Last updated October 1, 2020
Data processed by Planning Center can be classified in two ways:
- Data that has been collected by us for our own purposes; and
- Data collected by our users and used for their purposes. For example, your church may collect data about you and use this data to communicate with you.
This policy specifically covers data that is collected by us. We are not responsible for, nor do we have control over, the use of data that is collected by users of Planning Center.
Information about the privacy and security of our customer’s data is available here.
When you sign up for Planning Center, we ask you to provide us with the following personal data:
- The name of the Organization (i.e., Church) you are affiliated with
- Your email address
- Your first name and last name
- Cookies and Usage Data (discussed below)
We use this information for creating and administering your account. We also may use this information to contact you and send you newsletters, marketing or promotional materials, or other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by clicking on the unsubscribe link in the emails, or by contacting our support team at firstname.lastname@example.org.
Automatically while you are using Planning Center
We also automatically collect information on how Planning Center is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages that you use/visit, the time and date of your visit or use, the time spent on those pages or features of Planning Center, unique device identifiers and other diagnostic data. We use this data to analyze Planning Center’s performance and make our services more effective.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze Planning Center.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of Planning Center.
Examples of Cookies we use:
- Essential Cookies: These cookies are essential to provide you with Planning Center. For example, they allow you to log in.
- Functionality Cookies: These cookies allow us to remember choices you make, or to provide certain features, such as enabling videos from third parties.
Analytics and Performance Cookies: These cookies are used to collect information about traffic to our Services and how users use our Services.
Advertising and Targeting Cookies: These cookies are used to deliver advertisements more relevant to you and your interests. They remember that you have visited a website and this information is shared with other organizations such as advertisers.
Google Ads. We also use Google Ads to deliver tailored advertising on our Sites and other websites that you may visit.
Where offered by Google, we have enabled restricted data processing for users in California. This means that certain features will be unavailable to us, such as adding users to remarketing lists, adding users to similar audience remarketing seed lists, and related functionality.
All users may learn more about how to control advertising cookies by visiting the Network Advertising Initiative’s Consumer Opt-Out link, the DAA’s Consumer Opt-Out link for browsers, or the DAA’s opt-out link for mobile devices. Please note that electing to opt-out will not stop advertising from appearing in your browser or applications and may make the ads you see less relevant to your interests.
When you choose to provide us with information
You may choose to provide us with personal information while interacting with us in various ways. For example, when you submit a request for help. This information is only used for the purposes for which it was provided.
We use collected information for the following general purposes:
- To provide and maintain Planning Center
- To notify you about changes to Planning Center
- To allow you to participate in features of Planning Center
- To provide customer support
- To gather analysis or valuable information so that we can improve Planning Center
- To detect, prevent and address technical issues
- For billing purposes
- To identify and authenticate users
- To prevent fraud and spam
- To provide you with products or services you have requested, such as newsletters
- To communicate special offers and information that we think may be of interest to you, such as an offer for a free trial to a new feature of Planning Center
We do not sell your personal data to others.
We share information with third parties who provide services on our behalf to help with our business activities and to provide Planning Center. These companies are authorized to use your personal information only for the sole purpose of providing services to us. These services include:
- Fulfilling orders
- Processing payments
- Providing customer service
- Sending marketing communications
- Fulfilling subscription services
- Conducting product research and analysis
- Providing and maintaining a cloud computing environment
- Fixing bugs
We use third-parties to monitor and analyze the use of Planning Center. However, these services are configured in such a way that the third parties are not allowed to use your activity for their own purposes, such as personalizing ads on other websites.
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. You can read more about our security practices here. If you have any questions about the security of your personal information, you can contact us at email@example.com.
If a breach of data occurs within Planning Center, we will inform you via a notification posted within Planning Center and via email at your last listed email address within 30 business days of discovering the breach. By using Planning Center, you acknowledge and agree that we may send you electronic notifications via email instead of notifications by mail. If you would still like to receive notifications by mail, you can let us know by contacting us at firstname.lastname@example.org or (866) 726-2730.
