Important information about how we collect and use your personal information.
WHO ARE WE?
Acts 29 is a diverse, global community of church-planting churches. We are about one thing: church planting. We exist to encourage, resource, facilitate, support, and equip churches to plant churches that will plant church-planting churches.
When we refer to “we, us or our” in this policy, we mean Acts 29 Network (a corporation registered in the US State of Washington and operated exclusively for religious purposes within the meaning of US Internal Revenue Code 501(c)(3) and its affiliates).
WHAT IS THIS POLICY ABOUT?
WHAT INFORMATION DO WE COLLECT?
We collect general data on how the website is being used using a third-party service, Google Analytics; this is anonymous and is collected using cookies.
A cookie is a text file sent from our website as soon as you visit the site. It is stored on your computer’s hard drive and helps us identify your computer (not you) and collect information in an aggregated, anonymous way.
Cookies may be used to collect information about your visit to our website, for example, traffic data (volume of people using the site), location data, dates/times of visits to the site, and pages visited.
Most browsers allow you to turn off cookies. To do this, look at the ‘help’ menu on your browser. Switching off cookies may restrict your use of the website and/or delay or affect the way in which it operates.
Cookies from Google are used to distinguish users, including the number of unique visits, remember the number and time of unique visits, and remember traffic source information.
This information is processed in such a way that it does not identify anyone. The purpose of this data is so we can get an idea of how the site is working and how we might improve it.
Visitors to our website are generally in control of any personal data shared with us. We don’t collect personal information when someone visits www.acts29.com or our other one-off event websites. We do, however, gather basic anonymous information, as stated above, to find out things such as the number of visitors to the various parts of the site or general behavior patterns such as in what order a user looked through the site. This information does not identify anyone and is used so we can get an idea of how the site is working and how we might improve it.
You can find out more about the cookies we use above.
SUBSCRIPTIONS AND CONTACT FORMS
Our website allows you to choose to connect with Acts 29 by submitting questions or subscribe to Acts 29 for updates and information.
If, as a site visitor, you choose to send an email question or comment to us, the information we will collect from the website will contain your screen name and email address and the information you choose to include in your message. We ask that you do not provide sensitive information to us when using our Acts 29 website. If you choose to provide sensitive information to us when sending general messages via the website, the act of doing so will constitute your explicit consent to that information being collected and processed in any response we subsequently make to you.
You may choose to subscribe to Acts 29 and/or an Acts 29 network in order to receive updates, prayer requests, or other information. The personal data we will collect if you choose this option may include name, address, email address, country, and church name. You will be able to unsubscribe or change your preferences if you wish each time you are contacted.
If you make a donation to Acts 29 through the website, we will collect your giver information, for example, name, address, telephone number, email address, and the type of donor you choose (giving as a guest or creating an account with us / returning donor). To process your donation, we will also collect your account details and information on tax to optimize gaining tax relief on the donations made.
We will retain personal data collected via our websites for as long as it is necessary, e.g., for as long as we have a relationship with you as an individual or you exercise your right to have your details removed.
If you subscribe to Acts 29 or choose to connect with us via the website links, we will also collect personal information such as:
- Email address;
- Your preferences on the way you receive information;
- A record of any consent you provide; and
- If you email us any information you choose to include in your message.
ASSESSMENT PROCESS AND MEMBER INFORMATION
For those who are part of Acts 29 as members, candidates, applicants, donors, or members of staff, we will collect household and church information that may include:
- Contact details (name, address, telephone, email);
- Family information (e.g., spouse);
- Financial details (e.g., bank accounts to process donations or pay salaries);
- Tax details for paying income tax or claiming tax relief; and
- Communication history.
The Assessment Process collects the same information as is collected from the Acts 29 family. In addition, personal data that is classified as sensitive under the data protection regulations is collected as part of the assessment process, including:
- Applicant views and opinions on various issues;
- Family and relationship history;
- Financial track record;
- Health and wellbeing; and
- Information from external sources (references).
