Privacy, Data Protection and Security

Commitments to customers

  • How customer information is collected and used
    We collect information about your parish, the primary billing and general contact person for our company billing and contact information. We may use information we collect about you to:
    • Administer your account
    • Provide you access to tools and services
    • Respond to your inquires and send you administrative communications
    • Obtain your feedback on our site and offerings
    • Statistically analyze user behavior activity
  • How customer information is shared
    We do not share, sell or provide in any manner or form any information regarding your parish, your users or your parishioners
  • How customer account activity is tracked
    Each user you have granted access to view your portal in our system has a registered first name, last name and email address. These are used to track:
    • Login activity
    • Transaction activity: Any record accessed, updated or saved will be time stamped with the users name for auditing purposes
  • How customer information is provided to third parties
    We do not provide any customer information to any third parties
  • PCI Compliance
    Your account with us, our website and servers are PCI compliant. No financial transaction data containing credit card information, DOB or bank information is transmitted through our systems, nor is it stored on our system, nor can it be accessed through our system. Any financial data is encrypted, managed and transacted through a third party whose servers are unrelated and detached from our environment.
  • Data protection and security
    • Control over our AWS account and server management is protected by two-factor authentication
    • SSH and FTP access only provided to authorized personnel and restricted to individual website areas
    • Servers are backup daily (incremental) and weekly (full) on multiple RAID disks spanning two data centers
    • Backups are kept for 30 days
    • We use multiple firewall levels with access controls - one for our AWS networks and on each server.
    • Our servers are RAID protected and encrypted
    • For additional AWS compliance items, please see: https://aws.amazon.com/compliance/data-center/data-centers/
  • Customer Data Retention
    Closing your account. If you wish to close your account (end subscription), please visit your account and select "Export Data" from your "Tools" menu. Here you have the ability to extract all the data in your account. We will close your account and remove any ability to login as well as the associated user names and passwords.
  • Company contact information for customers with questions about privacy
    Any questions regarding privacy may be directed to: info@massintentionsonline.com