Church Community Builder
- Information We Collect
- Information We Collect Automatically
- How We Use Your Information
- How We Share Your Information
- Security of Your Information
- International Data Transfers
- Children’s Information
- Your California Privacy Rights
- Right to Information Regarding the Categories of Personal Information Collected, Sold, and Disclosed
- Right to Access Information
- Right to Request Deletion of Information
- EU-US and Swiss-US Privacy Shield Frameworks
- Rights of Individuals Located in the EEA or UK
- European Union Representation
- Data Protection Officer
- How to Contact Us
This Policy applies to the website of Church Community Builder and associated websites (collectively, the “Websites”) and all products and services we provide, including the Church Community Builder mobile application, the LEAD mobile application, and the Check-In mobile application (collectively, the “Services”) when we are acting in our capacity as a business. It also applies anywhere it is linked. It does not apply to the information that Church Community Builder processes on behalf of client churches when acting as a service provider. If you are an attendee of a church, please contact your church for questions related to how your personal information is controlled. This Policy does not apply to non-Church Community Builder websites and mobile applications that may link to our Websites and Services or be linked to or from the Websites and Services; please review the privacy policies on those websites and applications directly to understand their privacy practices.
Information We Collect
Church Community Builder offers a web-based church management software solution designed to help church leaders build and support a more connected, smoother running ministry. Church Community Builder collects, processes, and retains information about the church entities who purchase the software (“Clients”), including information regarding the individuals who utilize the software on behalf of our Clients (“Authorized Individuals”).
If you are an Authorized Individual, we collect the following information from you:
- Your name, email address, and other contact information when you sign up for an account, subscribe to our email bulletins, or take part in training and events;
- Payment information such as credit card information, billing address, and other required billing information when you make purchases;
- Your postings when you participate in community forums or interact with us on social media;
- Your contact information and a record of any correspondence when you contact us;
- Information you provide when you complete a survey administered by us or a vendor acting on our behalf.
Certain features of the Church Community Builder software enable Authorized Individuals to input information regarding individuals within their church communities. Church Community Builder collects and processes that information at the direction of our Clients as a service provider to those Clients. Please contact your church community for information regarding their information collection, use, and retention practices.
Information We Collect Automatically
When you interact with our Websites and Services, we collect certain information automatically. This information is collected through cookies, web beacons, and other tracking technologies, as well as through your web browser or device. We collect:
- Details of your visits to our Websites and information generated in the course of the use of our Websites and Services (including the timing, frequency, and pattern of service use) such as traffic data, location data, time zone, weblogs, and other communication data, the resources that you access, and how you reached our site
- Details regarding the device you use to access our Websites and Services, including, but not limited to, your web browser, IP address, operating system, and browser type
- Information about how you interact with our ads and newsletters, including whether you open or click links in any correspondence
- Information that you make available to us on a social media platform (such as by clicking on a social media icon linked from our Websites or Services), including your account ID or username and other information included in your posts
We rely on partners to collect data automatically and provide many features of our Websites and Services. For more information on this, please review our list of Cookies in use. You can follow up with these partners to find out more about their use of your data and how to exercise your options regarding tracking.
Most web browsers automatically accept cookies, but if you prefer, you can usually modify your browser setting to disable or reject cookies. If you delete your cookies or set your browser to decline cookies, some features of the Services may not be available, work, or work as designed. You may also be able to opt out of or block tracking by interacting directly with the other companies who conduct tracking through our Services.
Your browser or device may include “Do Not Track” functionality. At this time, we do not alter our sites’ data collection and use practices in response to Do Not Track signals.
You can learn more about ad serving companies and the options available to limit their collection and use of your information by visiting the websites for the Network Advertising Initiative, the Digital Advertising Alliance, and the European Interactive Digital Advertising Initiative. Similarly, you can learn about your options to opt out of mobile app tracking by certain advertising networks through your device settings and by resetting the advertiser ID on your Apple or Android device.
Please note that opting out of advertising networks services does not mean that you will not receive advertising while using our Services or on other websites, nor will it prevent the receipt of interest-based advertising from other companies that do not participate in these programs. It will, however, exclude you from interest-based advertising conducted through participating networks, as provided by their policies and choice mechanisms. If you delete your cookies, you may also delete your opt-out preferences.
How We Use Your Information
We use the information we collect from you for the following purposes:
- To provide you with our products and services, including processing payments and communicating with you regarding your orders
- To provide you with the best service and improve and grow our business, including improving and optimizing our websites, understanding our customer base and purchasing trends, and understanding the effectiveness of our marketing
- To detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal, including screening orders for potential risk or fraud, and complying with legal requirements regarding the provision of products and services
- To provide you with information or advertising relating to our products and services, including targeted advertisements and marketing communications that we believe may be of interest to you, in line with the preferences you have shared with us
How We Share Your Information
- Outside Vendors: We engage the following types of vendors to perform functions on our behalf: billing and collection providers; advertising and marketing; auditing and accounting firms; professional services consultants; website hosting services; providers of analytics services; security vendors; and IT vendors. These entities do not have independent rights to your personal information. You may follow this link to view the current list of vendors (also known and subprocessors) we use to process data.
