Privacy Policy

This policy explains how Kehilla collects and uses personal data when you use kehilla.io and our services. It applies alongside UK GDPR, the Data Protection Act 2018, and (where applicable) EU GDPR.

Who holds your data

Kehilla operates the platform. Each synagogue or community using Kehilla is the controllerof its members' and visitors' data — they decide what is collected and why. Kehilla acts as a processor, providing software and hosting on their instructions.

For questions about how your own community uses your data, contact them directly. For anything about Kehilla itself, email info@kehilla.io.

What we process

• Contact and account: name, title, email, phone, address; sign-in details (including Google where used); date of birth.
• Family and dependent details: names, relationships, and dates of birth of household members you add.
• Memorial (yahrzeit) information: names, relationships, and dates of deceased relatives you or your community add.
• Payments: invoices, subscriptions, payment status, and identifiers held by payment providers (e.g. Stripe, Achisomoch). Gift Aid declarations including name, house name or number, and postcode where provided.
• Events and messaging: registrations, answers to event questions (which may include dietary or access requirements), notification preferences, and a record of emails sent.
• Consent records: timestamps recording when you agreed to this policy and, separately, any consent to marketing emails.
• Technical: IP address, browser type, timestamps, and logs needed to run and secure the service.

Sensitive (special category) data

Synagogue membership reveals religious belief, which is special category data under UK GDPR Article 9. Family details, memorial dates, and health or dietary information collected via event forms are also treated as sensitive. We process this data on the basis that it is carried out by a not-for-profit religious body for legitimate organisational purposes (Article 9(2)(d)), and with your explicit consent at sign-up for any data you choose to provide.

Why we process it

We process data to deliver the service: hosting, accounts, payments, communications, and support. The lawful bases we rely on are:

• Contract — for account creation, billing, and service delivery.
• Legal obligation — to meet HMRC requirements for Gift Aid records (retained for 6 years).
• Legitimate interests — for security, fraud prevention, and operational reliability.
• Consent — for marketing emails and for processing sensitive personal data at sign-up. You can withdraw consent at any time.

Who we share data with

We share data with the following categories of processor or independent controller as necessary to operate the service:

• Database hosting: Neon (PostgreSQL, EU region)
• File storage: Cloudflare R2
• Email delivery: Resend
• Payments: Stripe, Achisomoch
• Sign-in: Google (OAuth only — email, name, and Google ID)
• Accounting (optional): Xero
• Prayer times (optional): third-party zmanim API (date/location only, no personal data)

Data may be processed outside the UK or EEA (for example by US-based processors). Where that happens we use appropriate safeguards — UK International Data Transfer Agreements (IDTAs) or equivalent — as required by UK GDPR Chapter 5.

How long we keep it

We keep data only as long as necessary for the purposes above. The following retention periods apply:

Your rights

UK GDPR gives you the following rights over your personal data:

• Access — request a copy of all data held about you (Subject Access Request).
• Rectification — ask us to correct inaccurate data.
• Erasure — request deletion of your data where there is no overriding legal reason to keep it. Note: Gift Aid records must be retained for 6 years under HMRC rules even after a deletion request.
• Restriction — ask us to pause processing while accuracy is disputed.
• Portability — receive your data in a machine-readable format (JSON/CSV).
• Object — object to processing based on legitimate interests, or to direct marketing (which we must stop immediately).
• Withdraw consent — where we rely on consent, you can withdraw it at any time. This does not affect the lawfulness of processing before withdrawal.

How to exercise your rights

For rights relating to how your community uses your data, contact them directly via the member portal (Settings → Contact the office) or by email.

To download all your data or request account deletion, sign in to your member portal and go to Settings → Your data. Account deletion anonymises your personal data; Gift Aid records required by HMRC are retained until the 6-year period expires.

For anything about Kehilla itself, email info@kehilla.io. We will respond within one calendar month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at any time, without first contacting us.

Marketing emails

We only send announcement or newsletter emails to members who have opted in. You can unsubscribe at any time using the unsubscribe link at the bottom of any such email, or by updating your preferences in the member portal.

Security

We use HTTPS for all data in transit, AES-256 encryption at rest (via Neon and Cloudflare), bcrypt password hashing, and strict separation between communities. Access is limited to what the service requires. We have procedures to detect, report, and investigate personal data breaches, and will notify the ICO within 72 hours of becoming aware of a notifiable breach.

Children

Family members including children may be recorded by account holders (parents or guardians). We do not knowingly send marketing communications to anyone under 18. If you believe a child's data has been processed without appropriate consent, contact us at info@kehilla.io.

Changes

We will update this page when the policy changes and adjust the date at the top.

Contact

info@kehilla.io · Cookie notice