Personal information provided in the assessment process is done so with the explicit consent of the data subject (‘Applicant’); once membership has been achieved, a copy of the pastor’s final assessment report is retained for three months, after which time will be deleted because it has served the purpose of assessment and integration into Acts 29.
In all of these areas, except where stated otherwise, we will keep your personal information only for as long as we consider it necessary to carry out each activity. For those who undergo the ‘potential planter’ assessment, personal contact data will be kept for up to 5 years for the purpose of helping individuals progress towards our main assessment process and the planting of a church.
We have a data retention policy to implement this and have set parameters for keeping personal data in line with the purpose for which it was collected. As we consider reasonable parameters for holding information, we take account of our legal obligations, including accounting and tax guidelines.
For example, we will retain records of donations for six years to meet tax and accounting requirements, but we will only hold details of personal accommodation and dietary requirements for the purpose of planning and running an event. This information will be deleted within six months of the event occurring.
HOW DO WE COLLECT INFORMATION FROM YOU?
Acts 29 collects information each time a person deals with our organization. For example, if you request information, sign up for an event, complete a survey, provide a comment, make a donation, or register with us to receive newsletters/updates. You may do this electronically, or you may complete a form at a conference or exhibition.
We also collect information about our Acts 29 churches and their pastors, who are members, candidates, or applicants. Personal data is collected when a person makes an initial inquiry and completes a questionnaire to determine whether they may be suited to becoming a formal applicant/candidate. This personal information is stored in a bespoke assessment application software.
Acts 29 members also participate annually in the Covenant Renewal or Covenant Update process, where they update their details, including their personal data. Information is held on our Customer Relationship Management system (CRM), which is a controlled-access database.
Personal data is also provided in relation to specific events when someone chooses to receive details or book on as a delegate or attendee.
HOW WE USE YOUR INFORMATION
We may use your information to:
- Send you information or communications which you have requested, and that may be of interest to you. These may include information about how Acts 29 is growing, stories from our church family around the world, updates on key initiatives, events, or specific campaigns.
- Let you know about other activities or updates from our gospel partnerships.
- Process a donation that you have made.
- Manage and support the Acts 29 assessment process for member pastors.
- Facilitate coaching and training opportunities for new member pastors and their churches as part of embedding in their local network and growing their churches.
- Seek your views or feedback on events or aspects of Acts 29 activities.
- Notify you of changes to events, Acts 29 policies, or processes.
WHAT DO WE DO WITH IT?
How personal data is used is influenced by the type of relationship that exists between you and Acts 29. These broad categories are set out in the section below with further information on how we process data for each:
Acts 29 community – member pastors and member churches/candidate pastors and candidate churches/applicant pastors and applicant churches
We collect personal information that helps us stay in touch with the Acts 29 community of member churches and their pastors and staff. The personal data we collect includes:
- Contact details (name, home address, telephone number, email)
- Date of birth
- Languages spoken
- Family information, for example, spouse.
- Financial information
- Events attended
- Communication history
- Notes of pastoral conversations to provide support and maintain continuity while working through an issue with a data subject
- Applicant and candidate pastors consent as part of the assessment process to provide information on beliefs, opinions, general health, and relationships. This personal data is classed in the EU as sensitive and is subject to increased security measures with access limited to relevant assessors.
- Information on progress (including fact and opinion) from others, for example, a supervisor, mentor, colleague, or another relevant person.
- Information (including fact and opinion) in relation to any investigation of complaints that may be required
- Photo and video footage of Acts 29 events (with consent)
We use personal data on the basis of legitimate purpose to:
- Maintain contact across Acts 29 organizations; contact details are held on our CRM system.
- Build relationships with applicants, candidates, member pastors, and their churches
- Communicate with individuals, groups (e.g., candidate pastors), churches, partners, and third-party vendors
- Process applications for Acts 29 membership and rigorously assess candidates for suitability to be member pastors of church-planting churches.
- Plan, facilitate and host events.