- Social Media Platforms: Where you choose to interact with us through social media, your interaction with these programs typically allows the social media company to collect some information about you through cookies they place on your device and other tracking mechanisms. In some cases, the social media company may recognize you through its digital cookies even when you do not interact with their application. Please visit the social media companies’ respective privacy policies to better understand their data collection practices and controls they make available to you.
- Change of Ownership or Corporate Organization: We may transfer to another entity or its affiliates or service providers some or all information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets, or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information the same as described in this Policy.
- Law Enforcement, Legal Process, and Emergency Situations: We also use or disclose your personal information if required to do so by law or on the good-faith belief that such action is necessary to (a) conform to applicable law or comply with legal process served on us or our sites; (b) protect and defend our rights or property, the websites or those that use it; or (c) act to protect the personal safety of us, those that use our websites, or the public.
Security of Your Information
We use physical, technical, and administrative safeguards to protect the information we collect through the Services. While we use these precautions to safeguard your information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf. Some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary. When you delete data, we follow a deletion policy to make sure that your data is safely and completely removed from our servers or retained only in anonymized form.
International Data Transfers
When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as the United States, where our data hosting provider’s servers are located. The laws in the United States regarding personal information may be different from the laws of your jurisdiction. Any cross-border transfers will comply with the safeguards required by applicable law. For individuals in the European Economic Area (EEA), your data may be transferred outside of the EEA. Where your information is transferred outside the EEA, it will only be transferred to jurisdictions that have been identified as providing adequate protection for EEA data (like New Zealand), or under an approved transfer mechanism such as Standard Contractual Clauses, or under the EU-U.S. or Swiss-U.S. Privacy Shield. For further information, please contact us using the details set out in the How to Contact Us section below.
Our Websites and Services are intended for Authorized Individuals age 16 and older. We do not knowingly collect information from children. If we discover that we have inadvertently collected information from anyone younger than the age of 16, we will delete that information. If you believe that we have collected personal information from children, please contact us at the email address listed below.
Your California Privacy Rights
Persons with disabilities may obtain this notice in alternative format upon request by contacting us at firstname.lastname@example.org or by calling +1 (866) 242-1199.
Residents of the State of California have the right to request information regarding third parties to whom companies have disclosed certain categories of personal information during the preceding year for the third parties’ direct marketing purposes. You may submit a request to exercise your rights through one of these means:
- By calling us at +1 (866) 242-1199
- By emailing us at email@example.com
The California Consumer Privacy Act (“CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of “personal information,” as well as rights to access and control personal information. The CCPA defines “personal information” to mean “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CCPA because it is considered publicly available information (i.e., it is made available by a government entity) or covered by a federal privacy law, such as the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act.
To the extent that we collect personal information that is subject to the CCPA, that information, our practices, and our rights are described below.
Right to Information Regarding the Categories of Personal Information Collected, Sold, and Disclosed
The following is a description of our data collection practices, including the personal information we collect, the sources of that information, the purposes for which we collect information, and whether we disclose that information to external parties. We may use any and all of the information for any of the purposes described in this Policy, unless limitations are listed. The categories we use to describe the information are those enumerated in the CCPA.
- Personal Identifiers:
- We collect your name, billing address, email address, and telephone number when you create an account, complete a transaction, or otherwise communicate with us. We collect your email address when you subscribe to our email list.
- We collect your social media handle and basic account information when you interact with our Services through social media.
- We collect a unique numerical identifier, assigned to you by a first-party cookie, automatically when you use our Services in order to identify you, provide the Services, keep you logged in to the Services, prevent fraud, and provide you with targeted information and offers.
- We collect your payment information when you complete a transaction. You have the option to store this information to your account or set up a recurring transaction. We use this information to streamline and facilitate payments and transactions.
- We do not collect your Social Security number, Driver’s License number, or Passport number.
- We collect your IP address automatically when you use our Websites and Services. We may use this information to identify you, gauge online activity on our website, measure the effectiveness of online services, applications, and tools, and serve targeted advertisements based on your online activities.
- We collect your Device ID automatically when you use our Websites and Services. We use this information to monitor your use and the effectiveness of our Services, to identify you, and to provide you with targeted information and offers.
- Protected Classifications: We collect your religious affiliation in order to provide services to you. We do not collect your age, gender, race, ethnic origin, or sexual orientation.
- Commercial Information: When you engage in transactions with us, we create records of goods or services purchased or considered, as well as your purchasing or consuming histories or tendencies.