Disclosure for Law Enforcement
Under certain circumstances, we may be required to disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
We may disclose your personal data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of our company
- To prevent or investigate possible wrongdoing in connection with Planning Center
- To protect the personal safety of users of Planning Center or the public
- To protect against legal liability
Upon request, we will provide you with information about your personal data (such as the categories of personal information that we have collected about you, the specific pieces of personal data that we have collected about you, and the categories of sources from which your personal information is collected). You may request access, correct, request the deletion of, or object to our use of your personal information by contacting us at email@example.com or calling us at (866) 726-2730. If you email us, please include “Personal Data Inquiry” as the subject line. Please note that we may ask you to verify your identity before responding to such requests. We will respond to your request within a reasonable timeframe and as set forth by the applicable laws.
We have listed the privacy rights for several jurisdictions below, but we understand you may have additional rights in your jurisdiction. You may contact us directly at any time about exercising your data protection rights. We will consider your request in accordance with applicable laws.
In certain circumstances, we may be required by law to keep your personal information, or we may need to retain your personal information in order to continue providing Planning Center. Please note that we can only provide you with information about your personal data that we collect and use. We do not have control over, or information about, your personal data that other users collect or use.
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete or limit the use of your personal data. If you wish to be informed about what personal data we hold about you and if you want it to be removed from our systems, please contact us at firstname.lastname@example.org or at (866) 726-2730. If you email us, please include “Personal Data Inquiry” as the subject line.
In certain circumstances, you have the following data protection rights:
- The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your personal data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
- The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
- The right to object. You have the right to object to our processing of your personal data.
- The right of restriction. You have the right to request that we restrict the processing of your personal information.
- The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
- The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.
Please note that we may ask you to verify your identity before responding to such requests.
If we don’t resolve your concern in a reasonable time frame, you have the right to lodge a complaint with your local supervisory authorities.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
Your Data Protection Rights under the California Consumer Privacy Act (CCPA)
If you are a California consumer, you have the following rights under the CCPA:
- The right to know what personal information is being collected about you.
- The right to know whether your personal information is sold or disclosed and to whom.
- The right to say no to the sale of personal information.
- The right to access your personal information.
- The right, in certain circumstances, to delete the information you have provided to us.
- The right to equal service and price, even if you exercise your privacy rights.
Request for Information and Deletion (CCPA). California consumers have the right to request, up to twice in a 12-month period, that a business that collects personal information about the consumer disclose to the consumer the information listed below for the preceding 12 months. We have the right to request verification of your identity for all requests for information.
- (1) The categories of personal information it has collected about that consumer.
- (2) The categories of sources from which the personal information is collected.
- (3) The business or commercial purpose for collecting or selling personal information.
- (4) The categories of third parties with whom the business shares personal information.
- (5) The categories of personal information that the business sold about the consumer and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold.
- (6) The categories of personal information that the business disclosed about the consumer for a business purpose.
- (7) The specific pieces of personal information it has collected about that consumer.
Do Not Sell My Personal Information (CCPA). California consumers have the right to opt out of the sale of the consumer’s personal information. We do not sell your personal information to third parties.
We may process your personal data because:
- We need to perform a contract with you
- You have given us permission to do so
- The processing is in our legitimate interests and it is not overridden by your rights
- To comply with the law
We participate in and are certified in compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from the Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Frameworks, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List.
Please note that the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-U.S. Privacy Shield Framework is no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States. For more information, please refer to the FTC's FAQs.
We will continue to abide by our Privacy Shield commitments in accordance with FTC requirements. In addition, where required by applicable EU law, we will rely on alternative mechanisms for transferring personal data from the European Union to the United States. This includes explicit consent, performance of our contract obligations, and standard contractual clauses (when we act as a processor or service provider to churches). You can request to add a Data Processing Addendum (DPA) to any existing service agreement with us here.
We are responsible for the processing of personal data we receive, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at email@example.com.
We have further committed to refer unresolved Privacy Shield complaints to ICDR-AAA, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit this link for more information or to file a complaint. The services of ICDR-AAA are provided at no cost to you.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Your information, including personal data, may be transferred to - and maintained on - computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and process it there. You can request to enter a Data Processing Addendum (DPA) to any existing service agreement with us here.
We do not support Do Not Track ("DNT"). Do Not Track is a preference you can set in some web browsers to inform websites that you do not want to be tracked.
We do not knowingly collect information from anyone under the age of 13. In order to use Planning Center, you must be old enough to consent to the collection of your personal data in your country.