Privacy Policy

Your privacy is important to us. Learn how we protect and handle your data.

Last updated: February 1, 2026

Introduction

LUMINA Digital Parish Manager ("LUMINA DPM", "we", "us", or "our") is committed to protecting your privacy and the privacy of your parish community. As the world's first Digital Parish Manager, we understand the sensitive nature of parish data and the trust you place in us to manage your spiritual and administrative information.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our comprehensive digital parish management platform. We are committed to transparency, security, and compliance with applicable data protection laws, including the Nigeria Data Protection Regulation (NDPR).

By using LUMINA DPM, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not use our service.

Information We Collect

Personal Information

Name and contact information (email, phone number)
Parish membership and role information
Payment and billing information (processed securely through Paystack)
Account credentials and authentication data

Usage Information

Platform usage patterns and feature interactions
Device information and browser type
IP address and location data (for security purposes)
Cookies and similar tracking technologies

Parish and Spiritual Data

Mass intentions and thanksgiving bookings
Donation and payment records
Event RSVPs and attendance records
Parish announcements and communications
Sacramental records and certificates
Ministry and volunteer information
Parish membership and family relationships
Spiritual preferences and religious affiliations

Administrative Data

Parish financial records and budgets
Staff and clergy information
Facility booking and maintenance records
Compliance and audit documentation
Communication logs and correspondence
System usage analytics and performance data

How We Use Your Information

Parish Management Services

Provide and maintain the LUMINA DPM platform
Process mass intentions, donations, and event bookings
Manage parish memberships and administrative functions
Facilitate sacramental preparation and record-keeping
Support ministry coordination and volunteer management
Enable parish communication and community building
Provide financial management and reporting tools
Send important service-related communications

Communication

Send email verifications and account notifications
Provide customer support and respond to inquiries
Send important updates about the service
Share parish announcements and communications

Security and Compliance

Protect against fraud and unauthorized access
Comply with legal obligations and regulations
Monitor and analyze platform usage for security purposes
Enforce our Terms of Service

Parish Data Protection and Security

We understand that parish data is particularly sensitive and requires the highest level of protection. We implement comprehensive security measures specifically designed for religious and community organizations:

Technical Security Measures

End-to-end encryption of data in transit and at rest
Multi-factor authentication and role-based access controls
Regular security audits and penetration testing
Secure payment processing through certified providers (Paystack)
Automated backup systems with geographic redundancy
Real-time monitoring and threat detection
Secure API endpoints with rate limiting and authentication

Parish-Specific Safeguards

Separate data silos for different parishes to prevent cross-contamination
Granular permission systems for different parish roles (priest, administrator, member)
Audit trails for all sensitive operations (sacramental records, financial transactions)
Data anonymization for analytics while preserving parish privacy
Secure deletion procedures for parish data upon request
Regular compliance reviews with religious data protection standards

Our Commitment to Parish Privacy

We recognize that parish data often contains deeply personal spiritual information. We are committed to treating this data with the utmost respect and care, implementing additional safeguards beyond standard commercial practices to protect the sanctity and privacy of your parish community.

Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

Service Providers: With trusted third-party service providers who assist in operating our platform (e.g., Paystack for payments, email services, cloud hosting providers)
Legal Requirements: When required by law, court order, or to protect our rights and safety
Parish Administration: With authorized parish administrators, priests, and staff for legitimate parish management purposes
Diocesan Authorities: With diocesan offices when required for canonical or administrative purposes
Emergency Situations: In cases of emergency or to protect the safety of parish members
Business Transfers: In connection with a merger, acquisition, or sale of assets (with prior notice)
Consent: When you have given explicit consent for specific sharing

Important Note About Parish Data

We never share sacramental records, spiritual counseling information, or other sensitive religious data without explicit consent or legal requirement. Parish financial data is only shared with authorized parish administrators and diocesan authorities as required by church governance.

Your Rights and Choices

Under applicable data protection laws, including the Nigeria Data Protection Regulation (NDPR) and other relevant privacy laws, you have the following rights regarding your personal information:

Core Data Rights

Access: Request access to your personal information
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal information
Portability: Request a copy of your data in a portable format

Control Rights

Restriction: Request restriction of processing in certain circumstances
Objection: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent for data processing where applicable
Complaint: Lodge a complaint with supervisory authorities

Parish-Specific Rights

Sacramental Records: Request access to or correction of sacramental records
Ministry Data: Control how your ministry and volunteer information is used
Communication Preferences: Opt out of certain parish communications
Family Data: Request updates to family relationship information

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: contact@luminacorp.org
Response Time: We will respond to your request within 30 days
Verification: We may need to verify your identity before processing your request

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our platform. Cookies are small text files that are placed on your computer or mobile device when you visit our website. They help us provide you with a better experience by remembering your preferences and understanding how you use our platform.

What Are Cookies?

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and to provide information to website owners. Cookies allow a website to recognize a user's device and remember information about their visit.

How LUMINA DPM Uses Cookies

We use cookies and similar technologies to enhance your experience on our platform, provide personalized content, and analyze how our service is used. Cookies help us:

Remember your login status and preferences
Keep your session secure and authenticated
Understand how you use our platform to improve it
Provide personalized content and recommendations
Ensure the platform functions properly
Analyze traffic patterns and user behavior

Types of Cookies We Use

Essential Cookies

These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms.

