Sunday SlipHome

Privacy Policy

Last updated June 1, 2026

Sunday Slip ("we") helps churches build and share bulletins behind a QR code. This policy explains what we collect and why. We designed the product to collect as little as possible, especially from the people who scan a bulletin.

Two kinds of people

Church staff sign in and manage bulletins. Congregants and guestsscan a QR or open a link to read a bulletin. The two have very different footprints.

Guests who scan a bulletin

Public bulletin pages are view-only. We set no cookies on them, run no analytics, load no third-party trackers, and collect no personal information from people who read a bulletin. We keep a simple per-day view counter per bulletin that is not tied to any individual.

Church staff

When staff sign in with Google we receive their email and a user ID from Supabase Auth. We store the bulletin content they create, their church profile, and (if they upgrade) a Stripe customer ID. We use strictly necessary cookies to keep them signed in and remember dashboard preferences.

Cookies

We use only strictly necessary cookies: an authentication/session cookie, and a preference cookie that remembers display currency and the active church. We honor the Global Privacy Control (Sec-GPC) signal for the preference cookie. We do not use advertising or analytics cookies.

Content you publish about others

A bulletin can name people, such as those in prayer, the bereaved, children in ministry, and volunteers. The church is the controller of that content and is responsible for having permission to publish it. Bulletin pages are set to discourage search-engine indexing, but they are reachable by anyone with the link. Don't publish what shouldn't be public.

Payments & giving

Subscription billing and optional online giving run through Stripe. Card details go directly to Stripe; we never see or store them. For giving we keep only non-sensitive order metadata to reconcile gifts.

Your rights

Depending on where you live (GDPR, UK GDPR, CCPA/CPRA, LGPD, and similar) you may have rights to access, correct, delete, or port your data, and to object to certain processing. Contact us to exercise them.

Contact

Questions about this policy: add your contact email before launch.