This Privacy Policy is issued by Softnergy Limited ("we," "us," or "Company"), the developer and operator of the CatholicBond mobile application ("App"). It explains what personal data we collect about you, why we collect it, how we use and protect it, who we share it with, and what rights you have in relation to it.
We are committed to handling your personal data with the highest standards of care and transparency. This policy is written in plain English — not to obscure, but to inform. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By downloading and using the CatholicBond App, you acknowledge that you have read and understood this policy. If you do not agree with any part of it, please do not use the App.
1. Who We Are
Softnergy Limited is the data controller responsible for the personal data collected through the CatholicBond App. We are a company registered in Scotland (Company Number SC619146) with our registered office at 36 Colliers Row, Wallyford, Scotland, EH21 8GX, United Kingdom.
If you have any questions about how we handle your data, you can reach us at any time at legal@softnergy.co.uk.
2. Data We Collect and Why
We collect only the data that is necessary to provide you with a safe, meaningful, and faith-centred experience.
| Data Type | What This Includes | Why We Collect It | Legal Basis |
|---|---|---|---|
| Account & Profile Data | Name, email address, date of birth, gender, location, biography, profile photos | To create and maintain your account and allow other members to find and connect with you | Contractual necessity |
| Faith & Lifestyle Data | Mass attendance frequency, prayer habits, faith importance, church involvement, relationship goals | To facilitate meaningful, values-based matching with compatible Catholic singles | Your explicit consent |
| Photo Verification Data | Selfie submitted during the verification process | To confirm that you are a real person who matches your profile photos | Legitimate interest (community safety) |
| Communication Data | Messages sent and received within the App, match activity, likes, and reported content | To operate the messaging and matching features of the App | Contractual necessity and legitimate interest |
| Technical & Usage Data | Device type, operating system, IP address, app version, login timestamps, crash reports | To maintain the security, stability, and performance of the App | Legitimate interest |
| Payment Data | Subscription status, transaction identifiers | To manage Premium subscriptions and verify entitlements | Contractual necessity |
3. How We Use Your Data
- To operate the App. We use your account and profile data to provide the core features of CatholicBond — including profile discovery, matching, and messaging.
- To verify your identity. We use your photo verification selfie to confirm you are a real person, protecting every member from fake profiles and catfishing.
- To personalise your experience. We use your faith and lifestyle data to show you profiles of Catholics who share your values, practices, and relationship goals.
- To keep the community safe. We monitor usage patterns and investigate reported content to detect and prevent abuse, harassment, fraud, and violations of our Community Guidelines.
- To improve the App. We use aggregated, anonymised usage data to understand how members interact with the App and to make informed decisions about new features and improvements.
- To communicate with you. We use your email address to send you important account notices, security alerts, and — where you have opted in — updates about the App.
- To comply with legal obligations. We may process your data where necessary to comply with applicable UK law, respond to court orders, or cooperate with law enforcement.
We will never use your data for purposes that are incompatible with those listed above, and we will never sell your personal data to third parties for marketing or commercial purposes.
4. Who We Share Your Data With
We do not sell, rent, or trade your personal data. We share data only where strictly necessary and with appropriate safeguards in place.
Other Members
Your public profile information — including your name, photos, bio, and faith details — is visible to other members. Your email address, verification selfie, and payment information are never visible to other members.
Our Moderation Team
Our internal moderation team may access your profile, messages, and reported content when investigating potential violations of our Community Guidelines. All moderators are bound by strict confidentiality obligations.
Service Providers
- Cloud infrastructure: MongoDB Atlas — for secure, encrypted database hosting.
- Push notification services: To deliver in-app notifications to your device.
- Analytics providers: We share only aggregated, anonymised data for app performance analysis.
- Payment processors: Apple App Store and Google Play Store process all subscription payments. We receive only your subscription status and transaction identifiers.
Legal Authorities
We may disclose your data to law enforcement, regulators, or courts where we are legally required to do so, or where we believe in good faith that disclosure is necessary to prevent serious harm.
5. How We Protect Your Data
- Encryption in transit: All data transmitted between your device and our servers is encrypted using SSL/TLS protocols.
- Encryption at rest: Sensitive data stored in our databases is encrypted at rest.
- Access controls: Access to personal data is restricted to authorised personnel on a strict need-to-know basis.
- Multi-factor authentication: Administrative access to our systems requires multi-factor authentication.
- Regular security reviews: We conduct regular internal reviews of our security practices and infrastructure.
- Photo verification security: Verification selfies are reviewed by authorised moderators only and are permanently deleted within 72 hours of processing.
6. How Long We Keep Your Data
| Data Category | Retention Period |
|---|---|
| Account and profile data | Retained for the duration of your account. Deleted within 30 days of account deletion request. |
| Messages and communication data | Retained while your account is active. Deleted with your account unless required for an active moderation investigation. |
| Photo verification selfies | Deleted within 72 hours of review — whether your verification is approved or rejected. |
| Inactive accounts | Accounts with no activity for 24 consecutive months are automatically deleted. |
| Aggregated and anonymised data | Retained indefinitely for analytical purposes. This data cannot be used to identify you. |
| Legal and compliance records | Retained for up to 7 years where required by applicable UK law. |
7. Your Rights Under UK GDPR
- Right of access. You have the right to request a copy of the personal data we hold about you.
- Right to rectification. If any data we hold is inaccurate or incomplete, you have the right to have it corrected.
- Right to erasure. You have the right to request that we delete your personal data where there is no compelling reason to continue processing it.
- Right to restrict processing. You have the right to ask us to pause the processing of your personal data in certain circumstances.
- Right to data portability. You have the right to receive a copy of your personal data in a structured, machine-readable format.
- Right to object. You have the right to object to the processing of your personal data where we rely on legitimate interests as our legal basis.
- Right to withdraw consent. Where we process your data on the basis of your consent, you may withdraw that consent at any time.
- Right to lodge a complaint. You have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
To exercise any of these rights, please contact us at legal@softnergy.co.uk.
8. International Data Transfers
We store and process your personal data primarily within the United Kingdom and the European Economic Area (EEA). Where data is transferred outside these regions, we ensure adequate protections are in place, including the use of Standard Contractual Clauses approved by the UK Information Commissioner's Office.
9. Children's Privacy
CatholicBond is strictly for adults aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18. If we become aware that a user is under 18, we will immediately delete their account and all associated data.
If you believe a minor has created an account on CatholicBond, please contact us immediately at support@catholicbond.com.
10. Cookies and Tracking Technologies
The CatholicBond mobile App does not use browser cookies. However, we may use certain device identifiers and analytics SDKs to understand how the App is used and to maintain session security. These are used solely for operational purposes and are not used to track you across third-party websites or apps.
If you visit our website at catholicbond.com, cookies may be used. Please refer to our separate Cookies Policy for details.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the App, or applicable law. When we make material changes, we will notify you by email and through an in-app notice at least 30 days before the changes take effect.
12. Contact Us
- Data Controller: Softnergy Limited (Company No. SC619146)
- Address: 36 Colliers Row, Wallyford, Scotland, EH21 8GX, United Kingdom
- Legal enquiries: legal@softnergy.co.uk
- General support: support@catholicbond.com
- Response time: We aim to respond to all privacy requests within 30 days of receipt.
If you are not satisfied with our response, you have the right to contact the Information Commissioner's Office (ICO): ico.org.uk | Helpline: 0303 123 1113