Privacy Policy — FlockAMS

Last updated: 13 June 2026

1. Who we are

FlockAMS ("we", "us", "our") is a church attendance and membership management platform operated by Armaweb Technologies. This Privacy Policy explains how we handle personal information when churches ("Customers") and their authorised users use our platform at flockams.com and its subdomains.

This policy is written to align with the Nigeria Data Protection Act 2023 (NDPA). Where a church uses FlockAMS to manage its members' data, the church is the data controller and FlockAMS acts as a data processor on the church's behalf.

2. Information we collect

From churches and their staff

Church name, contact person, email address, phone number, country and timezone
Login account details (username, email, securely hashed password)
Payment and subscription records (processed through Paystack — see Section 6)

Member and attendance data entered by churches

Member details: names, title, phone number, email, home address, occupation, date of birth, date of baptism, and attendance records
Records for children, visitors, and ministries as entered by the church
Fingerprint (biometric) templates, where a church chooses to use fingerprint check-in — see Section 5

3. How we use information

To provide, operate, and maintain the platform for your church
To process subscriptions and send account, billing, and password-reset emails
To provide support and respond to your requests
To keep the service secure and to back up data against loss

We do not sell personal data, and we do not use members' personal data for advertising.

4. Data separation between churches

Each church's data is stored in its own separate database. One church cannot access another church's members, attendance, or records. FlockAMS staff access tenant data only where necessary to operate the service, provide support you request, or comply with the law.

5. Fingerprint (biometric) data

Fingerprint check-in is optional. When a church enables it:

Fingerprints are converted into a mathematical template — we do not store fingerprint images, and the template cannot be reversed back into a fingerprint image.
Templates are stored only in that church's database and are used solely to match a member during attendance marking.
The capture happens on the church's own computer via a local scanner. Churches are responsible for obtaining each member's consent before enrolling their fingerprint.
A member's fingerprint can be deleted at any time from their profile.

⚠️ Biometric data is sensitive personal data under the NDPA. Churches using fingerprint check-in should inform members and obtain their consent before enrolment.

6. Payments

Subscription payments are processed by Paystack, a licensed payment processor. We do not collect or store card numbers or bank details — these are handled directly by Paystack under their own privacy and security terms.

7. Data retention

We retain a church's data for as long as its account is active. Member data is kept until the church deletes it or closes its account. Backups are retained for a limited period and then automatically removed. If a church closes its account, its data may be deleted after a reasonable wind-down period.

8. Your rights

Under the NDPA, individuals have rights over their personal data, including the right to access, correct, or request deletion of their data. Because churches control their members' data, member requests should first be directed to the church. Churches can exercise their rights, or ask questions about their own account data, by contacting us using the details in Section 11.

9. Security

Passwords are stored using one-way hashing and are never visible to us.
Traffic is encrypted in transit using HTTPS/SSL.
Databases are backed up regularly and access is restricted.
New accounts must change their temporary password on first login.

No system is perfectly secure, but we take reasonable measures to protect the data entrusted to us.

10. Changes to this policy

We may update this policy from time to time. The "Last updated" date above reflects the latest version. Significant changes will be communicated to account holders.

11. Contact us

For privacy questions or requests, contact us at imeobongetim5@gmail.com.