Privacy Policy

FUBC Coffee (“we,” “us,” or “our”) is a volunteer-operated, non-profit coffee ministry of First Ukrainian Baptist Church. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, including our digital gift card and pre-order systems. By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy.

We do not sell, rent, or trade your personal information. We collect only what is necessary to operate our ministry services, including our digital gift card system, pre-ordering, tipping, loyalty rewards, Apple Wallet integration, community wall, and Pay It Forward pool.

2.1 Information You Provide Voluntarily

When you create a gift card or use our services, you may provide:

• Display name — used to identify your gift card and displayed on the community wall if you choose to participate
• Email address — optional; used for gift card lookup, account recovery, and order-ready notifications (only if you opt in via your notification settings)
• Personal identification number (PIN) — used to secure your gift card account; stored exclusively as a one-way cryptographic hash (bcrypt) and is never accessible in plain text by any person, including our administrators
• Pre-order details — drink selection, size, temperature, milk preference, and syrup choices you provide when placing a pre-order
• Tip selections — voluntary tip amounts ($1, $2, or $3) you choose to send to the ministry
• Community wall messages — optional messages you post to the public community wall, visible to all users
• Notification preferences — your choices regarding push notifications, email notifications, Live Activity updates, and Sunday reminders

2.2 Information Collected Automatically

We do not operate third-party advertising networks, behavioral tracking pixels, or analytics platforms (such as Google Analytics) on this website. We do not use tracking cookies. The only cookie we set is an authentication cookie used exclusively to maintain a logged-in session for authorized ministry administrators. This cookie is:

• HTTP-only (inaccessible to JavaScript)
• Secure (transmitted only over HTTPS in production)
• SameSite=Strict (not sent on cross-site requests)
• Valid for 12 hours, then automatically expired

If you use our iOS app and opt in to push notifications, we collect your device's push notification token (Apple Push Notification service token). This token is used solely to send you order-ready notifications and Sunday reminders, and is stored in our database linked to your gift card. We use OneSignal, Inc. as a third-party service provider to deliver push notifications. OneSignal processes your device token only for the purpose of delivering notifications on our behalf. You can control which notifications you receive through the in-app notification settings.

If you opt in to email notifications, we use Resend, Inc. as a third-party service provider to deliver order-ready email notifications to the email address associated with your gift card. Resend processes your email address only for the purpose of sending transactional notifications on our behalf. You can enable or disable email notifications at any time through your notification settings. We do not send promotional or marketing emails.

If you use Live Activities (iOS 16.2+), our app may display real-time order status updates on your Lock Screen and Dynamic Island. Live Activity data is processed entirely on your device and is not transmitted to any third party. You can enable or disable Live Activities through your notification settings.

If you add your gift card to Apple Wallet, a digital pass is generated and stored on your device. The pass contains your card identifier and QR code for scanning at the counter. Apple Wallet passes are managed by Apple's PassKit framework on your device.

If you use biometric authentication (Face ID or Touch ID) within our iOS app, all biometric processing occurs entirely on your device using Apple's LocalAuthentication framework. No biometric data is transmitted to or stored on our servers. Biometric authentication is used solely as a convenience to verify your PIN without manual entry.

Standard web server logs may record your IP address, browser type, and pages visited solely for operational security and error diagnosis. These logs are not used for marketing or profiling purposes.

2.3 Financial Information

FUBC Coffee does not process, collect, or store credit card numbers, debit card numbers, bank account details, or any payment card information. Gift card balances represent pre-loaded credits exchanged at our physical counter using cash. No financial institution data of any kind passes through our platform.

We use the information we collect solely to:

• Operate and display your digital gift card balance, transaction history, and loyalty points
• Process pre-orders and notify our volunteer team to prepare your order
• Send you order-ready notifications via push notification and/or email (based on your preferences)
• Display real-time order status updates via Live Activities on your Lock Screen and Dynamic Island
• Process tips you choose to send to the ministry
• Display community wall messages you choose to share
• Allow you to recover access to your gift card via email and PIN verification
• Generate Apple Wallet passes for convenient card access
• Maintain the security of our administrative systems
• Respond to your inquiries or requests for support

We do not use your information for marketing communications, targeted advertising, profiling, or automated decision-making. We do not send promotional emails. All notifications are transactional in nature and controlled by your notification preferences.

We do not sell, license, or share your personal information with third parties, except in the following limited circumstances:

• Service Providers: We use the following third-party service providers, each acting as a data processor on our behalf: (a) Supabase, Inc. — a PostgreSQL database-as-a-service provider that stores application data, hosted on AWS in the United States; (b) OneSignal, Inc. — delivers push notifications to our iOS app users, receiving only your device push token; (c) Resend, Inc. — delivers transactional email notifications (order-ready alerts) to users who opt in, receiving only your email address. Each provider is contractually limited to processing your data solely for the purpose of providing their respective services on our behalf.
• Legal Compliance: We may disclose information if required to do so by applicable law, court order, or governmental authority, or if we believe in good faith that such disclosure is necessary to protect the rights, property, or safety of our ministry, volunteers, or the public.
• Ministry Operations: Authorized volunteer administrators of FUBC Coffee may view your display name and gift card balance for the purpose of processing transactions at our physical service counter. Your PIN is never visible to administrators.

We retain gift card account data for as long as your account remains active or as reasonably necessary to fulfill the purposes described in this policy. If a gift card has a zero balance and has not been used for twenty-four (24) months, we reserve the right to archive or delete the associated account data.

Pre-order records are retained for operational and financial transparency purposes for a period of no less than twelve (12) months.

You may request deletion of your account and associated personal data at any time by contacting us at fubcband@gmail.com. We will process deletion requests within thirty (30) days.

We implement commercially reasonable technical and organizational safeguards to protect your personal information from unauthorized access, alteration, disclosure, or destruction, including:

• All data transmissions are encrypted in transit via TLS/HTTPS
• PINs are hashed using the bcrypt algorithm (cost factor 12) and are irreversible
• Administrative access is protected by bcrypt-hashed passwords and cryptographically signed JSON Web Tokens
• Row-level security (RLS) is enforced at the database layer to restrict unauthorized data access
• Database service keys are never exposed to client-side code

No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

Our services are intended for use by individuals of all ages within our church community, including minors. We do not knowingly collect personal information from children under the age of 13 beyond a display name chosen by a parent or guardian. If you believe a child under 13 has provided us personal information without parental consent, please contact us at fubcband@gmail.com and we will promptly delete such information.

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate personal information
• Delete your personal information (subject to legal and operational obligations)
• Object to certain uses of your personal information
• Portability of your personal data in a structured, machine-readable format

To exercise any of these rights, please contact us at fubcband@gmail.com. We do not discriminate against individuals who exercise their privacy rights.

Our website may contain links to third-party websites, including our Instagram profile. We are not responsible for the privacy practices of those websites. We encourage you to review the privacy policies of any third-party sites you visit.

We may update this Privacy Policy from time to time. When we do, we will revise the Effective Date at the top of this page. We encourage you to review this policy periodically. Your continued use of our services after changes are posted constitutes your acceptance of the revised policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: