Last updated: November 22, 2019
Please contact us with any questions: firstname.lastname@example.org
- Personal Information — Any factual/subjective information, recorded or not, about an identifiable individual.
- PIPEDA — The Personal Information Protection and Electronic Documents Act defines a Canadian company’s obligations to define and maintain consent around individual’s personal information.
Collection of Personal Information
- To help prevent abuse an IP address is stored when submitting a support ticket, purchasing a product, logging into a client billing and support account, or using our email services.
- To help guide decision-making non-identifying visitor analytics may be stored by our own and client websites. Client websites may also embed various content subject to respective the policies.
Protection of Personal Information
- To reasonably protect against manipulation or observation by a third party, connections to our websites, client websites and email services are encrypted with Transport Layer Security (TLS).
- Credit card data entered on our billing and support website (my.churchwebsupport.com) is held in server memory until securely transferred to our payment processor, after which only an identifying token is stored.
- Billing and support data is protected by a combination of in-transit and at-rest data encryption, enforced internal multi-factor authentication, rolling backups, and redundant storage.
- Client website data is protected by rolling (20 automatic and 10 manual) backups, with automatic backups made upon each republishing or major design change.
Retention of Personal Information
- Email service logs, which may include IP addresses, are retained for up to 14 days to help operate and maintain the service.
- Email service statistics for each operated domain and user (such as message, spam/virus filtering, and connection counts) are retained for up to 3 months to help guide ongoing maintenance.
- Former client billing and support data is deleted if no invoicing or transaction activity occurs for 36 months.
- Client website data is stored until deletion is requested.
Access to Personal Information
- Client data can be requested, amended and/or deleted within 30 days, upon verified request.
- Client websites, including images and files, can be exported from the website editor at any time, or upon request.
- Cookie notices are displayed as applicable to inform our and client website visitors of data collection.
- Explicit opt-in consent is used on applicable form submissions.
Disclosure of Personal Information
- Information is only ever disclosed to third parties as required by law, or to provide the above services.
Location of Personal Information
- Email services are operated and stored within the United States.
- Billing and support data is operated and stored within Canada.
- Client website data is stored globally (from distributed nature of the platform).
- May 6, 2019 — Added Definition and Disclosure sections.
- November 22, 2019 — Increased Email service logs to 14 days, added Location of Personal Information section.