Privacy Policy

Welcome to faithed, your Christ-first social networking platform. We are committed to protecting your privacy while fostering a safe, faith-centered community. This Privacy Policy explains how we collect, use, protect, and share your personal information in accordance with GDPR, African data protection standards, and Namibian law.

1. Information We Collect

1.1 Account Information

When you create a faithed account, we collect:

• Email address (used for account verification and communication)
• Username and display name
• Date of birth (to verify age and enable Faith Guardian protections for minors)
• Password (encrypted and securely stored)
• Invite code (if provided by another user)

1.2 Profile Information

You may choose to provide additional information such as:

• Profile photo and cover image
• Bio and personal description
• Location (city/region only, never precise GPS coordinates)
• Church or faith community affiliation
• Interests and favorite Bible verses

1.3 Content You Create

We store content you post, including:

• Posts, comments, and replies
• Photos, videos, and media uploads
• Private messages (encrypted)
• Prayer requests and testimonies
• Faith Family discussions

1.4 Usage Data

We automatically collect information about how you use faithed:

• Pages visited and features used
• Time spent on platform
• Device type, browser, and operating system
• IP address (anonymized after 90 days)
• Referral source (how you found faithed)

1.5 Payment Information

If you subscribe to Premium, we collect:

• Billing name and address
• Payment method (processed securely by our payment processor)
• Transaction history

Note: We do not store full credit card numbers. Payment processing is handled by PCI-compliant third-party providers.

2. How We Use Your Information

We use your data to:

2.1 Provide and Improve Services

• Create and maintain your account
• Display your posts and profile to other users
• Enable messaging and Faith Family features
• Recommend content and users you might be interested in
• Improve platform features and user experience

2.2 Safety and Security

• Detect and prevent spam, abuse, and fraud
• Enforce Community Guidelines and Terms of Service
• Protect minors through Faith Guardian system
• Verify identities and prevent fake accounts
• Respond to legal requests and protect our legal rights

2.3 Communication

• Send account notifications (new followers, messages, etc.)
• Provide customer support
• Share platform updates and new features
• Send optional newsletters (you can opt out anytime)

2.4 Analytics and Research

• Understand how users interact with faithed (aggregated data only)
• Measure feature effectiveness
• Conduct surveys for platform improvement

We do not:

• Sell your personal data to third parties
• Use your data for targeted advertising (we don't show ads)
• Share your data with data brokers
• Track you across other websites or apps

3. How We Share Your Information

3.1 Public Information

Information visible to other faithed users:

• Public posts and comments
• Profile information (name, username, bio, photo)
• Followers and following lists
• Public Faith Family memberships

3.2 Faith Guardian Access (for Minors)

If you're under 18, your designated Faith Guardian can see:

• Your public profile and posts
• Alerts about reported content or suspicious activity
• List of your Faith Friends

Faith Guardians cannot see:

• Private messages with Faith Friends
• Content in closed Faith Families
• Your password or account credentials

3.3 Service Providers

We share limited data with trusted service providers who help us operate faithed:

• Cloud hosting: AWS (data storage and servers)
• Email services: For account verification and notifications
• Payment processing: Stripe (for Premium subscriptions)
• Analytics: Privacy-focused analytics (anonymized data only)
• Customer support: Zendesk (for support tickets)

All service providers are contractually obligated to protect your data and use it only for specified purposes.

3.4 Legal Requirements

We may disclose your information if required by law or to:

• Comply with valid legal processes (subpoenas, court orders)
• Enforce our Terms of Service
• Protect the rights, property, or safety of faithed, our users, or others
• Prevent fraud, abuse, or illegal activity

We will notify you of legal requests unless prohibited by law or in emergency situations.

3.5 Business Transfers

If faithed is involved in a merger, acquisition, or sale of assets, your information may be transferred. You will be notified via email and in-app notification before any transfer occurs.

4. Data Security

We implement industry-standard security measures to protect your data:

4.1 Technical Safeguards

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Strict employee access policies and multi-factor authentication
• Regular Audits: Quarterly security assessments and penetration testing
• Secure Infrastructure: ISO 27001 certified hosting providers

4.2 Account Security

You can protect your account by:

• Using a strong, unique password
• Enabling two-factor authentication (2FA)
• Not sharing your login credentials
• Logging out on shared devices
• Monitoring your account activity

4.3 Breach Notification

In the unlikely event of a data breach affecting your personal information:

• We will notify you within 72 hours of discovery
• You will receive details about what data was affected
• We will provide guidance on protective measures
• We will report to relevant authorities as required by law

5. Your Privacy Rights

You have the following rights regarding your personal data:

5.1 Access Your Data

Request a copy of all personal data we hold about you. We will provide this in a machine-readable format (JSON) within 30 days.

5.2 Correct Your Data

Update or correct inaccurate information through your account settings or by contacting us.

5.3 Delete Your Data

Request deletion of your account and associated data. Most data is deleted within 30 days, except where retention is required by law.

