solely for authentication and session management. These cookies are necessary for the platform to function and cannot be disabled.

We do not use third-party advertising cookies. We do not engage in cross-site tracking.

10. Children's Privacy

Apostolic Path is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. Church administrators are responsible for ensuring that the platform is used appropriately within their congregation and in compliance with applicable laws regarding minors.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will notify users through the platform and update the effective date at the top of this page. Your continued use of Apostolic Path after any changes take effect constitutes your acceptance of the revised policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at legal@apostolicpath.com.

Apostolic Path

Brown County, Wisconsin