Church Community Builder
- Information We Collect
- Information We Collect Automatically
- Cookies and Tracking Technology
- How We Use Your Information
- How We Share Your Information
- Security of Your Information
- International Data Transfers
- EU-US and Swiss-US Privacy Shield Frameworks
- Your Rights
- Children’s Information
- Additional Information for California Residents
- Additional Information for Eea, Swiss And Uk Users
- Data Protection Officer
- How to Contact Us
Last updated: September 1, 2020
This Policy applies to the website of CCB and associated websites (collectively, the “Websites”) and all products and services we provide, including the CCB mobile application, the LEAD mobile application, and the Check-In mobile application (collectively, the “Services”) when we are acting in our capacity as a business or data controller. It also applies anywhere it is linked.
Please note this Policy does not apply to the information that CCB processes on behalf of our client churches acting as a service provider or data processor. In such cases, it is the churches which remain responsible for the handling of your personal information. CCB is not responsible for the privacy or security practices of our client churches, which may differ from those set forth in this Policy. If you are an attendee of a church and have questions or concerns about how your personal information is handled, please contact your church or consult with the policies they have in place.
Additionally, this Policy does not apply to non-CCB websites and mobile applications that may link to our Websites and Services or be linked to or from the Websites and Services; please review the privacy policies on those websites and applications directly to understand their privacy practices.
Information We Collect
CCB offers a web-based church management software solution designed to help church leaders build and support a more connected, smoother running ministry. CCB collects, processes, and retains information about the church entities who purchase the software (“Clients”), including information regarding the individuals who utilize the software on behalf of our Clients (“Authorized Individuals”).
If you are an Authorized Individual, we collect the following information from you:
- Your name, email address, and other contact information when you sign up for an account, subscribe to our email bulletins, or take part in training and events;
- Payment information such as credit card information, billing address, and other required billing information when you make purchases;
- Your religious affiliation or denomination;
- Your postings when you participate in community forums or interact with us on social media;
- Your contact information and a record of any correspondence when you contact us;
- Information you provide when you complete a survey administered by us or a vendor acting on our behalf.
Certain features of the CCB software enable Authorized Individuals to input information regarding individuals within their church communities. CCB collects and processes that information at the direction of our Clients as a service provider or processor on behalf of those Clients. Please contact your church community for information regarding their information collection, use, and retention practices.
Information We Collect Automatically
When you interact with our Websites and Services, we collect certain information automatically. This information is collected through cookies, web beacons, and other tracking technologies, as well as through your web browser or device. For further information, please see the Cookies And Tracking Technologies section below or our Cookie Notice. We collect the following information from you automatically:
- Details of your visits to our Websites and information generated in the course of the use of our Websites and Services (including the timing, frequency, and pattern of service use) such as traffic data, location data, time zone, weblogs, and other communication data, the resources that you access, and how you reached our site;
- Details regarding the device you use to access our Websites and Services, including, but not limited to, your web browser, IP address, operating system, and browser type;
- Information about how you interact with our ads and newsletters, including whether you open or click links in any correspondence;
- Information that you make available to us on a social media platform (such as by clicking on a social media icon linked from our Websites or Services), including your account ID or username and other information included in your posts.
Cookies and Tracking Technology
We rely on partners and vendors to collect data automatically and provide many features of our Websites and Services. For instance, we use Google Analytics to help us analyse how users interact with and use our Services, compile reports and provide other services related to activity and usage of the Services. We also rely on third party partners and vendors for fraud prevention, security and authentication purposes. For more information about third party partners, please review our list of Cookies in use. You can follow up with these partners to find out more about their use of your data and how to exercise your options regarding tracking.
Most web browsers automatically accept cookies, but if you prefer, you can usually modify your browser setting to disable or reject cookies. If you delete your cookies or set your browser to decline cookies, some features of the Services may not be available, work, or work as designed. You may also be able to opt out of or block tracking by interacting directly with the other companies who conduct tracking through our Services.
Your browser or device may include “Do Not Track” functionality. At this time, we do not alter our sites’ data collection and use practices in response to Do Not Track signals.
- Apple: http://support.apple.com/kb/HT4228
- Android: https://support.google.com/ads/answer/2662922
- Windows: http://choice.microsoft.com/en-US/opt-out
Please note that opting out of advertising networks services does not mean that you will not receive advertising while using our Sites or Services, nor will it prevent the receipt of interest-based advertising from other companies that do not participate in these programs. It will, however, exclude you from interest-based advertising conducted through participating networks, as provided by their policies and choice mechanisms. If you delete your cookies, you may also delete your opt-out preferences.
