Privacy Policy

Last updated: May 6, 2026
Contents
  1. Introduction
  2. Information We Collect
  3. How We Use Information
  4. When We Share Information
  5. Cookies & Analytics
  6. Data Security
  7. Data Retention
  8. Your Rights & Choices
  9. Children's Privacy
  10. International Users
  11. Changes to This Policy
  12. Contact Us

01Introduction

This Privacy Policy explains how Coptic Investment Group LLC ("CIG," "we," "us," or "our"), a Pennsylvania limited liability company, collects, uses, shares, and protects information when you visit our websites or use our products, including CIG One, Coptic Events, CIG Construction, and the CIG Investor Portal (collectively, the "Services").

By using our Services, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Services.

02Information We Collect

Information You Provide

Information Collected Automatically

Information from Third Parties

03How We Use Information

We use the information we collect to:

04When We Share Information

We do not sell your personal information. We share information only as follows:

05Cookies & Analytics

We use cookies and similar technologies to keep you signed in, remember preferences, and understand how the Services are used. We may use third-party analytics tools (such as Google Analytics or similar) to collect aggregated, non-identifying usage statistics.

Most browsers let you refuse cookies or delete them. Disabling cookies may break certain features of the Services.

06Data Security & Third-Party Processors

We use industry-standard security measures including encryption in transit (TLS), encrypted storage, role-based access controls, and audit logging. CIG One uses Firebase with strict security rules limiting each member to their own data.

The following third-party providers process limited data on our behalf to operate the Services. Each is bound by their own privacy and security commitments:

Payments. Paid event registrations, church donations, and premium subscriptions in Coptic Events are processed by Stripe (PCI-DSS compliant). Your card details go directly to Stripe and never touch our servers; we receive only a payment confirmation, the amount, and a transaction reference, which we store against your registration or donation record. Donations to a church are routed to that church's own connected Stripe account. Some organizers also record contributions made outside the app (cash, Venmo, Zelle, etc.) — for those we store only the note the organizer enters. See Stripe's Privacy Policy.

No system is perfectly secure. You are responsible for keeping your account credentials confidential and notifying us promptly of any suspected unauthorized access.

07Data Retention

We retain personal information for as long as your account is active and as needed to provide the Services. After account closure, we may retain certain data:

You may request deletion of your account and personal data at any time (see Section 8).

08Your Rights & Choices

Depending on your jurisdiction, you may have the right to:

To exercise any of these rights, email us at support@copticinvestmentgroup.com. We will respond within 30 days.

Deleting your Coptic Events account: you can delete your account and its data yourself, instantly, from the app (Profile → Delete Account). Step-by-step instructions are at copticinvestmentgroup.com/coptic-events/delete-account.html.

09Children's Privacy

The investment-related Services (CIG One, Investor Portal) are not directed to anyone under 18. The community Services (Coptic Events) may be used by minors only with parental consent and under the supervision of the church administering the account. The members-connections feature is restricted to adults 18+.

Children under 13 do not create accounts. Instead, a parent or guardian may create a managed child record from their own account so their child can appear on Sunday School rosters and be registered for church activities. A managed record contains only what the parent enters: the child's name, date of birth, gender, church, and optional notes (such as allergies or pickup instructions). The child has no login, no profile of their own, and cannot use chat, messaging, or any social feature. The child's emergency contact and address are the parent's own — we never collect them separately from the child.

Managed records are visible only to the child's parent(s) and the administrators of the child's own church. Consent forms (such as trip permission slips) are signed by the parent on the child's behalf, and the signature records the parent as the signer. When a child turns 13, a church administrator or priest may — with the family — invite them to claim their own account; the parent-managed record is then retired and its history preserved.

A parent may edit or delete their child's record at any time from the app, or request deletion by emailing support@copticinvestmentgroup.com. If we learn we have collected personal information from a child under 13 outside this parent-managed process, we will delete it.

10International Users

Our Services are operated from the United States. If you access them from outside the U.S., your information will be transferred to and processed in the U.S., which may have data protection laws that differ from your country.

11Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top. Material changes will be communicated via email or a prominent notice in the Services. Continued use after changes take effect constitutes acceptance.

12Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Coptic Investment Group LLC
Email: support@copticinvestmentgroup.com
Web: copticinvestmentgroup.com