Shepherdly
Start free
Menu

Legal

Privacy policy

Last updated: 26 April 2026

Shepherdly is a church management platform operated by Shepherdly Pty Ltd (“we”, “us”, “Shepherdly”) from Australia. This policy explains what personal information we handle, why, and the rights you have over it. We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

Two kinds of people, two kinds of data

Shepherdly is a multi-tenant tool. There are two distinct relationships:

  • Churches — the organisations who sign up as Shepherdly customers. We hold their account, billing, and configuration information, and we are the data controller for that information.
  • Members of those churches — the people whose information a church stores in Shepherdly. For that information, the church is the data controller. Shepherdly is a data processor acting on the church’s instructions. If you are a church member with a question about your data, please contact your church first; they decide what information is held and who can see it.

What we collect from churches (account data)

  • Name, contact details, role, and Clerk-managed login credentials of staff.
  • The church’s name, address, contact email and phone, timezone, and country.
  • Billing details: subscription plan, Stripe customer id, invoice history. Card numbers are held by Stripe, never by us.
  • Stripe Connect account id (where applicable) so the church can accept online giving directly into their own bank account. We do not see or hold the church’s bank credentials.
  • Support tickets and any attachments uploaded to them.
  • Telemetry: limited error logs and aggregated usage metrics, used only to keep the product running and improve it. We may add a third-party error monitoring or analytics tool in future and will update this list when we do.

What churches store about their people (member data)

Each church chooses what to store. Common categories include name, contact details, household / family relationships, dates of birth, attendance, donations, group memberships, pastoral notes, and Working With Children Check records. Sensitive information (such as health information for pastoral care) is sometimes recorded by churches for legitimate purposes; it is the church’s responsibility to obtain consent from the individual before doing so.

How we use information

  • To operate the Shepherdly service the church has signed up for.
  • To process payments via Stripe (subscriptions to us, and Connect-based giving to the church).
  • To send transactional emails (e.g. account notifications, ticket replies).
  • To respond to support requests.
  • To detect and investigate abuse, fraud, or security incidents.
  • To comply with our legal obligations.

We do not sell personal information. We do not use member data for advertising. We do not share one church’s data with another church. We do not train AI models on member data.

Where data lives

Shepherdly is built on Cloudflare infrastructure (database, file storage, compute, CDN). Cloudflare data is stored across global regions; for Australian churches we host primarily in Australian and Asia-Pacific Cloudflare data centres where possible, but data may be processed in any Cloudflare region for availability and performance.

Other processors we use:

  • Clerk — authentication and identity.
  • Stripe — payment processing.
  • Resend — transactional and bulk email delivery.
  • Twilio / ClickSend — SMS delivery (only where the church has configured it).
  • OpenAI — the in-app AI help assistant (no individual member data sent; the assistant only answers questions about how to use Shepherdly and may receive aggregate stats like counts of people, groups, or events).

Multi-tenancy and data isolation

Every database query in Shepherdly is filtered by the church it belongs to. Members of one church can never see, query, or export the data of another church. This boundary is enforced in application code and is the single most important security guarantee we make.

Your rights

Under the Privacy Act and other applicable laws, you may request access to, correction of, or deletion of personal information we hold about you. Where you are a member of a church using Shepherdly, please contact your church first — they hold the relationship with you and can fulfil most requests directly.

For account holders (church staff): email privacy@shepherdly.com.au and we will respond within 30 days.

Data export and deletion

Churches can export their full data set (people, households, giving, attendance, groups, etc.) as CSV at any time, with no extra charge. When a church closes their account, we delete their data within 60 days of cancellation, except where we are required to retain certain records by law (e.g. financial records under the Corporations Act).

Cookies

Shepherdly uses essential cookies for authentication and session management. We use a small number of analytics cookies (PostHog) to understand product usage; no advertising or cross-site tracking cookies are set.

Children’s data

Churches use Shepherdly to record children for kids ministry, check-in, and pastoral care. Where this involves children, the church is responsible for obtaining parental consent and complying with applicable child-safety laws (including jurisdictional Working With Children Check requirements, which Shepherdly helps the church track but does not enforce on their behalf).

Changes to this policy

We may update this policy. Material changes will be communicated via email to account holders at least 14 days before they take effect. The current version and last-updated date are always shown at the top of this page.

Complaints

If you believe we have breached the Australian Privacy Principles, please contact us at privacy@shepherdly.com.au first. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Questions about this document? Email hello@shepherdly.com.au.