Introduction

Ministrium is a Software-as-a-Service (SaaS) platform built for a single type of customer: the local church that wants to operate with the discipline of a serious organization without losing pastoral closeness. It is not a generic CRM adapted for churches, nor an accounting system with a membership module bolted on top. It is one database, one interface, and one permission model designed from the ground up for the church use case.

Why does Ministrium exist?

Churches typically reach a point where the tools they were using stop working:

The member spreadsheet lives on one person’s laptop and nobody knows which is the current version.
Donations are tracked in another spreadsheet, tax-deductible receipts are handwritten, and at year’s end nothing reconciles.
The youth pastor keeps their own attendance list, the children’s pastor another, and nobody has aggregated visibility.
When a second campus opens, the entire system gets duplicated chaotically and executive reports stop being trustworthy.
When someone resigns or leaves, their personal email is still the only access point to critical information.

Ministrium answers this with a simple premise: the entire operation of the church should live in a single system, with fine-grained permissions per role and per campus, and with full audit trails of every action.

Design principles

The product decisions you’ll see throughout this documentation derive from five principles:

The church is the unit of isolation. Each church is an independent tenant. One church’s data never mixes with another’s, not even through a programming bug: this is enforced by the database, not just by the application.
The campus is the unit of operation. Attendance, donations, reports, and communications filter by campus natively. A campus leader sees only their campus; a general leader sees everything aggregated.
Permissions are fine-grained and composable. Nine functional roles (admin, pastor, supervisor, secretary, accountant, finance, ministry leader, cell leader, member) plus an optional campus scope, plus composite roles when a user has multiple responsibilities.
Auditing is structural. Every critical action is logged in an immutable trail with who, what, when, and from where. Nobody, not even the Ministrium team, can modify past entries.
Language is not an afterthought. The whole system runs in Spanish and English with equal quality. Tax-deductible receipts, transactional emails, reports, and documentation are synchronized in both languages.

What Ministrium is not

To prevent confusion from the start:

It is not a public-facing church website. If you need a site for the public to learn about your church, use a different CMS and connect the visitor form to Ministrium via API.
It is not a streaming platform. We don’t broadcast services. If your church streams, integrate Vimeo, YouTube, or Restream and link from Ministrium.
It is not a payment processor. We never touch the money. Stripe Connect is the processor and funds land directly in the church’s bank account.
It is not an ERP. We have donation accounting and QuickBooks reconciliation; we don’t run payroll or inventory.

This separation of responsibilities is deliberate: we do well what is proper to church operations and integrate with specialized systems for everything else.

How this documentation is organized

Welcome. The section you’re reading: vision, concepts, and glossary.
Getting Started. How to create your church, configure your first campus, invite your team, and receive your first donation.
Product. Documentation for each module: CRM, Attendance, Child Check-in, Donations, Events, Cell Groups, Communications, Reports.
Platform. Multi-Campus, Roles & permissions, Integrations, API Reference.
Security & Compliance. SOC 2, COPPA, HIPAA, GDPR/LGPD, encryption, MFA, audit trails, DPA.
Plans & Billing, Support, Resources. What you need to make contractual and operational decisions.

If this is your first time here, continue to What is Ministrium for a panoramic view of the modules.