Privacy Policy

Effective: June 14, 2026 · Version 1.0

1. What We Collect

• Account data: Email address, display name, password (bcrypt hashed — never stored in plaintext)
• Submission data: Review text, ratings, attendance dates, church associations
• Technical data: IP address (at registration and submission), browser user-agent hash, session tokens
• Audit data: Login events, submission timestamps, moderation actions

We do not collect payment information, phone numbers, or physical addresses from users.

2. How We Use It

• To authenticate your account and maintain your session
• To send account verification and password reset emails
• To moderate submissions and detect abuse
• To display your reviews (anonymously, unless you opt out of anonymity)

We do not sell, rent, or share your personal data with any third party for marketing purposes.

3. Anonymity

All reviews are published anonymously by default. Your display name is shown only if you explicitly uncheck the "Post anonymously" option. Your email address is never displayed publicly.

4. Data Retention

Account data is retained for as long as your account is active. You may request account deletion by emailing admin@christianstewards.com. Deleted accounts have their personal data anonymized; associated reviews are retained under the anonymous attribution unless you also request review removal.

5. Cookies & Sessions

We use a single session cookie to maintain your login state. No third-party tracking cookies, analytics scripts, or advertising pixels are used on this Site.

6. Security

All data is transmitted over HTTPS/TLS. Passwords are hashed with bcrypt (cost factor 12). Session tokens are cryptographically random. IP addresses are logged for abuse prevention only and are not shared.

7. Contact

Privacy questions or data requests: admin@christianstewards.com