Your information.

St. Paul Baptist Church respects your privacy. When you fill out a form on our website (visit, contact, prayer request, submission, newsletter), we collect only the information you give us, use it only for the purpose you submitted it for, and we don't sell or share it with anyone outside our church staff and trusted service providers.

If you want us to delete your information, just ask.

Depending on which form you fill out, we may collect:

• Name (first and last)
• Email address
• Phone number (when you provide it)
• Message content — what you wrote in a contact form, prayer request, announcement submission, etc.
• Visit information — which Sunday you plan to attend, who you're bringing
• Attached files — graphics or documents you upload to the submission form
• Technical data — IP address, browser type, pages visited (for security and analytics)

We do not collect or store credit card numbers. All giving is processed by trusted third parties (PayPal, Givelify, Zelle) — we never see your card details.

We use your information for the specific reason you gave it to us:

• Plan-your-visit forms — to text or email you with parking info and a Sunday welcome
• Contact forms — to respond to your message
• Prayer requests — read by Pastor Johnson and our prayer team for prayer; never published unless you ask us to share anonymously on the prayer wall
• Submission forms — reviewed by our communications team and, if approved, published in the channels you selected
• Newsletter signups — to send you our weekly newsletter (unsubscribe anytime)
• Connect cards — to follow up with first-time visitors and members

We will never use your contact information to send you unrelated promotional content. We will never share your information with anyone outside our church staff and trusted service providers.

We use trusted third-party services to run the website and process information. These providers see only what they need to do their job:

• Cloudflare — website hosting, security, and form spam protection
• Supabase — secure database for form submissions
• Resend — email delivery for confirmations and notifications
• Twilio — text message delivery (for visitor follow-up)
• PayPal, Givelify, Zelle — payment processing for giving (we never see your card details)

Each of these providers has their own privacy policy and security practices. We've selected them because they have strong reputations for protecting user data.

We do not sell, rent, trade, or share your information with marketers, data brokers, or anyone else for commercial purposes — ever.

Our website uses minimal cookies — only what's needed to make the site work and to keep it secure. We do not use advertising cookies, social media tracking pixels, or third-party analytics that follow you across the internet.

What we use:

• Local storage for legitimate functional purposes — remembering your sign-in to admin tools, caching the search index, and storing your form draft if you start one. Nothing personally identifying. Cleared when you sign out or clear your browser data.
• Cloudflare Turnstile on form pages — a privacy-respecting alternative to reCAPTCHA. Doesn't track you across sites.
• Cloudflare Web Analytics — measures basic page-view counts so we know which pages people are reading. It does not use cookies, does not track you across sites, and does not collect any personally identifying information. You can read more at cloudflare.com/web-analytics.

Embedded video: Our Watch page embeds video players from Resi and YouTube. We use YouTube's privacy-enhanced mode (youtube-nocookie.com), which means YouTube doesn't set tracking cookies until you actually click play. If you do click play, YouTube's own cookies and privacy policy then apply — they're a third party we don't control.

If you'd like, you can disable cookies in your browser settings. The site will mostly still work, though some forms may have reduced spam protection.

We take security seriously. Concrete steps we take:

• All data sent to and from our website is encrypted (HTTPS)
• Form submissions are stored in encrypted databases
• Only authorized church staff can access submission data
• Our systems use spam protection (honeypot, time-trap, Cloudflare Turnstile) to keep automated bots out
• Files uploaded through the submission form are virus-scanned before storage

No system is 100% secure, but we work hard to protect your information.

Our website forms are intended for adults. If you're under 13, please don't submit personal information through our forms — ask a parent or guardian to do it for you.

For child birth announcements submitted through the announcements form, we require explicit parent permission via a checkbox. We never share information about minors without parental consent.

You have the right to:

• See what we have — request a copy of any information we have about you
• Correct it — let us know if anything is wrong and we'll fix it
• Delete it — ask us to remove your information from our systems
• Unsubscribe — stop receiving newsletters or any other communications anytime
• Take it elsewhere — request your information in a portable format

To exercise any of these rights, just contact us using the information below.

If we update this policy, we'll change the "Last updated" date at the top and post a notice on the home page for at least 30 days. For significant changes that affect your data, we'll email you directly if we have your email address.

Questions, concerns, or want to exercise your rights? Reach out: