Last Updated on September 30, 2021
- "Your Data" means information, images, data, text, messages or other materials made available, collected, or stored by You as a user of the Service, other than Content, Registration Information, Customer Service Communications, or Log Information.
- “Personal Data” means any information that We possess that can be used to distinguish or trace the identity of a Service user.
1. What information do We collect?
In order to provide You with access to the Service, We may gather and process some or all of the following information. Any of this collected information may include Personal Data.
Registration Information: any information provided when voluntarily registering for use of the Service, including, but not limited to, username, password, and email address.
Payment Information: any information provided when subscribing to the Service in order to execute automatic payment transactions with Your credit card.
Your Data: any text, information, data, or other materials made available, collected, or stored in the Service by You as a user of the Service, other than Registration Information, Customer Service Communications, or Navigation and Analytics Information.
Customer Service Communications: any information that is reported to Us about the operation of the Service, including bug reports or requests for enhancements.
Audit Logs and Aggregate Data: The Service collects information that helps Us to provide You with a better and more reliable service. This information includes Audit Logs that record basic information about Your interactions with the Service. These Audit Logs include the following information:
- Timestamp of request
- Session ID (transitory)
- Email address
- Location — the URL of the location on the Service that is being accessed
- Action taken — this does not include the details of the action, just the nature of the action taken. For example: that a search was performed or a citation was added to a list. Specific details about what was searched or to which list the citation was added is not captured in these logs.
- Time action took to execute
- Error code
- IP address
- Browser data:
- User Agent
- Referer – what site You previously came from
- Type of browser
- Name of browser
- Family of browser
- Company — browser maker (i.e. Google, Apple, etc.)
- Operating System (OS)
- OS Family
- OS Company
If You opt in, We also collect Aggregate Data through Performance Cookies, using a third-party analytics service to help us improve the Service. This data includes:
- Search history including keywords used, citations looked up, and which search results were clicked on
- Use of the dynamic table of contents and indexes
- Hymns played
- Citations added to a list, including list name
- Citations copied to clipboard
- Number of visits to each area of the site
- Timing information including login/logout timestamps, how long between actions taken, time per visit
- Cross-product information
- IP Address
- Geographical information
- Browser information
- Mobile device data including carrier, device, manufacturer
- Many others….
We will not collect Aggregate Data (through Performance Cookies) unless You opt in.
2. How do We use this information and for what purpose?
- Provide the Service and customer support.
- Verify Your identity.
- Troubleshoot problems.
- Enforce Our Terms of Service or resolve disputes.
- Notify You about changes and updates to the Service.
- Where You expressly opt in to receiving Our messages, We may email You targeted marketing and promotional offers from the Office of the Publisher’s Agent (OPA), Mary Baker Eddy’s Writings, TFCCS and CSPS. You may change Your preferences or unsubscribe from these email messages through the link provided in such communications.
We may also need to request specific information from You to help Us confirm Your identity and ensure Your right to access your Personal Data (or to exercise any of Your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
Additionally, We may use Your information as described below.
We ask for Registration Information in order to verify Your identity and to enable Your use of the Service.
We use Your email address as Your username for the Service which is required for You to store your lists and notes in the Service. We respect the privacy of personal e-mail accounts, and We will store Your e-mail address just as securely as Your other data and Personal Data. Your Registration Information will not be passed to unaffiliated third parties for their marketing purposes. We will use Your e-mail address to send You messages about:
- Issues with the Service or Your account
- News about the Service
- If You opt in, other products the Office of the Publisher’s Agent offers. You may opt-out of receiving promotional email messages from the Office of the Publisher’s Agent through the link provided in such communications.
- Any claims related to Your use of the Service, like violating the Terms or infringing third-party rights
For payment transactions, We use third-party banking organizations and other providers of payment services. These services will collect necessary payment processing information in order to process Your payments. You are providing the necessary payment processing information directly to such provider(s).
Your Data, such as lists, notes, and search history stored in the Service, is treated as private information. We take the privacy of the data You store in the Service seriously. We have implemented a number of security, policy, and procedural protections to protect Your Data from unauthorized access. (You can read more about those protections here: Concord Security and Strong Password).
