1 Who We Are
PCCG Partners is operated by Prayer Centre Church of God, a registered religious organisation. The app is available at partners.prayercentrechurchofgod.org and through the Google Play Store and Apple App Store.
For all privacy matters, you may contact us using the details in Section 11.
2 Information We Collect
2.1 Information You Provide Directly
- Account details — your display name, email address, and profile photo when you register or link a Google or Facebook account.
- WhatsApp number — required from all users after registration to enable partner communications.
- Payment information — when you make a contribution, your transaction details (amount, date, reference) are recorded. Card or bank credentials are processed exclusively by Paystack and are never stored on our servers.
- Receipts — if you upload a payment receipt for manual verification, the image file is stored in Firebase Storage.
2.2 Information Collected Automatically
- Device token (FCM) — a Firebase Cloud Messaging token is collected to deliver push notifications to your device.
- Share events — when you share content through the app, we log the content ID, target platform, timestamp, and points awarded.
- Usage data — screens visited, features used, and session timing, collected in aggregate to improve the app experience.
- Crash and diagnostic data — error reports collected automatically to help us identify and fix bugs.
2.3 Information From Third Parties
- Google / Facebook Sign-In — when you authenticate using a social provider, we receive your name, email address, and profile photo as shared by that provider under their own privacy terms.
- Paystack — on successful payment, Paystack sends us a webhook event confirming the transaction reference, amount, and status. We do not receive full card or bank account details.
3 How We Use Your Information
We use the information we collect to:
- Create and manage your partner account
- Verify your identity and maintain the security of your account
- Process contributions and update your partner tier accordingly
- Send push notifications about live streams, partner events, and app updates
- Track and award points for content sharing (Media Partners)
- Calculate and display leaderboard rankings
- Provide access to partner-only live streams
- Respond to support enquiries
- Detect fraud, abuse, and violations of our Terms of Service
- Improve the app through aggregated, anonymised analytics
We do not use your personal information for automated decision-making or profiling in any way that produces legal or similarly significant effects.
4 Sharing & Disclosure
We do not sell, rent, or trade your personal information to third parties. We share data only in the following limited circumstances:
4.1 Service Providers
We engage trusted third-party services (listed in Section 5) that process data on our behalf solely to operate the app. Each is bound by data processing agreements and is not permitted to use your data for their own purposes.
4.2 Legal Requirements
We may disclose information if required to do so by law or in good-faith belief that such action is necessary to comply with a legal obligation, protect the rights or safety of PCCG or our users, or investigate fraud.
4.3 Organisational Transfers
If PCCG's operations are transferred, merged, or otherwise restructured, your data may transfer as part of that process. We will notify you via the app or email before any such transfer and before your data becomes subject to a different privacy policy.
5 Third-Party Services
The app is built on the following platforms, each with their own privacy practices:
- Firebase (Google) — Authentication, Firestore database, Cloud Storage, Cloud Functions, and Cloud Messaging. Firebase Privacy
- Paystack — Payment processing for Financial Partners. Card and bank data never touches our servers. Paystack Privacy
- Cloudinary — Used for media storage and server-side video compositing for the PIP editor feature. Cloudinary Privacy
- Expo / EAS — Used to deliver over-the-air JavaScript updates to the app. Expo Privacy
- Social Platforms (WhatsApp, Facebook, TikTok, Instagram) — When you share content via the native share sheet, the content is handled by the respective platform under their own privacy policies. We only log that a share occurred; we do not receive your credentials or contacts from those platforms.
6 Data Retention
We retain your personal data for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.
- Account data — retained while your account is active and for 2 years after account deletion.
- Transaction records — retained for 7 years to satisfy financial record-keeping requirements.
- Share event logs — retained for 2 years and then anonymised.
- Push notification tokens — updated on each login; expired tokens are removed automatically.
- Crash and diagnostic data — retained for 90 days.
7 Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures, including:
- All API endpoints require a valid Firebase ID token; unauthenticated requests are rejected.
- Admin-only operations require an additional verified custom claim.
- Payment webhook payloads are verified using HMAC SHA-512 signatures before processing.
- Firestore security rules restrict users to reading and writing only their own data.
- All data is transmitted over TLS (HTTPS).
- API endpoints are rate-limited to mitigate abuse.
No method of transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.
8 Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you.
- Correction — request that inaccurate or incomplete data be corrected.
- Deletion — request that we delete your account and associated personal data (subject to legal retention obligations).
- Objection — object to certain types of processing, such as direct marketing.
- Portability — receive a structured, machine-readable copy of data you have provided to us.
- Withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at the address in Section 11. We will respond within 30 days.
9 Children's Privacy
PCCG Partners is intended for users who are at least 18 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately and we will take steps to remove that information.
10 Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, where the changes are material, notify you via a push notification or an in-app message.
Continued use of the PCCG Partners app after changes take effect constitutes your acceptance of the revised policy. We encourage you to review this page periodically.
11 Contact Us
If you have questions, concerns, or requests relating to this Privacy Policy, please contact us:
PCCG Partners Data & Privacy
Website: prayercentrechurchofgod.org
App: partners.prayercentrechurchofgod.org
Also see our Terms of Service for additional information about the rules governing your use of PCCG Partners.