- Process transactions for events or process donations made through the site
- Develop resources and support church planting pastors and their churches
- Create podcasts, videos, etc., to share Acts 29 news and stories or for thoughts from leadership on key aspects of theology, church planting, and sharing the gospel.
- Track the progress of applicants and candidates on their journeys to becoming a member
- Provide pastoral or other support for lead pastors / their churches
- Seek donations and track financial support, which will enable more church planting and the global growth and reach of the gospel
- Maintain and use IT systems
- Administer/manage our website, systems, and application such as mail distribution
- Inform strategy and planning, e.g., monitoring age profiles of lead pastors/candidates/ applicants using aggregated data across networks
- Measure progress on Acts 29 goals such as the diversity of member churches
We retain personal data processed by Acts 29 for as long as it is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).
In the absence of specific legal regulatory or contractual requirements, our indicative baseline retention periods are:
- Contact details are maintained in line with the continuing relationship between us.
- Assessment details retained throughout the period of assessment and erasure after three months of becoming a member or five years after registering as a potential church planter and having not progressed this intention.
- Event details for three months after the event concludes
ACTS 29 DONORS
We collect personal data from our donors for the legitimate purpose of processing the generous giving that enables Act 29 to facilitate the planting of churches and support gospel initiatives in different parts of the world.
The personal data collected includes:
- Contact details (name, home address, telephone number, email)
- Financial details – bank account/ credit card and references for processing tax in relation to donations
We use donors’ personal information to:
- Process donations made and provide receipts for tax relief.
- Seek donations and track financial support, which will enable more church planting and the global growth and reach of the gospel
- Keep donors informed of the growth, successes, and needs of Acts 29
We use the Generosity platform by LifeWay to collect and process donations; this application is provided by LifeWay and iDonate, who act as a donation and payment service provider. iDonate uses various techniques to identify users when they register on the site, which may include checking against third-party databases for identity verification. The servers for iDonate are based in the US and are protected by physical and technological security devices. Users to the site must use a login and password; in addition, security questions/answers are taken in the event a user forgets their password. Users who set up an account to manage their giving do so under the iDonate Terms and Conditions.
Our retention periods for personal information are aligned with the legal, regulatory and fiscal time frames for the donor’s country of tax liability.
We collect personal data when a person gets in touch with us with a question, complaint, comment, or feedback (such as name, contact details, and contents of the communication). In these cases, the individual is in control of the personal data shared with us, and we will only use the data for the purpose of responding to the communication.
WHO DO WE SHARE INFORMATION WITH?
We will never sell your data to another party or share your data with third parties for marketing purposes.
We use third-party providers to work on our behalf supporting activities such as sending out mailings, organizing events, and processing payments or donations.
When we use third-party service providers, we disclose only the personal information that is necessary to deliver the service. We have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
In circumstances where we share your information with a third-party providing a service to you and where they may be acting as a data controller, we advise that you review their privacy policies.
An example of this would be a hotel being used for an Acts 29 event; the relevant third-party will use your details to provide you with information to carry out their obligations in relation to any contracts you have entered into with them (for example, a reservation for your accommodation and to provide you with what you require during your stay).
We have strategic partnerships with whom we collaborate to build God’s kingdom and extend the reach of the gospel. Where we are working on projects with a partner and are linking up with parts of the Acts 29 family to do so, contact details and information on related member pastors/churches may be shared with our partners.
We may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. We may do so when: (1) permitted or required by law; or (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or (3) investigating fraud that has already taken place. The information is not provided to these companies for marketing purposes.
We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do not make and do not allow Google to make any attempt to find out the identities of those visiting our website.
We utilize Google’s services to receive and send emails and to store and access data (the G Suite). Details around Google’s compliance to GDPR can be found here. These security precautions are combined with internal policies to ensure data is protected (e.g., the implementation of 2FA, password policies, etc.).
