Skip to content
Ekklesia

Privacy Policy

Last updated: July 6, 2026

1. What we collect

Account information — name, email address, and a securely hashed password when you create an account.

Registration information — when someone registers for an event: attendee names, the purchaser’s email, optional attendee emails, and answers to the questions the organizer configured.

Technical logs — standard request logs and security audit records (for example, who checked an attendee in and when).

2. How we use it

To run events: issuing QR tickets, processing registrations, check-in at the door, sending transactional email about registrations (confirmations, refunds, ticket re-sends), and maintaining each organization’s contact records. Also to keep the platform secure — tenant isolation, audit trails, abuse prevention.

3. What we don't do

We do not sell personal information. We do not run third-party advertising or cross-site tracking. Registration data belongs to the organization that collected it and is used only for their events and communications.

4. Payment information

Card details are processed by our payment providers and are never stored on Ekklesia’s servers. We keep only the payment reference, amount, and status needed for receipts, reconciliation, and refunds.

5. Cookies

We use cookies only to keep you signed in (a session cookie and a security token). There are no advertising or analytics cookies.

6. Data retention

Workspace data is retained while the workspace is active. Order records are kept as financial records. Organizers can delete contact profiles at any time; deleting a workspace removes its data from production systems, with backups expiring on a rolling schedule.

7. Your choices and rights

You can ask to access, correct, or delete your personal information. For event registrations, contact the event organizer first — they control that data and have in-app tools to export or delete contact profiles. You can also contact support, and we will help route your request. We honor applicable privacy laws, including US state privacy acts.

8. Children

Ekklesia accounts are for adults. Event registrations for minors are made by a parent or legal guardian, who provides the minor’s information and any consents the organizer’s policies describe.

9. Security

Data is encrypted in transit. Every organization’s data is isolated with database-enforced tenant separation. Administrative actions are audit-logged. Passwords are hashed with a modern memory-hard algorithm and are never stored in plain text.

10. Changes

If this policy changes in a material way, we will notify workspace owners by email before the change takes effect.

11. Contact

Privacy questions? Contact your event organizer for registration data, or Ekklesia support for account and platform questions.