Skip to main content

Security

Your attendance data — and the images we capture to validate it — are some of the most sensitive things your church entrusts to us. We treat them that way. This page summarizes how Kingdom Metrics protects your data. For full legal terms, see our Privacy Policy and Terms of Service.

What we don't collect

Kingdom Metrics performs no facial recognition and collects no biometric data. We do not generate faceprints, body geometry, or any other biometric identifiers. Each capture produces an aggregate headcount only — nothing that identifies an individual. This is our most important security property.

Encryption

Data is encrypted in transit and at rest. External connections use HTTPS; internal services authenticate to one another with mutual TLS. The database and image storage are both encrypted on disk.

Where your data lives

Kingdom Metrics infrastructure runs in the United States. Attendance records and captured images are stored on encrypted, authenticated systems and are not shared with advertising or analytics providers. We do not sell your data.

Access controls

  • Sign-in uses OpenID Connect with PKCE — your password is never transmitted to or stored by Kingdom Metrics. Sign-in with Google is supported.
  • Repeated failed sign-in attempts trigger account lockout.
  • Self-registration is disabled. Users must be invited by an administrator.
  • Role-based access ensures each user sees only their own organization's data.
  • Internal access to customer data is limited to authorized Kingdom Metrics personnel under least-privilege defaults.

Attendance capture is schedule-driven

Attendance images are only captured at the times you configure. Outside those windows we may make brief connections to your cameras for health checks, diagnostics, and onboarding tasks (for example, a placement-preview snapshot during install) — but no attendance images are captured or stored.

Network footprint at your site

On-site cameras make outbound connections only — no inbound ports need to be opened on your network. Whenever possible, cameras should be isolated on a dedicated VLAN with outbound internet access only.

Incident response

In the event of a confirmed data incident affecting your organization, we commit to notifying you within 72 hours, consistent with GDPR and CCPA requirements.

Privacy regulations

Our Privacy Policy addresses CCPA/CPRA, CAN-SPAM, TCPA, and COPPA. Because we collect no biometric identifiers, the Illinois Biometric Information Privacy Act (BIPA) does not apply to our headcount functionality. Our SMS Policy documents consent-based messaging and opt-out procedures.

Reporting a security issue

If you believe you have found a security vulnerability in any Kingdom Metrics service, please email [email protected]. We appreciate responsible disclosure and will acknowledge your report promptly.