Privacy Policy

Last updated: March 4, 2026

1. Information We Collect

We collect the following types of information when you use Parochia (“the Service”), operated by Linkedbits:

Account Data

Name, email address, and password (stored as a bcrypt hash — we never store your plaintext password).

Content You Provide

Church website text, descriptions, staff information, event details, and uploaded photos.

Usage Data

Last search location (latitude/longitude and location name) if you use the church finder feature. Session tokens for authentication.

Moderation Data

Content flags and trust/ban status associated with your account, used to enforce our content policies.

2. How We Use Your Information

Authentication — to verify your identity and manage your account
Service delivery — to host and display your parish website
Content moderation — to filter inappropriate text and images
Communication — to send verification emails, password reset links, and service-related notices

3. Third-Party Services

We use the following third-party services to operate Parochia. Each may process your data as described:

Service	Purpose	Data Shared
Vercel	Hosting & serverless functions	All request data
Neon PostgreSQL	Production database	All stored data
Apple iCloud SMTP	Transactional emails	Email address, name
Google Cloud Vision	Image moderation	Uploaded photos
Cloudflare CDN	Image delivery	Uploaded photos
Synology NAS	Image storage	Uploaded photos

4. Data Sharing with NearestMass.com

Parochia and NearestMass.com (operated by Linkedbits) share a common database. Your user account (name, email, and session data) is shared between the two services. Cross-login tokens allow single sign-on between Parochia and NearestMass.com. Church data you enter in Parochia may also appear on NearestMass.com.

5. Data Retention

Account data — retained until you request deletion
Email verification codes — expire after 24 hours
Password reset tokens — expire after 1 hour
Authentication sessions — expire after 7 days
Cross-login tokens — expire after 24 hours
User content — retained until you delete it or your account is terminated

6. Security

We implement reasonable security measures to protect your data, including: bcrypt password hashing (cost factor 12), JWT-based authentication, HTTPS encryption for all connections, and DOMPurify sanitization of user-generated content. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Children’s Privacy

The Service is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us so we can delete it.

8. Your Rights

You have the right to:

Request access to the personal data we hold about you
Request correction of inaccurate data
Request deletion of your account and associated data
Export your content (contact us and we will provide your data in a standard format)

To exercise any of these rights, email us at support@parochia.org.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page with a revised “Last updated” date. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy, contact us at support@parochia.org.