Privacy Policy

Offryn (“Offryn,” “we,” “us,” or “our”) is an independent software platform that lets members of Christ Embassy and other faith communities buy, hold, send, and give in Espees (ESP) stablecoin. We are not owned by, operated by, or officially affiliated with Christ Embassy. This Privacy Policy explains what information we collect, why we collect it, and how we handle it.

Account information

• Your phone number (used as your primary account identifier).
• A display name you choose to show to other users.
• Optional information such as an email address, username, and profile details.
• Your PIN, stored only as a bcrypt hash. We never see or store the original value.
• The date and time you accepted our Terms of Service and this Privacy Policy.

Transaction information

• Purchases: the USD amount, ESP amount, exchange rate, fees, and a reference to the Stripe charge. We never receive or store your full card number.
• Sends and offerings: sender, recipient (another Offryn user, a church in our registry, or an external Espees wallet address), amount, timestamp, and status.
• Church codes you enter and any church registry entries you submit.

Device and usage data

• IP address, device type, browser or app version, and approximate location derived from IP.
• Server and application logs, including error reports captured by our monitoring provider (Sentry).

Communications

• Messages you send us at support@offryn.co, and our replies.

We use the information we collect to:

• Operate the platform: credit your purchases, execute sends and offerings, maintain your balance, and verify church codes.
• Keep accounts secure: detect fraud, rate-limit abuse, and investigate suspicious activity.
• Send you service communications such as OTP codes, receipts, offering confirmations, and notifications about failed or pending transactions.
• Respond to support requests and improve the product.
• Meet legal, tax, accounting, and compliance obligations.

We do not use your personal information to serve third-party advertising, and we do not sell it.

We share information with trusted service providers only as needed to run the platform. Our current processors:

• Stripe — card payment processing. Card details go to Stripe directly; Offryn stores only a Stripe customer reference.
• Espees — the Espees Vending API executes outbound ESP transfers. We share recipient wallet addresses and amounts to complete each vend.
• Supabase — hosted database and authentication infrastructure.
• Twilio — SMS delivery for OTP codes and transaction alerts.
• Resend — transactional email delivery.
• Sentry — error monitoring for the web, mobile, and backend apps.

We may also disclose information when required by law, to respond to a valid legal process, or to protect the rights, property, or safety of Offryn, our users, or the public.

If Offryn is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

We keep your account and transaction records for as long as your account is active and for a period afterward as needed to comply with tax, accounting, fraud investigation, and other legal obligations. Backups and logs may persist for a limited additional time.

We take security seriously. A few specifics:

• Phone numbers used for recipient lookups are stored as hashes, so we can match them without keeping plaintext lookup tables.
• PINs are stored only as bcrypt hashes. The original PIN never leaves your device in a recoverable form.
• Card details are handled directly by Stripe. Offryn's servers never receive full card numbers.
• Traffic between your device and Offryn is encrypted in transit (TLS).
• We restrict internal access to production data to a small number of personnel on a need-to-know basis.

No system is perfectly secure. Use a strong, unique PIN, keep your phone secure, and contact support@offryn.co immediately if you suspect unauthorized activity.

You can ask us to:

• Tell you what information we hold about you.
• Correct information that is inaccurate or incomplete.
• Delete your account. We may retain transaction records where the law requires.
• Provide a copy of your data in a common, portable format.
• Opt out of non-essential communications. We cannot stop sending service messages required to run your account (OTP codes, receipts, account alerts).

Email support@offryn.co to exercise any of these rights. Depending on where you live, local laws such as the California Consumer Privacy Act (CCPA), Colorado Privacy Act, or Canadian PIPEDA may give you additional rights; we will honor those rights to the extent they apply.

Offryn is not for anyone under 18. We do not knowingly collect information from minors. If you believe a minor has created an account, email support@offryn.co and we will remove it.

Offryn is currently available to residents of the United States and Canada only. Your information is processed and stored in the United States. By using Offryn you consent to that processing.

We may update this Privacy Policy from time to time. If we make a material change, we will notify you in the app or by email before it takes effect. The “Last updated” date at the top of this page always reflects the current version.

Questions about your privacy or this policy? Email support@offryn.co.