Many people have concerns about safety and privacy when it comes to technology. Unfortunately, sometimes those concerns are founded. Planning Center is made for churches, so their security features multi-layered and updated frequently.
Planning Center itself does not have access to any client’s database, or any personal information of any congregation or member.
All personal information shared through Planning Center is kept in the congregation’s (or diocese’s) account, accessible only to those with the permission to view it.
Church Center uses two factor authentication, so no password is necessary.
Instead, users must provide an email address or a cell phone number and receive a code in order to log in. Church Center re-authenticates users after a very short time - if you haven’t logged into Church Center recently, you’ll have to receive a code again.
This can feel like an annoyance, but it is actually a way to keep members and their data as secure as possible.
When you log into Church Center, you can see all of your own data (any that you’ve shared). Even though you can see it, no one else except Planning Center Administrators can. Only data shared in the directory can be seen by anyone else.
ALL financial transactions on Planning Center are made through Stripe, a third party platform with the highest degree of security.
Giving records require a separate login to view, and members’ giving records are available to them at all times. NO Planning Center administrator will ever have access to members’ bank account or credit card numbers.
No one under 13 can use Church Center.
Planning Center flags or blocks any emails that seem suspicious. It autocorrects or sends warnings if an email seems to have been entered incorrectly (.con instead of .com, for instance).
Any emails sent through Planning Center are visible on Member’s profiles (look up any Member, and click ‘Communication’ on their profile.
The Directory is where Members can choose to share information about themselves with each other.
Members must be invited to be part of the Directory, and once they are invited, they must accept the invitation, and choose which information they would like to share within the community.
ONLY Members invited to the directory have access to the Directory - to share their own information or to view the information of others.
Planning Center has security options for banning Members from the Directory.
Once a congregation is on Church Center, anyone can create a profile. This is a positive - new members can be welcomed in digitally.
It can also be a drawback - spammers do try to join congregations this way, to get access to personal information.
There are several steps built into Planning Center to help protect congregations.
There is a widget on the Planning Center dashboard that notifies Admins of any new Profiles created. New Profiles can then be vetted through a workflow to ensure that they are actual people who want to join the congregation.
It’s highly encouraged to create a ‘New Member’ workflow to immediately communicate with those creating New Profiles, and learn more about them.
Only Planning Center admins have access to the entire database. Each Planning Center ‘Product’ (People, Groups, Calendar, etc.) has its own level of security and permission, so Members can use one or more Products without having access to all aspects of the Database.
Planning Center Admins cannot merge or delete their own profiles - this keeps spammers from gaining access to Admins’ profiles by creating a ‘dummy’ account in their name.
Church Center Groups are places for congregation Members to chat, attend events, and have access to resources.
There are security settings that require Members to be granted permission to join a Group (highly recommended).
Leaders of Groups should not grant permission to join unless they know who the Member is.
Within Groups, Members can chat with each other, but email addresses and phone numbers are not shared (this only happens in the Directory). Only Group leaders can email a Group, and when they do so it’s a bulk function - the leader does not see anyone’s actual email address.