We will not access Your Data unless: a) if in the course of providing support to Your account, You explicitly grant Us permission to access Your account; b) We are required to by law; c) We need to review the contents of Your account in response to a legal action involving Your specific account. In these circumstances, We may be required to disclose and/or destroy any or all of Your Data from the Service. And We will destroy any copies of Your Data once those copies are no longer needed for the stated purpose.
In order to improve the quality of the Service, We invite subscribers to opt-in to data analytics or the use of Performance Cookies (see Cookie Settings). Data analytics is used by Us to make the Service easier to use. By analyzing feature usage We can identify areas of the Service that need improvement. The analytics are necessary for Us to gain this insight. However, if You opt-in, some of Your Data will be captured in Our analytics tool, but in a form that is highly summarized and often very difficult to associate back to a specific user. It is Our policy not to use this analytics data to identify specific users. If You are concerned about Our analytics tool collecting and analyzing Your Data, please do not opt-in.
Although We treat Your Data as private, the Service should not be used by You to store regulated data, such as Your or another’s Personal Data, health information, or financial information, and You should not submit such data to the Service.
We strongly discourage Christian Science practitioners and nurses from storing patient information in the Service.
Customer Service Communications
Information, which is voluntarily submitted in the course of support or via feedback, is used for the purposes of reviewing this feedback and improving the Service. On occasion We may reach out to You to request using Your feedback in marketing the product on Our website or in other communications. We will not share Your feedback without Your permission, and You may request that We anonymize the feedback. Further, We may from time to time ask You to provide information on Your experiences, which will be used to measure and improve quality. You are at no time under any obligation to provide such information. Where You provide it, We may use Your contact information to communicate with You about Your feedback. Otherwise, We will not use Personal Data from Your feedback without Your explicit permission.
Audit Log and Aggregate Data
We use Audit Log data to monitor the performance and successful operation of the Service. We may use Audit Logs to troubleshoot issues that arise with the Service. Due to the size of these logs and Our desire to only hold on to data for the length of time it is useful, We only keep these logs for 14 days. Any Audit Log information We retain beyond those 14 days is kept in summary form for statistical purposes and it is not associated with individual users. You are not able to opt-out of the collection of Audit Log information.
List Sharing Function
Concord paid subscribers can use the “Send List” feature within a Concord list to create and send a “point in time” copy of that list to one or more recipients through email. Concord can email a list to up to 10 recipients, or the sender can generate a URL for the list, which can then be shared via text, apps, email, or websites. The shared list may include citations, links, notes, minimal formatting, but images will be automatically excluded from any list shared. If the sender makes further edits to a list they have previously shared, those edits will not automatically be shared with the recipient(s). The sender would need to re-share that updated list with the recipient(s). The recipient of the shared list is able to import the list into Concord Guest Access or their Concord account. Changing or modifying the imported list will not have any bearing on the sender’s original list.
The data you share with this function is created in a list independent of your account holding Your Data. Any data you have included in or as part of this shared list becomes viewable to anyone with whom you’ve shared it and, therefore, this copy of the data is therefore not protected by the system as described above.
3. To whom do We disclose Your Personal Data?
We will not sell, rent, or trade to any third party Your Data or any of the Personal Data collected in Registration Data, Payment Data, Your Data, Customer Service Communications, Audit Logs and Aggregate Data.
We will only disclose Your Data or Personal Data:
- to Our service providers in order to provide You the Service, or
- as directed by You when you use the “Send List” feature within Concord to share a specific list, or
- to law enforcement or government authorities to satisfy any applicable law, regulation, legal process, or enforceable governmental request or in the event We need to respond to a legal action involving Your specific account.
Your credit card information is handled by a third-party payment processor. TFCCS does not have access to Your payment information. Our payment processors comply with all regulations regarding the handling of Your payment information.
Information collected by Us may be stored and processed in any country in which We and Our service providers maintain facilities. By using the Service, You consent to the transfer of information outside the country where You reside and/or from which You use the Service.
4. How do We protect Your Data and Personal Data?
Although We encrypt Your Data and password and encrypt the traffic between Our servers and Your browser, You should be aware that Internet communications are not always secure. Please consider this as You enter Your Data into the Service.