How We Use Your Information
We use the information we collect from you for the following purposes:
- To provide you with our products and services, including creating your account, processing payments and communicating with you regarding your orders;
- To provide you with the best service and improve and grow our business, including improving and optimizing our websites and mobile applications, understanding our customer base and purchasing trends, and understanding the effectiveness of our marketing;
- To respond to your comments and questions, provide customer service and send you service-related information such as confirmations, technical notices, updates, security alerts, invoices and other administrative messages;
- To detect, investigate, prevent and take action regarding security incidents and activities that may violate our policies or be fraudulent or illegal, including screening orders for potential risk or fraud, and complying with legal requirements regarding the provision of products and services;
- To provide you with information or advertising relating to our products and services, including targeted advertisements and marketing communications that we believe may be of interest to you, in line with the preferences you have shared with us.
How We Share Your Information
- Outside Vendors: We engage the following types of vendors to perform functions on our behalf: billing and collection providers; advertising and marketing; auditing and accounting firms; professional services consultants; website hosting services; providers of analytics services; security and fraud-detection vendors; and IT vendors. These entities are not authorised to use your information for purposes other than to provide their services and do not have independent rights to your personal information. You may follow this link to view the current list of vendors (also known as processors) we use to process data.
- Affiliates: We may share your information with our affiliate companies. We became part of the Pushpay Group of companies in December, 2019 and we are owned by Pushpay USA Inc. Pushpay help support some of our tools and features: you can find out more about them and their data practices here.
- Social Media Platforms: Where you choose to interact with us through social media, your interaction with these programs typically allows the social media company to collect some information about you through cookies they place on your device and other tracking mechanisms. In some cases, the social media company may recognize you through its digital cookies even when you do not interact with their application. This Policy does not apply to your use of any such third-party platforms. Please visit the social media companies’ respective privacy policies to better understand their data collection practices and controls they make available to you.
- Change of Ownership or Corporate Organization: We may transfer to another entity or its affiliates or service providers some or all information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets, or any line of business, change in ownership control, or financing transaction.
- Law Enforcement, Legal Process, and Emergency Situations: We also use or disclose your personal information if required to do so by law or on the good-faith belief that such action is necessary to (a) conform to applicable law or comply with legal process served on us or our sites; (b) protect and defend our rights or property, the websites or those that use it; or (c) act to protect the personal safety of us, those that use our websites, or the public.
- With your consent: We may share your information with other third parties with your approval and consent.
Security of Your Information
We use physical, technical, and administrative safeguards to protect the information we collect through the Services. While we use these precautions to safeguard your information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf. Some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when we have an ongoing legitimate business need or legal obligation to retain the data. When you delete data, we follow a deletion policy to make sure that your data is safely and completely removed from our servers or retained only in anonymized form.
International Data Transfers
When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as the United States, where our data hosting provider’s servers are located. The laws in the United States regarding personal information may be different from the laws of your jurisdiction. Any cross-border transfers will comply with the safeguards required by applicable law. For individuals in the European Economic Area (EEA), your data may be transferred outside of the EEA. CCB has certified its compliance with the EU-US and Swiss-US Privacy Shield Frameworks with respect to personal data concerning individuals from the EEA, UK and Switzerland. Please see below for more information.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
EU-US and Swiss-US Privacy Shield Frameworks
CCB complies with the EU-US and Swiss-US Privacy Shield Frameworks, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the European Union, the United Kingdom and/or Switzerland to the United States. CCB adheres to and will abide by the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement, and Liability when processing such personal data.
In the context of an onward transfer Pushpay has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Pushpay shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Pushpay proves that it is not responsible for the event giving rise to the damage.
For more information about the Privacy Shield, see the US Department of Commerce’s Privacy Shield website located at: https://www.privacyshield.gov. To review the certification on the Privacy Shield list, see the US Department of Commerce’s Privacy Shield self-certification list located at: https://www.privacyshield.gov/list.
You have certain rights relating to your personal information. If you wish to unsubscribe to our marketing communications, you can do so at any time – just click on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you, or send your request to firstname.lastname@example.org.
You also have the right to:
- know what personal information we hold about you, and be able to check to make sure it is correct and up-to-date;
- request a copy of your personal information; and
- in certain circumstances, ask us to delete the information we hold about you.
