Privacy Policy

Last updated: June 13, 2026

Shepherd Station ("Shepherd Station," "we," "us," or "our") provides communications, advertising, and engagement software for churches and ministry organizations ("Customers"). This Privacy Policy explains how we collect, use, share, and protect information when Customers and the people they communicate with ("Contacts") use our platform at shepherdstation.app and related church websites we host.

1. Information We Collect

We collect the following categories of information:

  • Account information — name, email, organization name, and login credentials for Customer staff who sign up for Shepherd Station.
  • Contact data— names, email addresses, phone numbers, and notes that a Customer enters or imports about the people in their congregation or community ("Contacts").
  • Communications — the content of SMS messages and emails sent and received through the platform, including AI-drafted messages.
  • Giving and donation data — transaction records processed through our payment provider (Stripe) for online giving.
  • Advertising and lead data— when a Customer connects a Facebook Page or Google Ads account, we receive ad account information and lead form submissions (name, email, phone, and form responses) via the Meta Graph API and Google Ads API, in order to deliver those leads into the Customer's inbox and automated follow-up sequences.
  • Usage and log data — basic technical data such as IP address, browser type, and pages visited, used for security and reliability.

2. How We Use Information

  • To provide the core platform: inbox, contact management, broadcasts, and automated sequences.
  • To deliver leads from Facebook Lead Ads and Google Ads into the Customer's account and trigger configured follow-up sequences.
  • To process online giving through Stripe.
  • To generate AI-drafted messages, ad copy, and campaign suggestions (see Section 3).
  • To send transactional and operational emails/texts on behalf of a Customer (e.g., a welcome sequence configured by their church).
  • To maintain, secure, and improve the platform.

3. AI Processing

Shepherd Station uses Anthropic's Claude AI to draft messages, sequence steps, and ad campaign content based on Customer-provided context (e.g., a Contact's name, conversation history, or a brief description of the desired message). This content is sent to Anthropic's API solely to generate the requested draft and is not used by Anthropic to train models, per Anthropic's API data usage policies. A human at the Customer's organization reviews and approves AI-drafted content before it is sent in most workflows.

4. Third-Party Service Providers

We share information with the following service providers as necessary to operate the platform:

  • Supabase — database and authentication hosting.
  • Resend — transactional and outbound email delivery.
  • Twilio — SMS and voice delivery.
  • Stripe — payment processing for subscriptions and online giving.
  • Meta (Facebook/Instagram) — ad campaign management and Lead Ads retrieval, when a Customer connects their Facebook Page or ad account.
  • Google — Google Ads campaign management, when a Customer connects their Google Ads account.
  • Anthropic — AI-generated drafting as described in Section 3.
  • Vercel — application hosting.

We do not sell Contact data or Customer data to third parties, and we do not use Contact data for our own advertising or marketing purposes.

5. Facebook Platform Data

When a Customer connects a Facebook Page, Shepherd Station may request the leads_retrieval, ads_management, pages_show_list, pages_read_engagement, and pages_manage_metadatapermissions. Data received from Meta (such as lead form submissions and ad account information) is used exclusively to: (a) deliver leads into the connected Customer's inbox and Contacts list, (b) enroll leads into sequences the Customer has configured, and (c) display ad campaign performance to that Customer. This data is associated only with the Customer organization that authorized the connection and is not shared across organizations or used for any purpose unrelated to that Customer's use of the platform. A Customer may disconnect their Facebook Page at any time from their account settings, which revokes our access to their Page data going forward.

6. Data Retention

We retain Contact and communications data for as long as a Customer's account is active, or as needed to provide the service. Customers can delete individual Contacts or request deletion of their account data at any time. See our Data Deletion page for details.

7. Data Security

We use industry-standard safeguards, including encryption in transit, access controls, and least-privilege service credentials, to protect data stored on our platform.

8. Children's Privacy

Shepherd Station is intended for use by church staff and the adult members of their communities. We do not knowingly collect personal information directly from children under 13.

9. Your Rights

If you are a Contact who has received a message from a church using Shepherd Station and would like your information removed, please contact that church directly, or reach out to us using the contact information below and we will forward your request and assist with removal. See our Data Deletion page for the full process.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above.

11. Contact Us

Questions about this policy can be sent to hello@shepherdstation.app.