Parish Data and Processing Policy

Agnioz operates as a technology platform provider. In the context of data protection law, Agnioz acts as a data processor — we store and process data on behalf of parishes, but the parish is the data controller— responsible for determining how and why member data is collected and used within their community.

Parish administrators are responsible for complying with applicable data protection laws when managing their members' data through Agnioz.

Parish administrators using Agnioz are responsible for:

• Obtaining appropriate consent from members before enrolling them in the platform.
• Managing member roles and permissions appropriately.
• Ensuring ministry officers and coordinators use member data only for authorized purposes.
• Complying with applicable data protection laws in their jurisdiction (including the Data Privacy Act of the Philippines where applicable).
• Handling member data requests (access, correction, deletion) in a timely manner.
• Maintaining confidentiality of sensitive member information.

Agnioz enforces role-based access controls. What each role can see and do with member data:

Parishes own their member and ministry data. Agniozstores this data on behalf of the parish and does not claim ownership. Parish data is logically isolated from other parishes through row-level security controls — one parish cannot access another parish's data.

In the event that a parish discontinues use of Agnioz, parish administrators may request a data export before their account is closed.

Agnioz stores ministry records — including schedules, attendance, assignments, and ministry application history — on behalf of the parish. These records are the administrative property of the parish and are accessible to authorized parish admins and officers according to their role.

A member's data visibility within the platform is governed by their role and the parish's configuration. Members can see their own data at all times. Broader visibility is restricted to authorized roles as described in the role-based access table above.

Parish admins configure which data fields are visible to which roles. Agnioz enforces these configurations at the database level through row-level security policies.

When a member requests deletion of their data, certain administrative records may be retained where there is a legitimate basis:

• Administrative records: Attendance records, assignment history, and ministry participation records may need to be preserved for parish administrative purposes, particularly where they relate to sacramental preparation or Church records.
• Legal requirements: Records required by applicable law must be retained for the required period.
• Anonymization: Where full deletion is not possible, personal identifiers may be removed and records retained in anonymized form.

See our Data Deletion Request page for how to submit a deletion request.

Agnioz implements multiple layers of security to protect parish and member data:

• Row-level security (RLS): Database-level policies ensure users can only access data they are authorized to see.
• Encryption: Data is encrypted in transit (TLS) and at rest using industry-standard encryption.
• Access controls: Role-based permissions are enforced at both the application and database layers.
• Audit logs: Platform activity is logged for security monitoring and incident response.

[Platform maintains security audit logs for access, authentication, and sensitive data operations — specific retention periods and audit log access policies to be confirmed before submission.]

For parish data management questions, contact us at: agnioz@agnioz.com