You can exercise these rights at any time by sending an email to email@example.com or by contacting us using the contact details provided under the “How To Contact Us” section below.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Our Websites and Services are intended for Authorized Individuals age 16 and older. We do not knowingly collect information from children. If we discover that we have inadvertently collected information from anyone younger than the age of 16, we will delete that information. If you believe that we have collected personal information from children, please contact us at the email address listed below.
Additional Information for California Residents
If you are a California resident, the following information also applies to you and supplements the information contained in the Policy.
Persons with disabilities may obtain this Policy in alternative format upon request by contacting us at firstname.lastname@example.org or by calling +1 (866) 242-1199.
Residents of the State of California have the right to request information regarding third parties to whom companies have disclosed certain categories of personal information during the preceding year for the third parties’ direct marketing purposes. We do not disclose personal information to third parties for the third parties' direct marketing purposes.
The California Consumer Privacy Act (“CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of “personal information,” as well as rights to access and control personal information. The CCPA defines “personal information” to mean “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CCPA because it is considered publicly available information (i.e., it is made available by a government entity) or covered by a federal privacy law, such as the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act.
To the extent that we collect personal information that is subject to the CCPA, that information, our practices, and our rights are described below.
Right To Information Regarding The Categories Of Personal Information Collected, Sold, And Disclosed
The following is a description of our data collection practices, including the personal information we collect, the sources of that information, the purposes for which we collect information, and whether we disclose that information to external parties. We may use any and all of the information for any of the purposes described in this Policy, unless limitations are listed. The categories we use to describe the information are those enumerated in the CCPA.
- Personal Identifiers:
- We collect your name, billing address, email address, and telephone number when you create an account, complete a transaction, or otherwise communicate with us. We collect your email address when you subscribe to our email list.
- We collect your social media handle and basic account information when you interact with our Services through social media.
- We collect a unique numerical identifier, assigned to you by a first-party cookie, automatically when you use our Services in order to identify you, provide the Services, keep you logged in to the Services, prevent fraud, and provide you with targeted information and offers.
- We collect your payment information when you complete a transaction. You have the option to store this information to your account or set up a recurring transaction. We use this information to streamline and facilitate payments and transactions.
- We do not collect your Social Security number, Driver’s License number, or Passport number.
- We collect your IP address automatically when you use our Websites and Services. We may use this information to identify you, gauge online activity on our website, measure the effectiveness of online services, applications, and tools, and serve targeted advertisements based on your online activities.
- We collect your Device ID automatically when you use our Websites and Services. We use this information to monitor your use and the effectiveness of our Services, to identify you, and to provide you with targeted information and offers.
- Protected Classifications: We collect your religious affiliation in order to provide services to you.
- Commercial Information: When you engage in transactions with us, we create records of goods or services purchased or considered, as well as your purchasing or consuming histories or tendencies.
- Biometric Information: We do not collect information about your physiological, biological, and behavioural characteristics.
- Internet or Other Electronic Network Activity Information: We collect information about your browsing history, search history, information regarding your interaction with websites, and applications or advertisements automatically when you utilize our Websites or Services.
- Geolocation Data: As described above, we collect your IP address automatically when you use our Services. We may be able to determine your general location based on your IP address. If you allow your device to provide us with this information, we use it to make improvements to our products and services, and to provide recommendations and deliver relevant advertising.
- Audio, electronic, visual, thermal, olfactory, or similar information: If you contact us via phone, we may record the call. We will notify you if a call is being recorded at the beginning of the call. We do not collect thermal, olfactory, or other similar information.
- Education information: We do not collect any information about the institutions you have attended or the level of education you have attained.
- Inferences drawn to create a profile about a consumer reflecting the consumer’s preferences or characteristics: We analyze your actual or likely preferences through a series of computer processes and add our observations to your internal profile. We use this information to gauge and develop our marketing activities, measure the appeal and effectiveness of our services, applications, and tools, and to provide you with targeted information, advertisements, and offers.
We may share any of the above-listed information with service providers, which are external parties that we engage for business purposes and are restricted from using personal information for any purpose that is not related to our engagement. The categories of service providers with whom we share information and the services they provide are described in this Policy.
We may also disclose information to other external parties who are not listed here when required by law or to protect our company or other persons, as described in this policy.
Right To Access Information
You have the right to request access to personal information collected about you and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. To protect your personal information, we will verify your identity before we act on your request.
