Data Privacy

Last updated: June 2026

1. Introduction & Responsible Party

Privacy is not a legal checkbox for us — it's an expression of responsibility. This privacy policy explains what personal data we process on this website, why we do so, and what rights you have.

This policy applies to the domain https://churchly.so.

Responsible for data processing:

Benni Amann
Wright-Strasse 62
8152 Opfikon
Switzerland
Email: hello@churchly.so

2. Principles of Data Processing

We process personal data with a clear purpose and only to the extent necessary. We follow these principles:

Transparency — We openly describe which tools we use and why.

Purpose limitation — We collect data only for the purpose it is intended — for example, to send you waitlist updates.

Data minimisation — We collect only what is necessary.

Security — We use technical and organisational measures to protect your data from loss, misuse, or unauthorised access.

Storage limitation — We store personal data only as long as needed for the respective purpose.

Lawfulness — Our data processing is based on a valid legal basis: your consent, a legitimate interest, or a legal obligation.

3. What Data We Collect and Why

Waitlist signup

When you sign up for the Churchly waitlist, we collect your email address. We use it exclusively to send you updates about the Churchly launch and early access information.

Legal basis: Your consent (Art. 6 (1)(a) GDPR / Art. 31 revDSG).

You can unsubscribe at any time via the unsubscribe link in any email we send.

Contact

If you contact us via email, we process the data you provide (name, email, message) to respond to your enquiry. We store contact requests for a maximum of 2 years.

Legal basis: Your consent / legitimate interest (Art. 6 (1)(a)(f) GDPR).

Website usage & server logs

When you visit our website, our hosting provider automatically processes certain technical data: IP address (anonymised), browser type, operating system, date and time of access, pages visited.

This data is used for technical operation and IT security. It is not linked to your identity.

Legal basis: Legitimate interest (Art. 6 (1)(f) GDPR).

4. Cookies & Tracking

Our website uses only technically necessary cookies — for example, to ensure the contact form and spam protection work correctly.

We do not use tracking cookies, analytics tools, advertising pixels, or remarketing services at this time.

If this changes, we will update this policy and request your consent where required.

5. Tools & Third-Party Services

Loops (loops.so)
We use Loops to manage our waitlist and send email updates.
Your email address is stored on Loops servers.
Loops is a US-based service. Data transfer is covered by Standard Contractual Clauses (SCC).
Privacy policy: https://loops.so/privacy

Cloudflare (cloudflare.com)
Our website is hosted on Cloudflare Pages and uses Cloudflare Turnstile for spam protection.
Cloudflare may process technical data (IP address, browser information) for security purposes.
Cloudflare is a US-based service operating under the EU-US Data Privacy Framework.
Privacy policy: https://www.cloudflare.com/privacypolicy/

splitforms
We use splitforms to process survey responses submitted through this website. Submitted data is stored on splitforms servers.
Privacy policy: https://splitforms.com/privacy

6. Your Rights

You have the following rights regarding your personal data:

Right of access — You can ask what data we hold about you.
Right to rectification — You can request correction of inaccurate data.
Right to erasure — You can request deletion of your data.
Right to restriction — You can request that we limit processing of your data.
Right to object — You can object to processing based on legitimate interest.
Right to data portability — You can request your data in a portable format.
Right to withdraw consent — You can withdraw consent at any time (e.g. unsubscribe from the waitlist).
Right to lodge a complaint — You can contact the relevant supervisory authority:
- Switzerland: Federal Data Protection and Information Commissioner (FDPIC) — https://www.edoeb.admin.ch
- EU: The data protection authority of your country of residence.

7. Data Sharing & Processors

We do not sell or share your personal data with third parties for their own purposes.

We work with the following processors who act on our behalf and under our instructions:

Loops (email delivery)
Cloudflare (hosting, spam protection)
splitforms (form processing)

All processors are bound by data processing agreements and are required to protect your data.

International transfers

Some processors are based outside Switzerland or the EU (particularly in the USA). We ensure appropriate protection through Standard Contractual Clauses (SCC) or the EU-US Data Privacy Framework.

8. Storage Duration

Waitlist email addresses: stored until you unsubscribe or request deletion.
Contact enquiries: maximum 2 years.
Survey responses: maximum 1 year, then anonymised or deleted.
Server logs: maximum 30 days.

9. Security

We use technical and organisational measures to protect your data, including:

Encrypted connections (SSL/TLS — visible as "https://")
Access restrictions on our systems
Regular security updates
Careful selection of service providers

No digital system is 100% secure, but we do everything we can to ensure a high level of protection.

10. Legal Basis & Scope

This policy is based on the EU General Data Protection Regulation (GDPR), the Swiss revised Data Protection Act (revDSG), and applicable national law.

11. Contact for Privacy Matters

If you have questions about data privacy or wish to exercise your rights (access, deletion, withdrawal), please contact us:

Benni Amann
hello@churchly.so
Wright-Strasse 62, 8152 Opfikon, Switzerland

We respond as quickly as possible and always within the legally required timeframe.

Changes

We review this policy regularly and update it when required by legal changes or new tools. The current version is always available at https://churchly.so/privacy.