We use a third-party service, JotForm, to provide us with customizable forms. Any information you enter onto an Acts 29 form is stored on the JotForm website before being emailed to an Acts 29 email address, which uses a third-party service, G Suite by Google. The forms we use may be a booking form for an event, a survey, questionnaire, or quiz. If we want to collect personally identifiable information through our web forms, we will be up-front. We will make it clear when we collect personal information and will explain what we intend to do with it. JotForm’s data security approach is described here.
Email and E-newsletter/ updates
We use a third-party provider, Virtuous, to deliver regular updates and communications about events or new specific initiatives. We gather statistics around email opening and clicks, using industry-standard technologies to help us monitor and improve our e-newsletter. All recipients will be given a simple option to unsubscribe, found at the bottom of all our emails.
Acts 29 Global Partnerships
Acts 29 is a US organization with global partners who, by contractual agreement, represent the work of Acts 29 in their respective regions and jurisdictions. To the extent it is necessary to share information with these partners to provide the services request, we will provide that information to the appropriate organization to provide those services.
We operate on Facebook, Twitter, Instagram, and LinkedIn. If you send us a private or direct message via social media, the message will be stored according to their standard terms. It will not be shared with any other organizations.
People who call us
When you call Acts 29, we may collect personal information. We use this information to help us answer your query and to improve our efficiency and effectiveness.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with our office policy. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
We use Eventbrite, a platform that facilitates organizing events from invitations to registration and accommodation. Events can be customized and delegates’ registration and payment details captured. Their security approach is described here.
Other software platforms used to facilitate payments for events; include Stripe and Paypal; their approach to privacy and security for account holders and customers is described on their respective sites.
Customer Relationship Management
We use a CRM and marketing platform called Salesforce.org, which has been designed to be used by not-for-profit organizations. The system enables us to capture our Acts 29 family, donors, and supporters’ contact details and communication history.
HOW AND WHERE WE STORE YOUR INFORMATION
We are committed to holding your personal data securely; your information may be stored digitally (held on servers or computers) or, in some areas, hard copy (paper-based).
The security controls we have in place, which combine both technical and physical measures to protect any personal data you provide, include:
- Access to systems for Acts 29 teams is through secure, encrypted logins and network/access level controls to ensure that data is accessible only to relevant team members.
- Sensitive information is held in password-protected files.
- Third parties must use secure servers.
- Encrypted sending and receiving of personal data.
- Locked cabinets in locked offices where personal data is stored in hard copy.
- Clear desk policies for personal data in hard copy format.
- Screen locks and password-protected PCs and laptops.
We are committed to ensuring that personal data is held in compliance with European data protection regulations. We take all reasonable steps to ensure that your data is stored and processed securely. We use cloud-based systems to process data that are based in the USA and where data may be stored in other countries. By submitting your personal data, you agree to this transfer, storing, and processing of your information.
The General Data Protection Regulation (GDPR) was put into place by the European Union in May 2018. This gives EU citizens more control, choices, and rights over how their data is used and puts forth guidelines for the collection and processing of data for businesses. The third-party vendors that Acts 29 uses are in compliance with this law. If you would like to request that your information be updated, corrected, or deleted, please contact us at firstname.lastname@example.org.
In line with data privacy regulations in the European Union (EU), we want to let you know:
- What information we may collect about you;
- What we use your personal information for;
- How we store your personal information;
- Who (if anyone) we pass your information on to and for what purpose;
- How you can raise any concerns about the accuracy, processing, or use of your personal information.
EU CITIZEN RIGHTS WITH PERSONAL DATA
Unless subject to an exemption under the GDPR, EU citizens have specific rights in relation to personal data:
- Access – you have the right to receive confirmation that your data is being processed and to have access to it. You can make a Subject Access Request if you wish to get a copy of your personal data.
- Accuracy – Personal data can be rectified if it is inaccurate, incomplete, or out of date.
- Erasure – you may request for your personal data to be erased if it is no longer necessary for Acts 29 to retain your information, if you withdraw your consent, if there is no overriding legitimate interest to continue processing it, or your data has been processed unlawfully.