Also, keep in mind that Our security measures may be rendered ineffective if You fail to maintain the confidentiality of Your username and password. By using the Service, You accept full responsibility for any harm resulting from Your failure to maintain such confidentiality.
5. How long is Your Data and Personal Data kept by Us?
We will retain Your information for as long as is necessary to:
- Provide the use of the Service
- Communicate with You regarding the Service or other services that We offer
- Comply with applicable laws, regulatory requests, and orders from competent authorities
- Enforce Our Terms
We store Your Registration Data for as long as You have an account with the Service. To remove Your Registration Data, along with Your Data, use the Delete Account function in the Service. Be aware that using the Delete Account function is permanent and Your Registration Data and Your Data cannot be recovered.
We store Your Payment Data with Our service providers as long as You have an account with the Service.
We will store Your Data as long as You have an active subscription to the Service. If you cancel your subscription, We will store Your Data for up to a full calendar year from the time You last accessed your account. If you do not log into your account for twelve months after cancellation, We may delete Your Data at our discretion without notice. At any time, You may delete Your Data by using the Delete Account function in the Service. Be aware that using the Delete Account function is permanent and your Registration Data and Your Data cannot be recovered.
Customer Service Communications
Your Customer Service Communications may be stored indefinitely by the Service or Our service providers.
Audit Logs and Aggregate Data
Audit Log data is automatically deleted after 14 days.
Aggregate Data is stored indefinitely by the Service or our service providers.
In addition to cookies, the Service also uses local browser storage. This storage is used to keep track of reading position within the book text. This data allows a user to close their browser, open it later, and return to the exact same position in the book text.
- bookScrollPosition (segment) – scroll location within a book segment
- closestLineOrVerse – stores the closest line or verse in that segment
- currentCitation – stores the citation of the current selected text
- segmentNumber – stores the current segment number ucname – stores the encoded name of the book
We also may include web beacons in email messages or newsletters to determine whether You opened them. Web beacons allow Us to understand the time and date of when You have opened an email and when You have utilized a link within the email to visit a website. Our web beacons do not collect Personal Data. If You wish to disable web beacons, You should do so by turning images "off" in Your email client. Please see Your email client for more information.
7. How far does Our responsibility extend?
8. Users from outside the United States
The Service does not knowingly collect Your Data and Personal Data from children under the age of 16 without parental consent. During registration We ask users whether they are under the age of 16. We request this information in order to comply with various international privacy and protection regulations. Users younger than 16 will be required to provide contact information for a parent or guardian and will not be granted access to the Service until the parent or guardian provides consent. To consent to the processing of children’s data, parents or guardians will be asked to: a) verify that they are a legal parent or guardian of the account holder; b) consent to the account holder’s use of the Service and the collection of the account holder’s Personal Data for registration purposes; c) consent (opt in) to having account holder data being included in Aggregate Data; d) consent (opt in) to receiving targeted marketing and promotional offers from OPA, TFCCS, or CSPS. Steps a) and b) are required in order to use the Service. Steps c) and d) are optional, though helpful to the Service. If the parent or guardian consents, the account holder will be granted access, and the Service will store the date of consent, the parent or guardian’s email address, the terms of consent, and the parent or guardian’s opt-in choices made regarding data collection. If it is learned that any of the above information has been collected without parental consent, that information will be deleted from the Service’s database as quickly as practical or the child’s parent or guardian will be contacted for consent. Parents or guardians may request the termination of their children’s registrations or subscriptions at any time.
We recommend minors ask a parent for permission before sending personal information over the Internet. We encourage parents to teach their children about safe Internet practices and to be involved in their children’s online activities.
If You are a parent and have questions about such information, email Us at email@example.com or call 617-450-2700.
10. California Do Not Track (DNT) Disclosure
The Service responds to DNT signals. DNT differs from cookies. For more information about DNT, go to https://allaboutdnt.com/. For information about cookies, please see the section above on “What are cookies and related electronic technologies, and how do We use them?”
11. No rights of third parties
13. What rights do You have and how can You contact Us?
If You would like to exercise Your right to view, correct, complete, or remove Your Personal Data, please contact Us at firstname.lastname@example.org. Upon verification of Your identity, We will attempt to quickly fulfill Your request.