Right To Request Deletion Of Information
You have the right to request in certain circumstances that we delete any personal information that we have collected directly from you. To protect your personal information, we will verify your identity before we act on your request.
Right to Non-Discrimination
We will not discriminate against you for exercising any of your rights under the CCPA.
Right to Opt-Out of Sales
We do not sell personal information, so we do not have an opt-out.
Right to be Notified of Financial Incentives
You have the right to be notified of any financial incentives offers and their material terms, and the right to opt-out of such incentives at any time. We do not offer any such incentives at this time.
You can exercise these rights at any time by sending an email to email@example.com or by contacting us using the contact details provided under “How To Contact Us” section below.
Under the CCPA, you may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. We may request that your authorized agent have written permission from you to make requests on your behalf and may need to verify your authorized agent’s identity.
Additional Information for Eea, Swiss And Uk Users
For individuals in the European Economic Area (EEA), Switzerland and the United Kingdom (UK), the following information also applies to you and supplements the information contained in the Policy.
Church Community Builder, LLC is not the data controller of your personal data.
As explained above, in providing its Services CCB processes personal data on behalf of our client churches acting as a data processor. If you are an attendee of a church and have questions or concerns about how your personal information is handled, please contact your church or consult with the policies they have in place.
VeraSafe has been appointed as CCB’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. VeraSafe can be contacted in addition to CCB’s Privacy Officer, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form or via telephone at: +420 228 881 031. Alternatively, VeraSafe can be contacted at: VeraSafe Ireland Ltd. Unit 3D North Point House North Point Business Park New Mallow Road Cork T23AT2P Ireland
Legal Basis For Processing
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. Where we collect personal data, we typically only process it:
- To perform a contract with you: We process your personal data as necessary to perform our contract with you to provide the Services, including to register and administer your account with us.
- With your consent: At times, we process your personal data based on your consent. This may include, for example, when we send you newsletters, e-mails and surveys about our Services.
- Based on our legitimate interests: We may process your personal data where we have legitimate interests to do so and do not override your fundamental rights and freedoms related to data privacy. This includes, for example, providing you with requested customer service or technical support, debugging and improving our Services, improving our Services and establishing, exercising or defending legal claims.
- In accordance with a legal obligation: We also process your personal data in order to comply with certain legal obligations to which we are subject.
International Data Transfers
Your personal data may be transferred outside of the EEA, Switzerland or the UK. Where your personal data is transferred outside the EEA, Switzerland or the UK, it will only be transferred to countries that have been identified as providing adequate protection or to a third party where we have approved transfer mechanisms in place to protect your personal data – for example, by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties). For further information, please contact us using the details set out in the How to Contact Us section below.
In compliance with the Privacy Shield Principles, CCB commits to resolve complaints about our collection or use of your personal data. EU, Swiss or UK individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us by email at firstname.lastname@example.org, or by mail at CCB, Attention: Operations, 10807 New Allegiance Drive, Suite 300, Colorado Springs, CO 80921, U.S.A.
CCB has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit http://www.jamsadr.com/file-an-eu-us-privacy-shield-claim for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Your Privacy Rights
You have the following rights in respect of your personal data:
- Rights to Access, Correct and Delete: You have the right to view, correct, update, or request the deletion of your personal data as set out in detail in the "Your Rights" section above.
- Right to Object: Where we process your personal data based on legitimate interests, you may object to the processing of your personal data based on grounds relating to your particular situation.
- Right to Withdraw Consent: Where we process your personal data based on your consent, you have the right to withdraw such consent to further use of your personal data at any time. This will not affect the processing of your personal data before you withdrew consent.
- Right to Port Data: In certain circumstances, you can request that we transfer or port personal data that you have provided to us.
You can exercise these rights at any time by sending an email to email@example.com or by contacting us using the contact details provided under “How To Contact Us” section below.
We hope that we can satisfy queries you may have about the way we process your personal data. However, if you have unresolved concerns you also have the right to complain to the relevant data protection authority. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Economic Area and Switzerland are available here.
Data Protection Officer
CCB has appointed an internal data protection officer for you to contact if you have any questions or concerns about how we handle your personal information or our privacy policies and practices. CCB’s data protection officer’s name and contact information are as follows:Aaron Senneff
10807 New Allegiance Drive, Ste 300
Colorado Springs, CO 80921
+1 (866) 242-1199
How to Contact Us
10807 New Allegiance Drive, Suite 300
Colorado Springs, CO 80921