Privacy Policy

01Introduction

This Privacy Policy explains how Coptic Investment Group LLC ("CIG," "we," "us," or "our"), a Pennsylvania limited liability company, collects, uses, shares, and protects information when you visit our websites or use our products, including CIG One, Coptic Events, CIG Construction, and the CIG Investor Portal (collectively, the "Services").

By using our Services, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Services.

02Information We Collect

Information You Provide

• Account information: name, email, phone number, profile photo, church or organization affiliation
• Investment-related information (CIG One): identification documents for KYC, accreditation status, payment details, signed legal agreements
• Event & community data (Coptic Events): RSVPs, prayer requests, donation history, league participation, photos uploaded
• Project & quote inquiries (CIG Construction): contact details, project scope, address, budget range
• Messages you send through contact forms, in-app chat, or support channels

Information Collected Automatically

• Device & usage data: IP address, browser type, operating system, device identifiers, pages viewed, referral source, timestamps
• Cookies & similar technologies (see Section 5)

Information from Third Parties

• Authentication providers (e.g., Apple, Google sign-in)
• Service providers used to verify identity or accreditation

03How We Use Information

We use the information we collect to:

• Provide, operate, and improve the Services
• Authenticate users and administer accounts
• Process investment transactions and maintain required investor records
• Process donations and event registrations
• Send administrative messages, security alerts, and updates
• Respond to inquiries and provide customer support
• Detect, prevent, and address fraud, abuse, or technical issues
• Comply with legal obligations including tax, securities, and AML requirements
• With your consent, send marketing or product updates (you can opt out at any time)

04When We Share Information

We do not sell your personal information. We share information only as follows:

• Service providers who help us operate the Services (cloud hosting, push notifications, error monitoring, email, analytics, identity verification) — bound by confidentiality obligations. See Section 6 for the specific providers we use.
• Within a church or organization on Coptic Events: information you choose to make visible (e.g., RSVPs, league rosters, prayer wall posts) is shared with members of your church community
• With your consent for any other disclosure
• For legal reasons: to comply with subpoenas, court orders, or applicable law; to protect the rights, property, or safety of CIG, our users, or the public
• Business transfers: if CIG is involved in a merger, acquisition, or asset sale, your information may be transferred with notice to you

05Cookies & Analytics

We use cookies and similar technologies to keep you signed in, remember preferences, and understand how the Services are used. We may use third-party analytics tools (such as Google Analytics or similar) to collect aggregated, non-identifying usage statistics.

Most browsers let you refuse cookies or delete them. Disabling cookies may break certain features of the Services.

06Data Security & Third-Party Processors

We use industry-standard security measures including encryption in transit (TLS), encrypted storage, role-based access controls, and audit logging. CIG One uses Firebase with strict security rules limiting each member to their own data.

The following third-party providers process limited data on our behalf to operate the Services. Each is bound by their own privacy and security commitments:

• Google Firebase — authentication, encrypted database, file storage, and serverless backend functions. Stores your account profile, signed agreements, and uploaded documents.
• Expo Push Notification Service — delivers push notifications to your device when you opt in. We send Expo a push token tied to your device and the message content; we never share your name or email through this channel.
• Sentry — captures crash reports and error logs from the app to help us diagnose technical issues. Reports include the type of error, the screen you were on, and your user ID; they do not include passwords, signatures, KYC documents, or financial values.

We do not currently use any payment processor; all member contributions are recorded manually inside the app for admin review. If we add a payment processor (such as Stripe) in the future, we will update this Policy and notify members.

No system is perfectly secure. You are responsible for keeping your account credentials confidential and notifying us promptly of any suspected unauthorized access.

07Data Retention

We retain personal information for as long as your account is active and as needed to provide the Services. After account closure, we may retain certain data:

• Investment, tax, and AML records as required by law (typically 5–7 years)
• Donation receipts and giving statements as required for tax reporting
• Anonymized or aggregated data indefinitely for analytics

You may request deletion of your account and personal data at any time (see Section 8).

08Your Rights & Choices

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Request deletion of your information (subject to legal retention requirements)
• Object to or restrict certain processing
• Receive your data in a portable format
• Withdraw consent for marketing communications at any time

To exercise any of these rights, email us at support@copticinvestmentgroup.com. We will respond within 30 days.

09Children's Privacy

The investment-related Services (CIG One, Investor Portal) are not directed to anyone under 18. The community Services (Coptic Events) may be used by minors only with parental consent and under the supervision of the church administering the account. We do not knowingly collect personal information from children under 13. If we learn we have done so, we will delete it.

10International Users

Our Services are operated from the United States. If you access them from outside the U.S., your information will be transferred to and processed in the U.S., which may have data protection laws that differ from your country.

11Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top. Material changes will be communicated via email or a prominent notice in the Services. Continued use after changes take effect constitutes acceptance.

12Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Coptic Investment Group LLC
Email: support@copticinvestmentgroup.com
Web: copticinvestmentgroup.com