Privacy Policy

Last updated: 29 April 2026

1. Who We Are / Data Controller

Aaron Spettl Software Solutions ("we", "us", or "our") operates MissionConnect, a platform that helps missionaries create public profiles, compose newsletters, and manage subscriber lists. Aaron Spettl is the data controller for the personal data described in this policy.

Aaron Spettl
Sessenheimer Str. 14
79110 Freiburg im Breisgau
Germany
Email: privacy@directed-steps.com

2. Personal Data We Collect

Missionary accounts

When you create an account, we collect:

• Email address — used for authentication, account recovery, and as a contact address on your public profile.
• Password — never stored in plaintext. Our authentication provider (Appwrite) hashes it before storage, so the original password cannot be recovered from what is stored.
• Profile information — ministry name and unique profile URL (mandatory), name, postal address, email address and phone number (optional, with visibility toggles for profile page), subtitle, organization name, ministry focus, an "about you and your mission" text, prayer requests, a "how to support us" description, giving URL, social and web links, and images that you choose to provide (all optional). If you set a location, we store the place name and its latitude and longitude coordinates so your profile can show your area of service.

Public profile visibility

Your missionary profile is publicly accessible to anyone on the internet at your unique profile URL. This includes your name, subtitle, about text, prayer requests, links, organization name, ministry focus, location name and coordinates, email address, and any images you upload. Postal address and phone number are only shown publicly if you have enabled their respective display toggles. Only your password and internal account settings are never publicly visible. You can review and edit your profile at any time to control which optional fields you include.

A note on the "Public Profile" toggle. If "Public Profile" is kept inactive, then your missionary profile is only available with a secret link. Your unique profile URL will simply be longer and hard to guess, but can still be shared with people. Additionally MissionConnect will instruct search engines to not index it (however, there is no way to enforce this). Subscribers will always be able to see your profile page.

A note on location data for missionaries serving in restricted-access regions. The location coordinates you set (and the postal address if you choose to publish it) are published on your public profile and may be indexed by search engines. If you serve in a country where Christian missionary work is restricted or carries personal risk, do not enter precise coordinates. You may either omit the location field entirely or use a regional descriptor (e.g. a country or large city) that does not pinpoint where you live. You can update or remove this field at any time from your profile page.

Newsletter subscribers

When you subscribe to a missionary's newsletter, we collect:

• Email address — required to send you newsletters.
• Name — optional, used to personalise newsletters.

Please note: The missionary whose newsletter you subscribe to can see your name, email address, and subscription status. This is necessary for them to manage their subscriber list and communicate with their supporters. See section Subscriber Data & Joint Controllership for details.

Newsletter delivery records

For each newsletter we send, we record delivery details linked to the recipient's email address and name. These records cover the delivery status (delivered, bounced, or failed), timestamps, and any error codes returned by the receiving mail server. We do not record the recipient's IP address, device, or location, and we do not use email open or click tracking. Delivery records are used to manage bounces and protect deliverability, and are anonymised after 12 months (see Section 7).

Server logs

Our hosting provider (Appwrite) records standard server and runtime logs as part of normal platform operation. These logs may include IP addresses, user-agent strings, request paths, and timestamps. They are used to operate, debug, and secure the service. Log retention time is 7 days.

3. How We Use Your Data

• Missionary accounts: to provide and maintain your account, display your public profile, and enable you to send newsletters to your subscribers.
• Subscriber data: to send newsletters on behalf of missionaries, confirm your subscription (double opt-in), process unsubscribe requests, track delivery status (delivered, failed, bounced), and provide missionaries with access to their subscriber list (name, email address, and subscription status) so they can manage their audience. Missionaries may also export subscriber data to migrate to another newsletter provider.

4. Lawful Basis for Processing (GDPR)

• Consent — Newsletter subscribers provide explicit consent through a double opt-in process (subscribing and then confirming via email). You can withdraw consent at any time by unsubscribing.
• Contract performance — Processing missionary account data is necessary to provide the service you signed up for.
• Legitimate interest (deliverability) — We process email delivery tracking data (delivered, bounced, failed) and manage bounces to maintain email deliverability, protect our sending reputation, and ensure the platform operates reliably. We have assessed that these interests do not override your rights, as the processing is limited to operational data and directly benefits subscribers by preventing repeated delivery failures.
• Legitimate interest (security and integrity) — Our hosting provider records server logs. These are used to detect errors, investigate security incidents, prevent abuse, and ensure the platform functions reliably. We have assessed that these interests do not override your rights, as the data is standard operational metadata retained for up to 7 days.

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.

Religious belief (special category data under GDPR Art. 9). MissionConnect intentionally processes data that reveals religious belief — your affirmation of the Apostles' Creed at sign-up, your missionary profile content, and a subscriber's interest in a Christian newsletter all qualify. We rely on the following Article 9 bases in addition to the Article 6 bases above:

• Explicit consent (Art. 9(2)(a)) — for the Creed affirmation at sign-up and for newsletter subscription. We collect a separate, opt-in checkbox at each point that names the special-category processing.
• Manifestly made public (Art. 9(2)(e)) — for missionary profile content that you choose to publish to your public profile.

We do not infer religious belief from any other source.

