1. Who we are
SecondChair is a church attendance tracking platform operated by SecondChair Inc. ("we", "us", "our"). Our service allows churches to track attendance data across campuses and services. Questions? Email us at
colin@thesecondchair.church.
2. What we collect
We collect the following information when you use SecondChair:
- Account information — your email address and password (stored hashed via Supabase Auth).
- Church data — church name, campus names, service times, and attendance counts you enter.
- Usage data — pages visited, features used, and browser/device type for diagnosing issues.
- Billing data — payment information is handled directly by Stripe. We never see or store your card number.
- Third-party integration credentials — if you connect an external service such as Planning Center, we store the API credentials (Application ID and Secret) you provide so SecondChair can fetch data on your behalf. These credentials are stored encrypted and are never shared with other churches or third parties. You can disconnect the integration and remove your credentials at any time.
3. How we use your data
We use your data to:
- Provide and improve the SecondChair service.
- Send transactional emails (account confirmation, password reset, invoices).
- Generate aggregated, anonymized trend insights across our user base. This data is never traceable back to any individual church. See Section 4.
- Comply with legal obligations.
We do not sell your personal data. We do not use your data for advertising.
4. Anonymized trend data
SecondChair may use aggregated, anonymized attendance data to generate industry-wide benchmarks and insights (e.g., "average attendance growth across churches in Q1"). This data:
- Cannot be traced back to any individual church, user, or person.
- Is used only in aggregate — we never publish individual church data.
- Helps the broader church community understand attendance trends.
You may opt out of contributing to anonymized benchmarks by contacting us at colin@thesecondchair.church.
5. Data isolation
Each church's attendance data is isolated using row-level security. No church can see another church's data. Our staff access customer data only when required to resolve a support issue and with the customer's knowledge.
6. Data retention
We retain your data for as long as your account is active. If you cancel, we retain your data for 30 days so you can export it. After 30 days, your data is permanently deleted. Anonymized aggregate data may be retained indefinitely as it cannot be linked to you.
7. Your rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Request deletion of your data.
- Export your data in a portable format (CSV/JSON available in-app).
- Opt out of anonymized data contribution (see Section 4).
To exercise any of these rights, email colin@thesecondchair.church.
8. Cookies
We use a single session cookie to keep you logged in. We do not use tracking or advertising cookies.
9. Third-party services
- Supabase — database and authentication hosting.
- Stripe — payment processing.
- Vercel — web hosting.
- Resend — transactional email delivery.
- Planning Center — optional integration. If you choose to connect your Planning Center account, SecondChair will use your provided API credentials to fetch attendance data on your behalf. We do not store any personal data from Planning Center — only the aggregate attendance counts you choose to import. Your Planning Center credentials are stored securely and you can disconnect the integration at any time from Settings → Integrations.
Each service has its own privacy policy. We choose providers that take data privacy seriously.
10. Changes to this policy
We'll notify you by email if we make material changes to this policy. Continued use of SecondChair after changes take effect constitutes acceptance of the updated policy.