Last updated: July 17, 2018
What information do we collect?
- Our website logs URLs and user agents of anonymous visitors. Submitting a support/information ticket and/or logging into a client account will log a hostname and/or IP address.
- Our client websites may embed various social media content, utilize server-based and/or Google Analytics web analytics, and other client-uploaded content. We monitor websites manually and with 24/7 automated tools for unauthorized changes and security.
Webmail and Email Services
- Logs for message delivery, and webmail logins are retained for 3 days. This may include IP addresses.
- We retain aggregated, per-user and per-domain statistics such as volume of message traffic, SMTP/IMAP/POP usage, and spam/virus filtering counts for up to 3 months.
- All connections to our websites, including email services and client websites, are protected from manipulation or observation by HTTPS encryption (also known as TLS or SSL), whenever possible.
- Credit card data entered on our billing and support website (my.churchwebsupport.com) is never stored by us. Our secure payment processor stores full credit card information, while only an identifying token is stored by us.
- Client billing and support data is protected by a combination of encryption at-rest, enforced internal multi-factor authentication, secured remote backups, and storage with at least 99.999999999% durability.
- Content on client websites is protected by automatic (rolling, up to 20) backups, made upon each major change or re-publishing. Manual (rolling, up to 10) backups can also be created.
- All client data stored by our billing and support website (my.churchwebsupport) is deleted if no invoicing or transaction activity has occurred for 36 months.
- Any data we maintain can be purged from our systems and/or provided within 30 days, upon verifiable request.
Please contact us at firstname.lastname@example.org with any questions or concerns.