- Biometric Information: We do not collect information about your physiological, biological, and behavioral characteristics.
- Internet or Other Electronic Network Activity Information: We collect information about your browsing history, search history, information regarding your interaction with websites, and applications or advertisements automatically when you utilize our Websites or Services.
- Geolocation Data: As described above, we collect your IP address automatically when you use our Services. We may be able to determine your general location based on your IP address. If you allow your device to provide us with this information, we use it to make improvements to our products and services, and to provide recommendations and deliver relevant advertising.
- Audio, electronic, visual, thermal, olfactory, or similar information: If you contact us via phone, we may record the call. We will notify you if a call is being recorded at the beginning of the call. We do not collect thermal, olfactory, or other similar information.
- Education information: We do not collect any information about the institutions you have attended or the level of education you have attained.
- Inferences drawn to create a profile about a consumer reflecting the consumer’s preferences or characteristics: We analyze your actual or likely preferences through a series of computer processes and add our observations to your internal profile. We use this information to gauge and develop our marketing activities, measure the appeal and effectiveness of our services, applications, and tools, and to provide you with targeted information, advertisements, and offers.
We may share any of the above-listed information with service providers, which are external parties that we engage for business purposes and are restricted from using personal information for any purpose that is not related to our engagement. The categories of service providers with whom we share information and the services they provide are described in this policy.
We may also disclose information to other external parties who are not listed here when required by law or to protect our company or other persons, as described in this policy.
Right to Access Information
You have the right to request access to personal information collected about you and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. To protect your personal information, we will verify your identity before we act on your request.
Right to Request Deletion of Information
You have the right to request in certain circumstances that we delete any personal information that we have collected directly from you. To protect your personal information, we will verify your identity before we act on your request.
EU-US and Swiss-US Privacy Shield Frameworks
With respect to Personal Data concerning individuals in the EU and Switzerland, the United States incorporated subsidiaries of the Pushpay Group (the “U.S. Subsidiaries”) comply with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the US Department of Commerce. Church Community Builder is among the U.S. subsidiaries of the Pushpay Group.
Church Community Builder adheres to and will abide by the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability when processing such Personal Data.
Church Community Builder is responsible for the processing of Personal Data received under each Privacy Shield Framework and transferred to a third party acting as an agent on its behalf. Church Community Builder complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EEA and Switzerland, including the onward transfer liability provisions unless proven not responsible for the event giving rise to the damage.
With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, U.S. Subsidiaries are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, U.S. Subsidiaries may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
For more information about the Privacy Shield, see the US Department of Commerce’s Privacy Shield website located at: https://www.privacyshield.gov. To review the certification on the Privacy Shield list, see the US Department of Commerce’s Privacy Shield self-certification list located at: https://www.privacyshield.gov/list.
An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please refer to Privacy Shield Annex I for additional information: https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Rights of Individuals Located in the EEA or UK
We process “Personal Data,” as that term is defined in the EU General Data Protection Regulation, on the following legal bases: (1) with your consent; (2) as necessary to perform our agreement to provide Services; and (3) as necessary for our legitimate interests in providing the Services where those interests do not override your fundamental rights and freedom related to data privacy. We collect your religious affiliation with your explicit consent. Information we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or subcontractors maintain facilities, as described above.
Authorized Individuals that reside in the European Economic Area (“EEA”) or Switzerland have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available here.
If you are a resident of the EEA or Switzerland, you are entitled to certain rights. Please note: In order to verify your identity, we may require you to provide us with information prior to accessing any records containing information about you. These rights include the ability:
- to request from us access to information held about you
- to ask for the information we hold about you to be rectified if it is inaccurate or incomplete
- to ask for data to be erased if the data is no longer necessary for the purpose for which it was collected, you withdraw consent and no other legal basis for processing exists, or you believe your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing
- to request that we restrict our processing of your data based on legitimate interests or the performance of a task in the public interest as an exercise of official authority (including profiling); using your data for direct marketing (including profiling); or processing your data for purposes of scientific or historical research and statistics
To submit a request to exercise your rights, please contact us at firstname.lastname@example.org. We may have a reason under the law why we do not have to comply with your request, or may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
European Union Representation
VeraSafe has been appointed as Pushpay USA’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. VeraSafe can be contacted in addition to email@example.com, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative or via telephone at: +420 228 881 031.
Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd. Unit 3D
North Point House North Point
Business Park New Mallow Road
Cork T23AT2P Ireland
Data Protection Officer
Church Community Builder has appointed an internal data protection officer for you to contact if you have any questions or concerns about personal data, policies, or practices. Church Community Builder’s data protection officer’s name and contact information are as follows:
10807 New Allegiance Drive, Ste 300
Colorado Springs, CO 80921
+1 (866) 242-1199
How to Contact Us
Church Community Builder
10807 New Allegiance Drive, Suite 300
Colorado Springs, CO 80921