5.4 Export Your Data

Download your posts, photos, and other content in portable formats (JSON, CSV).

5.5 Restrict Processing

Limit how we use your data while maintaining your account (e.g., suspend analytics collection).

5.6 Object to Processing

Object to specific data uses, such as marketing communications or recommendation algorithms.

5.7 Data Portability

Request that we transfer your data directly to another service provider where technically feasible.

To exercise these rights: Email [email protected] with "Privacy Rights Request" in the subject line. We will respond within 30 days.

6. Minors and Faith Guardian System

6.1 Age Requirements

Users must be at least 13 years old to join faithed. Users under 18 are required to have a Faith Guardian.

6.2 Faith Guardian System

The Faith Guardian system protects minors while respecting their privacy:

• Who Can Be a Guardian: Parents, legal guardians, church leaders, or trusted adults verified through email confirmation
• What Guardians See: Alerts about potential risks, reported content, and public profile activity
• What Guardians Cannot See: Private messages with approved Faith Friends or content shared in closed Faith Families
• Guardian Changes: Minors can request guardian changes with 7-day notice to current guardian

6.3 Additional Protections for Minors

• Default private accounts (must approve followers)
• Restricted direct messaging (Faith Friends only)
• Content filtering for age-appropriate material
• Limited data collection (no behavioral advertising)
• Automatic guardian notification for interactions with adults outside their Faith Family

6.4 Transition to Adult Account

On your 18th birthday, your account automatically transitions to an adult account. You may choose to keep your Faith Guardian or remove them. All Faith Guardian access ends unless you explicitly grant continued oversight.

7. Cookies and Tracking Technologies

faithed uses minimal, essential cookies only. We do not use third-party advertising cookies or tracking pixels.

7.1 Essential Cookies

• Authentication: Keep you logged into your account
• Security: Protect against cross-site request forgery
• Preferences: Remember your language and display settings

7.2 Local Storage

We use browser local storage to cache your feed for faster loading and enable offline access in our Progressive Web App.

7.3 Analytics

We use privacy-respecting analytics (anonymized, aggregated data only) to understand platform performance and user experience. No personally identifiable information is collected.

7.4 Your Cookie Controls

You can manage cookies through your browser settings. Note that disabling essential cookies may affect platform functionality.

8. International Data Transfers

faithed is operated from Namibia. If you access our platform from outside Namibia, your data may be transferred to, stored, and processed in Namibia and other countries where our service providers operate.

We ensure adequate protection for international transfers through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with all service providers
• Encryption in transit and at rest
• Regular compliance audits
• Adherence to GDPR requirements for EU users
• Compliance with African Union Convention on Cyber Security and Personal Data Protection

9. Data Retention

We retain your data only as long as necessary to provide services and comply with legal obligations:

• Active Accounts: Data retained while account is active
• Deleted Accounts: Personal data deleted within 30 days (except as noted below)
• Transaction Records: Retained for 7 years for tax and legal compliance under Namibian law
• Reported Content: Retained for 1 year for safety and moderation purposes
• Backup Data: Removed from backups within 90 days of deletion
• Anonymized Analytics: Retained indefinitely (no personal identifiers)

10. Children's Privacy (Under 13)

faithed does not knowingly collect information from children under 13. If we discover that a user under 13 has created an account without parental consent, we will delete the account and all associated data immediately.

If you believe a child under 13 has created an account, please contact us at [email protected].

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or service features. When we make significant changes:

• You will be notified 30 days in advance via email and in-app notification
• The "Last Updated" date at the top will be changed
• You will be asked to review and accept the new policy before continuing to use faithed
• If you do not agree to the changes, you may delete your account before they take effect

Minor updates (typo corrections, clarifications) will be made without advance notice, though the "Last Updated" date will still be changed.

12. Your European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Object: Object to processing based on legitimate interests
• Right to Restriction: Restrict processing in certain circumstances
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Data Portability: Receive your data in a portable format
• Right to Withdraw Consent: Withdraw consent for processing at any time
• Right to Lodge a Complaint: File a complaint with your data protection authority

Legal Basis for Processing: We process your data based on:

• Your consent (for optional features like marketing communications)
• Performance of our contract with you (to provide services)
• Legitimate interests (platform security, fraud prevention)
• Legal obligations (tax records, law enforcement requests)

13. African Data Protection Standards

As a Namibian-based platform, faithed complies with:

• Namibian Data Protection Laws: Including proposed data protection legislation
• SADC Model Law on Data Protection: Southern African Development Community standards
• AU Convention on Cyber Security: African Union frameworks for data protection

We respect the data protection principles of:

• Lawfulness, fairness, and transparency
• Purpose limitation and data minimization
• Accuracy and storage limitation
• Integrity, confidentiality, and accountability

14. Contact Us

For data protection matters, you may also contact our Data Protection Officer:

Data Protection Officer
faithed
Windhoek, Khomas Region, Namibia
Email: [email protected]