5. Recipients and Third-Party Processors

We rely on select cloud service providers to operate MissionConnect. These providers process personal data on our behalf and are bound by data processing agreements.

The specific providers we use may change over time; when they do, we will update this policy and ensure equivalent or stronger data protection standards are maintained.

We do not sell, rent, or share your personal data with any other third parties.

6. Cookies and Local Storage

We use only strictly necessary cookies and local-storage entries:

None of the entries above are used for tracking, analytics, or advertising. The localStorage entries never leave your device and are not transmitted to our servers.

7. Data Retention

• Missionary accounts: Your data is retained as long as your account is active. When you delete your account, all associated data (profile, subscribers, newsletters, images) is permanently deleted.
• Subscriber data: Your subscription data is retained as long as you remain subscribed. Unsubscribing permanently deletes your subscriber record. Unverified subscriptions (where you did not confirm via email) are automatically deleted after 7 days.
• Newsletter delivery records: Personal data in delivery records (email, name, delivery details) is anonymised after 12 months.
• Inactive accounts: Accounts that have not verified their email address and have not created a profile are automatically deleted after 7 days.
• Server logs: Log retention time is 7 days.

8. Your Rights

For all users (GDPR & US state privacy laws)

You have the right to:

• Access — Request a copy of the personal data we hold about you.
• Rectification — Request correction of inaccurate data (missionaries can update their profile directly; subscribers can unsubscribe and re-subscribe with correct information).
• Erasure — Request deletion of your data. Missionaries can delete their account from the settings page. Subscribers can unsubscribe from any newsletter.
• Data portability — Missionaries can download a copy of their data (profile, subscribers, newsletters) from the settings page. This export may be used to migrate to another newsletter provider. When using exported subscriber data outside of MissionConnect, missionaries remain responsible for handling that data in compliance with applicable data protection laws.
• Object / Withdraw consent — Subscribers can unsubscribe at any time using the link in every newsletter or by visiting the unsubscribe page.
• Lodge a complaint — You have the right to lodge a complaint with your local data protection supervisory authority if you believe your personal data is being processed unlawfully.

California residents (CCPA/CPRA)

In addition to the rights above, California residents have the right to:

• Know what personal information we collect and how it is used (described in this policy). Categories of personal information we collect:

  Category	What we collect	Purpose
  Identifiers	Email address; name (subscribers, optional); profile URL (missionaries); postal address and/or phone number (missionaries, optional)	Authentication, sending newsletters, public-profile display
  Internet or other network activity	Server logs (IP, user-agent, request path)	Operate, debug, and secure the platform
  Geolocation (precise)	Latitude/longitude that missionaries supply for their public profile	Display the missionary's area of service
  Sensory data	Profile images you upload	Public-profile display
  Sensitive personal information	Religious belief (Creed affirmation, missionary profile content, newsletter-subscription record); precise geolocation when set	Provide the service you signed up for; never used for any secondary purpose

• Delete your personal information (see Erasure above).
• Opt out of sale or sharing — We do not sell or share your personal information for cross-context behavioral advertising, so no opt-out action is required.
• Limit use of sensitive personal information — California residents may request that we limit the use of sensitive personal information (such as precise geolocation) to what is necessary to provide the service. We do not use such information for any secondary purpose.
• Non-discrimination — We will not discriminate against you for exercising your privacy rights.

9. Subscriber Data & Joint Controllership

When a missionary using MissionConnect collects subscribers through a subscribe form on this platform, the missionary determines who receives their newsletter and what they communicate. MissionConnect determines the technical means — how the subscribe form works, how the data is stored, how newsletters are delivered, how unsubscribes are honoured. For that subscriber data (subscriber names, email addresses, subscription status, delivery records), the missionary and Aaron Spettl Software Solutions are joint controllers under Article 26 of the GDPR.

The split of responsibilities is set out in our Missionary Data Agreement, which every missionary accepts before creating their profile. In short: missionaries are responsible for keeping their subscriber list to people who genuinely consented and for using exported data only for their mission communication; we are responsible for the technical guarantees in this Privacy Policy (encryption, restricted access, EU hosting, double opt-in, one-click unsubscribe, breach notification, the retention schedule).

If you are a subscriber and you want to exercise your rights, you may contact either the missionary or us — whichever is more convenient. We will route the request appropriately.

For your own missionary account data (your email, your profile, your password), MissionConnect is the sole controller.

10. Data Security

We protect your data through technical measures including encrypted connections (HTTPS), secure HTTP-only cookies, row-level database security, and rate limiting. All data is stored in EU-based infrastructure.

11. Data Breach Notification

If we become aware of a personal-data breach affecting your data, we will notify the competent supervisory authority within 72 hours where required by Article 33 of the GDPR. If the breach is likely to result in a high risk to your rights and freedoms, we will also contact you directly without undue delay (Article 34).

12. Children's Privacy

MissionConnect is not directed at children. We do not knowingly collect personal data from anyone under 16 years of age. If you believe we have collected data from a child, please contact us and we will delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered missionaries of significant changes via email. The "Last updated" date at the top of this page indicates when the policy was last revised.

14. Contact Us

For privacy-related questions or to exercise your rights, contact us at privacy@directed-steps.com.