Examples:

Authentication and session management
Security and fraud prevention
Load balancing and performance
Cookie consent preferences

Analytics Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

Examples:

Google Analytics tracking
Page view and user interaction tracking
Performance monitoring and optimization
Error tracking and debugging

Marketing Cookies

These cookies may be set through our site by our advertising partners to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device.

Examples:

Social media integration
Advertising and remarketing
Content personalization
Cross-site tracking for marketing

Cookie Duration

Session Cookies

These are temporary cookies that expire when you close your browser. They are used to maintain your session while you navigate through the website.

Persistent Cookies

These cookies remain on your device for a set period or until you delete them. They remember your preferences and settings for future visits.

Typical Duration:

Session cookies: Until browser is closed
Authentication cookies: 30 days
Preference cookies: 1 year
Analytics cookies: 2 years

Managing Your Cookie Preferences

Cookie Consent Banner

When you first visit our website, you'll see a friendly cookie notice that allows you to:

Accept our use of cookies
Learn more about our cookie practices
Access our privacy policy

Browser Settings

You can also control cookies through your browser settings. Most browsers allow you to:

View and delete cookies
Block cookies from specific sites
Block third-party cookies
Receive notifications when cookies are set

Important Note:

Disabling certain cookies may affect the functionality of our website. Essential cookies are required for the site to work properly and cannot be disabled.

Third-Party Cookies

Some cookies on our site are set by third-party services that appear on our pages. These third parties may include:

Google Analytics: For website analytics and performance monitoring
Paystack: For secure payment processing
Social Media Platforms: For social sharing and integration
Content Delivery Networks: For faster content loading

We do not control these third-party cookies. Please refer to their respective privacy policies for more information about how they use cookies.

Legal Compliance and Regulatory Framework

LUMINA DPM is committed to compliance with all applicable data protection laws and regulations. We operate under the following legal frameworks:

Nigeria Data Protection Regulation (NDPR)

As a Nigerian company, we fully comply with the Nigeria Data Protection Regulation, which governs the collection, processing, and storage of personal data in Nigeria.

Lawful basis for processing personal data
Data subject rights and procedures
Data breach notification requirements
Cross-border data transfer safeguards

Religious and Canonical Compliance

We respect and comply with religious and canonical requirements for handling parish data:

Canonical requirements for sacramental record-keeping
Diocesan data protection policies and guidelines
Religious freedom and privacy protections
Confidentiality requirements for pastoral care

International Standards

We also adhere to international data protection standards where applicable:

ISO 27001 information security management standards
PCI DSS compliance for payment card data
Industry best practices for cloud security
Regular third-party security audits and certifications

Data Retention and Deletion

We retain your personal information only as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Our retention periods are designed to balance service provision with privacy protection:

Retention Periods

Account Data: Retained for the duration of your account plus 2 years
Sacramental Records: Retained permanently as required by canonical law
Financial Records: Retained for 7 years for tax and audit purposes
Communication Logs: Retained for 3 years for service improvement
Analytics Data: Anonymized after 2 years, deleted after 5 years

Deletion Procedures

When data is deleted, we ensure complete removal from all systems:

Immediate removal from active databases
Secure deletion from backup systems within 30 days
Verification of complete data removal
Notification to third-party processors for data deletion

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable data protection laws.

Children's Privacy and Family Data

LUMINA DPM is designed to serve parish communities, including families with children. We take special care to protect the privacy of minors and family data:

Minors Under 13

We do not knowingly collect personal information from children under 13 years of age without verifiable parental consent. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Minors 13-17

For minors between 13-17 years of age, we may collect limited information necessary for parish activities (such as sacramental preparation) with appropriate parental oversight and consent.

Family Data Protection

Family relationship information is protected with additional security measures
Parental access to minor children's parish records is maintained
Special safeguards for sacramental records of minors
Clear consent procedures for family data sharing

Data Breach Notification and Response

In the unlikely event of a data breach, we have comprehensive procedures in place to protect your information and notify affected parties:

Our Response Process

Immediate containment and assessment of the breach
Notification to relevant authorities within 72 hours (as required by NDPR)
Assessment of risk to affected individuals
Direct notification to affected users within 72 hours of risk assessment
Implementation of additional security measures to prevent recurrence

What We Will Tell You

Nature and scope of the breach
Types of data that may have been affected
Steps we are taking to address the breach
Measures you can take to protect yourself
Contact information for further assistance

Emergency Contact

If you suspect a security incident or have concerns about your data, please contact us immediately atcontact@luminacorp.org

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the service after such changes constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy, our data practices, or need to exercise your data protection rights, please contact us:

General Inquiries

Email: contact@luminacorp.org

Website: dpm.luminacorp.org

Company: LUMINANIGERIA LIMITED

Data Protection & Security

Data Protection Inquiries: contact@luminacorp.org

Security Issues: contact@luminacorp.org

Response Time: Within 30 days

For Parish Administrators

If you are a parish administrator or priest with questions about data handling for your parish, please contact us at contact@luminacorp.org for specialized assistance with parish data management and compliance.