Privacy Notice

Last Updated: April 18, 2026

This Privacy Notice explains how Connection Card, Inc. ("Connection Card," "we," "our," or "us") collects, uses, discloses, stores, and protects personal information in connection with Connection Card Pro, our websites, mobile apps, hosted pages, and related services (collectively, the "Services").

Connection Card, Inc.
1500 N Grant St # 5195
Denver, CO 80203
Privacy Contact:

1. Scope of This Privacy Notice

This Privacy Notice applies to personal information that we collect and process:

• when you visit our websites or interact with publicly available pages hosted through the Services;
• when you request information, schedule a demo, contact us, subscribe, or create an account;
• when an organization uses Connection Card Pro to manage its people, events, forms, registrations, communications, giving, check-ins, or related activities; and
• when end users interact with forms, event registrations, digital guest cards, giving pages, personal hub access, or other pages hosted through the Services on behalf of one of our customer organizations.

This Privacy Notice does not govern the privacy practices of the individual organizations that use Connection Card Pro. Those organizations are responsible for their own notices, policies, and legal obligations regarding the personal information they collect, control, and use.

2. Our Role

Depending on the context, Connection Card may act in different roles:

• For our own business operations — such as our website, sales, billing, support, account administration, security, and fraud prevention — we generally act as the business, controller, or equivalent role under applicable law.
• For customer-submitted data — such as member records, visitor records, event registrations, form submissions, giving records, check-ins, and similar data submitted to or through the Services by a customer organization — we generally act as a service provider, processor, or operator on behalf of that customer organization.

If you are an end user interacting with a page, form, event, or account provided by one of our customer organizations, that organization typically controls the personal information collected for that purpose.

3. Personal Information We Collect

A. Information you provide directly to us

• name, organization name, title or role, email address, mailing address, phone number, and other contact details;
• account registration and login information;
• billing, subscription, and transaction-related information;
• support inquiries, chat messages, emails, feedback, testimonials, and other communications you send to us;
• organization profile details and content you choose to make public through the Services; and
• other information you submit through our websites, apps, or Services.

B. Information collected on behalf of our customers

Customer organizations may use the Services to collect or store personal information about their members, visitors, guests, donors, registrants, volunteers, leaders, staff, applicants, or other contacts. Depending on how the Services are used, this may include:

• name, contact information, household or family information, and profile details;
• attendance, check-in, participation, communication, and engagement records;
• event registration details, submissions, survey responses, guest card responses, and other form data;
• donation, pledge, recurring gift, payment, and transaction-related information;
• information included in notes, prayer requests, care records, or other customer-entered content;
• login credentials and account information for personal hub or similar end-user access; and
• other information that the customer organization chooses to collect or upload through the Services.

C. Information collected automatically

• IP address, approximate location derived from IP, browser type, device type, operating system, referring pages, and similar technical information;
• usage, activity, and log information relating to websites, apps, pages, forms, and accounts;
• security, fraud prevention, abuse detection, troubleshooting, and diagnostic information; and
• cookie, session, and similar technology data as described below.

D. Payment and fraud-related information

When payments or donations are made through the Services, payment card and payment account data is generally processed by our third-party payment processors and gateways, not stored by us in full. We may receive and store limited payment-related information such as transaction identifiers, card brand, partial card details, billing status, chargeback information, and fraud-prevention or risk signals.

E. Sensitive information

Because our Services are used by churches, ministries, camps, and other organizations, personal information processed through the Services may in some cases include information that is considered sensitive under certain laws, such as information relating to religious affiliation or beliefs, health-related information, or information about minors. Where we process such information on behalf of a customer organization, we do so only to provide the Services and in accordance with our agreements with that customer.

F. Kiosk and Check-in Station Geolocation Data

When an authorized administrative user or other permitted user sets up a check-in station through a web browser, the Connection Card Pro iPad Check-In app, or another supported check-in station interface, the Services may request access to the location of the device being used for that check-in station. If location access is allowed through the browser, device, operating system, or app permission prompt, Connection Card Pro may collect and store geolocation data for that device, including latitude, longitude, and related accuracy or device-provided location information.

This check-in station geolocation data is collected only when setting up or operating a check-in station. It is used to help the customer organization identify and verify where the check-in station was set up, support attendance integrity, assist with security and audit records, prevent unauthorized or unexpected check-in station use, and troubleshoot check-in activity.

Attendance records created during a check-in session may include or be associated with the geolocation data collected for the check-in station used during that session. This means that an attendance record may show or be linked to the location of the check-in station used to record that attendance. This location data reflects the device or station used for check-in; it is not used to continuously track attendees, members, children, volunteers, staff, administrators, or other individuals.

Connection Card Pro does not collect or store browser-provided geolocation coordinates for ordinary website visitors, Personal Hub users, form users, event registrants, donors, or administrative users unless they are setting up or operating a check-in station and location access is requested and allowed. Connection Card Pro also does not collect or store geolocation data through the Connection Card Pro mobile app for ordinary mobile app use, and does not collect or store geolocation data when administrative users record attendance through administrative attendance tools outside of a check-in station.