- You may request a restriction is placed on further processing where there is a dispute in relation to the accuracy or processing of your personal data.
- You have the right to data portability in some circumstances. This enables you to move, copy or transfer your data from one IT environment to another securely and without affecting its usability.
- You have the right to object to processing based on legitimate interests or direct marketing.
- You have the right to object to your personal data being used for automated decision-making and profiling, i.e., where decisions are being made solely by automated means and without any human involvement.
YOUR CHOICES AND TELLING US WHEN THINGS CHANGE
You can change your preferences about what you receive from us at any time. This can be done by using the update preferences option in the communications you receive from us or by emailing email@example.com. Or, if you prefer, you can write to firstname.lastname@example.org or to our postal address in Binzen, Germany (see Questions or Complaints section).
UPDATING YOUR DETAILS
We do appreciate it if you keep your details up to date. You can do so in the same way as updating your preferences, or if you are a member pastor, candidate, or applicant, you can log into the assessment app and update your profile.
TELLING US TO STOP PROCESSING
You have the right to ask us to erase your personal data, restrict our processing, or object to our processing of your personal data, so long as the lawful purpose for processing is not for a statutory reason. You can do so at any time by writing to us at email@example.com.
ACCESS TO PERSONAL INFORMATION
We aim to be as open as possible in terms of giving you access to your personal information.
Individuals who are EU citizens can find out if we hold any personal information by making a ‘subject access request’ under the data protection regulations. If we do hold information about you, we will:
- Give you a description of it.
- Tell you why we are using it.
- Tell you who has access to it.
- Provide you with a copy of it in an accessible form.
To make a subject access request to Acts 29 for any personal information we may hold, you need to put the request in writing to firstname.lastname@example.org.
Further Information about how we will handle subject access requests can be found here.
All articles and posts on the Acts 29 website are copyrighted. For permission to reprint or crosspost articles from the Acts 29 blog, contact email@example.com. When reprinting content, please attribute the content to the appropriate author. The reprint should also include the following note with the link to the original post: The following content was originally published on Acts 29’s website, linked here:
QUESTIONS OR CONCERNS
Acts 29 strives to meet a high standard when collecting, storing, and using personal information. For this reason, we take any concerns or complaints we receive about this very seriously.
If you have any queries about your personal data and how we are processing it, we are happy to provide additional information or explanation.
We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures.
Please send any queries, suggestions, or complaints to firstname.lastname@example.org.
Alternatively, you can write to:
Data Protection Officer – Acts 29
79589 Binzen, Germany
DISCLOSURE OF PERSONAL INFORMATION
We will never disclose personal data without consent, except where required by law.
16 OR UNDER
We are concerned about protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ you must get your parent/guardian’s permission before providing us with personal information.
LINKS TO OTHER WEBSITES
HOW TO CONTACT US
Gary Cousins, Data Protection Officer – Acts 29
79589 Binzen, Germany
Terms and Conditions
You agree that your use of the Web site is subject to these Terms and Conditions. These Terms and Conditions may be modified at any time and from time to time; the date of the most recent changes or revisions will appear on this page. Continued access to the Web site by you will constitute your acceptance of any changes or revisions to the Agreement. If you do not agree with the Terms and Conditions, please do not use this website.
The materials contained on the website are provided by Acts 29 as a service to you for your use on an “as is, as available” basis. You acknowledge that you are using the website at your own risk. Acts 29 assumes no responsibility for errors or omissions in these materials. Acts 29 makes no commitment to update the information contained herein. Acts 29 makes no, and expressly disclaims any and all, representations or warranties, expressed or implied, regarding the web site, including without limitation the accuracy, completeness, or reliability of text, graphics, links, products and services, and other items accessed from or via the Web site, or that the Web site will be uninterrupted, error-free, or free of viruses or other harmful components. No advice or information given by Acts 29 or any other party on the website shall create any warranty or liability.
Last Updated: July 26, 2022