Connection Card Pro may also collect and store geolocation data through the Sign Up Kiosk app when a customer organization uses that app to collect sign-ups, forms, guest information, or similar submissions from a kiosk device. If location access is allowed through the device, operating system, or app permission prompt, the Sign Up Kiosk app may collect and store latitude, longitude, and related device-provided location information for the kiosk device. This information is used to help verify that submissions are being collected from an authorized or expected kiosk location, support submission integrity, assist with security and audit records, prevent unauthorized or unexpected kiosk use, and troubleshoot kiosk activity.

Browser or device geolocation data collected for check-in stations or Sign Up Kiosk devices is not used for advertising, targeted marketing, profiling, or tracking users outside of the specific kiosk or check-in station purposes described in this section.

This section does not limit or change our collection and use of IP addresses, approximate location derived from IP address, log data, security data, fraud-prevention data, device data, or similar technical information as otherwise described in this Privacy Notice.

Customer organizations are responsible for determining whether and how to use check-in station or kiosk geolocation features, providing any notices required by law or by their own policies, obtaining any required permissions or consents from their users, staff, volunteers, attendees, parents, guardians, or other individuals, and determining the lawful basis for associating kiosk or check-in station geolocation data with attendance records, form submissions, sign-ups, or other records.

When Connection Card Pro processes kiosk or check-in station geolocation data on behalf of a customer organization, we process that information as a service provider, processor, or similar role for the purpose of providing the requested check-in, attendance, kiosk, submission, security, audit, support, and related Services. We do not sell kiosk or check-in station geolocation data and do not use it for targeted advertising.

4. How We Use Personal Information

We may use personal information to:

• provide, operate, maintain, secure, and improve the Services;
• create, administer, support, and manage customer accounts and subscriptions;
• host customer pages, process registrations, form submissions, communications, payments, and other requested transactions;
• authenticate users and protect against fraud, abuse, unauthorized access, and other security incidents;
• respond to inquiries, support requests, and other communications;
• send service-related notices, administrative messages, invoices, receipts, confirmations, and updates;
• analyze usage, diagnose errors, debug issues, and improve functionality and performance;
• comply with legal obligations, enforce our agreements, and protect our rights, users, customers, and Services; and
• where permitted by law, send marketing or promotional communications relating to our own products and services.
• support check-in station setup, kiosk setup, attendance integrity, submission integrity, authorized-location verification, security, audit records, fraud prevention, and troubleshooting when a customer organization uses check-in station or kiosk geolocation features;

When we process customer-submitted data, we do so on behalf of the applicable customer organization and for the purpose of providing the Services requested by that customer.

5. Public Content and Customer-Controlled Content

Customer organizations may choose to publish certain content through publicly accessible pages hosted through the Services, such as event pages, public forms, giving pages, organization profiles, or contact pages. Information that a customer organization chooses to publish through such pages may be visible to the public based on that customer’s settings and instructions.

We are not responsible for the content, accuracy, or privacy practices of information that a customer organization chooses to make public.

6. How We Disclose Personal Information

We may disclose personal information in the following circumstances:

• to the applicable customer organization or at its direction;
• to vendors, service providers, contractors, and subprocessors that help us operate, secure, support, host, maintain, or improve the Services;
• to payment processors, gateways, banking partners, and fraud-prevention providers as needed to process payments or detect and prevent fraud;
• to communication and delivery providers as needed to send emails, notifications, receipts, confirmations, or similar messages;
• to professional advisors such as auditors, legal counsel, insurers, or accountants where reasonably necessary;
• to law enforcement, regulators, courts, or other parties when required by law or when reasonably necessary to protect rights, safety, or the integrity of the Services;
• in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar transaction; and
• with your consent or at your direction.

We do not sell customer-submitted personal information for money. We do not use customer-submitted personal information for our own advertising purposes.

We may use and disclose aggregated, statistical, or deidentified information that does not reasonably identify an individual, subject to applicable law.

7. Cookies and Similar Technologies

We use cookies, pixels, local storage, session technologies, and similar tools to operate the Services, remember preferences, authenticate users, maintain sessions, improve performance, analyze usage, enhance security, and measure the effectiveness of our websites and communications.

These technologies may include:

• Strictly necessary technologies used for login, session management, security, and core site functionality;
• Analytics technologies used to understand usage and improve our websites, apps, and Services;
• Embedded content technologies used when videos, payment tools, maps, or similar third-party features are loaded; and
• Preference technologies used to remember settings and improve user experience.

Some browsers offer a "Do Not Track" setting. At this time, our websites and apps do not respond to browser "Do Not Track" signals because there is not yet a uniform industry standard for doing so. However, we do not track users' online activities across third-party websites or other online services for targeted advertising purposes and we do not build marketing profiles based on your activity across other sites or online services. We collect information about activity on our own websites and services only for our own internal analytics, security, fraud prevention, troubleshooting, and service improvement.

Third parties may collect information over time and across different websites or online services when their tools, content, or integrations are used on our websites or pages. You can control cookies through your browser settings and, where available, through any cookie preference tools that we make available.

8. Third-Party Services and Integrations

Our Services may include third-party services, integrations, or content, such as payment processors, video providers, messaging providers, or other embedded or connected services. Those third parties may collect or receive information in accordance with their own privacy notices and terms. We encourage you to review the privacy notices of any third-party services you use or interact with.

Third-Party Services that we implement on our site include: Stripe (payments), Google Maps, FortisPay (payment processing), Plaid (bank connections), Spotify player, YouTube video player, and Vimeo video player.

9. Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Notice, to provide the Services, to comply with our legal obligations, to resolve disputes, to enforce our agreements, and for legitimate business and security purposes.

Retention periods vary depending on the type of information, the context in which it was collected, the instructions of the applicable customer organization, and applicable legal, tax, accounting, security, and reporting requirements.

When we act on behalf of a customer organization, we retain and delete customer-submitted data in accordance with our agreements, our documented retention practices, and the customer’s instructions, subject to applicable law.

10. Security

We use reasonable and appropriate technical, administrative, and organizational safeguards designed to protect personal information against unauthorized access, disclosure, alteration, loss, and misuse. These measures may include encryption in transit, access controls, authentication protections, logging, monitoring, backups, and security review processes.

No method of transmission over the internet or method of storage is completely secure, and we cannot guarantee absolute security.

11. International Processing and Transfers

Connection Card is based in the United States, and personal information may be processed, stored, or accessed in the United States and other countries where we or our service providers operate. Those countries may have data protection laws that differ from those in your jurisdiction.

Where required by applicable law, we will implement appropriate safeguards for cross-border transfers of personal information.

12. Your Rights and Choices

Depending on where you live and the context in which we process your personal information, you may have certain rights under applicable law, which may include the right to:

• request access to personal information;
• request correction of inaccurate personal information;
• request deletion of personal information;
• request restriction of or object to certain processing;
• request portability of personal information;
• withdraw consent where processing is based on consent; and
• lodge a complaint with a regulator or supervisory authority where applicable.

If we process your personal information on behalf of a customer organization, you should direct your request to that organization first. We will assist our customer as required by applicable law and our contractual obligations.

If you wish to submit a privacy request to us directly regarding personal information for which we act in our own role, you may contact us at . We may need to verify your identity before responding.

13. Children’s Privacy

Our Services are intended for organizations and their authorized users, and are not directed primarily to children. However, customer organizations may use the Services to collect, store, or manage information relating to minors, such as children’s attendance, registrations, check-ins, or other participation data.

When a customer organization uses the Services to collect or manage information about minors, that customer organization is responsible for providing any required notices, obtaining any required permissions or consents, and determining its own lawful basis for collecting and using that information. We do not permit organizations to use our services to collect information directly from children under 13.

We do not knowingly permit children under 13 to create self-service accounts through features that are configured to block such access. If you believe that a child under 13 has provided personal information directly to us in a manner not authorized by a parent, guardian, or applicable customer organization, please contact us and we will take appropriate steps to review and address the situation.

14. Customer Organizations and End Users

If you are a member, visitor, guest, donor, registrant, applicant, volunteer, or other contact of a customer organization using Connection Card Pro, that organization generally controls the personal information collected for its own ministry, administrative, event, giving, communication, and operational purposes.

If you have questions about how such an organization uses your information, or if you want to access, update, or delete information that it controls, you should contact that organization directly. If appropriate, we may refer your request to that organization or assist it in responding.

15. Marketing Communications

We may send service-related and transactional communications regarding your account, subscription, billing, support, security, or use of the Services.

We may also send marketing or promotional communications about our own products or services to individuals who interact with us in our own business capacity, such as customer administrators, account owners, prospects, leads, admin users of a customer account or other business contacts, where permitted by law.

We do not use customer-submitted personal information about members, visitors, donors, registrants, or other end users of our customer organizations to send them marketing or promotional communications about Connection Card, Inc. or our own products or services.

However, our customer organizations may use the Services to send communications to their own members, visitors, donors, registrants, volunteers, leaders, staff, or other contacts. In those cases, Connection Card, Inc. is sending or facilitating those communications on behalf of the applicable customer organization and in accordance with that customer’s instructions, settings, and use of the Services.

You may opt out of non-essential marketing emails from us about our own products or services by using the unsubscribe link in those emails or by contacting us. Opting out of our marketing communications will not affect service-related or transactional communications, or communications sent by or on behalf of a customer organization through the Services. You may also opt-out of communications received from and on behalf of our customer organizations by using the unsubscribe link included in the email, by replying "STOP" to text message communication, or by contacting that organization directly.

16. Testimonials

If you provide us with a testimonial, quote, review, or similar content for publication, we may display that content along with the name, title, organization, city, state/province, or similar identifying information that you agree we may publish.

17. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. If we make material changes, we will post the updated Privacy Notice on this page and update the "Last Updated" date above. Where required by law, we will provide additional notice or obtain consent.

18. Contact Us

If you have questions, requests, or concerns about this Privacy Notice or our privacy practices, please contact us at:

Connection Card, Inc.
1500 N Grant St # 5195
Denver, CO 80203
Email: