This notice explains how and why the Trustees of the Inghamite Church holds/processes your personal data, how it will be used and how long it will usually be retained for. It provides you with certain information that must be provided by us under the General Data Protection Regulation ((EU) 2016/679) (GDPR).
Data protection principles
We will comply with data protection law and principles, which means that your data will be:
Used lawfully, fairly and in a transparent way;
Collected only for the purposes explained in this document and not used in any way that is incompatible with those purposes;
Relevant to the purposes we have told you about and limited to what is necessary to achieve those purposes;
So far as possible, accurate and kept up to date;
Kept for no longer than is necessary for the purposes we have told you about and in a manner that ensures appropriate security.
What data do we collect?
When you have regular contact or involvement with our church we collect and process your contact details. Contact details and other necessary personal information you have provided are also collected if you ask for ministry support, request that we conduct ceremonies like weddings, dedications, baptisms or burials. The minimum amount of information needed to register you as a user of our website is your first and last name and then you need to choose a password. We also ask for some further, voluntary information so we can provide a richer, more useful address book. If you wish to make gifts to our church, or enter into a contractual relationship with us, we will need to collect financial information required to comply with statutory requirements.
If you want to become a member of our church you are asked to complete a Statement of Faith document, which contains data about your religious beliefs.
Photos may be taken, or video filming occasionally done, at some services, events or church groups. You would in that case, as far as is possible, be informed and could choose not to participate by removing yourself from the area where this was taking place.
What is the legal basis for holding/processing personal data about you?
We are holding/processing personal data about you for one or more of the following reasons:
You have consented to this;
Our legitimate interests in providing religious and voluntary services for the benefit of the public;
For the performance of a contract with you or to take steps to enter into a contract (e.g. for a marriage/funeral service or a burial/interment or scattering of ashes);
To comply with legal obligations (e.g. if you wish us to claim gift aid on donations made by you there is a statutory requirement to process certain personal data of yours without which we cannot make the gift aid claim);
For the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
To carry out obligations under employment, social security or social protection law;
Processing carried out by a not for profit body with a religious aim and the processing relates only to members or former members or those who have regular contact with it in connection with those purposes and there is no disclosure to a third party without consent;
For archiving purposes in the public interest, or historical research purposes or statistical purposes.
What will we do with your personal data?
We will use your personal data for one or more of the following:
To enable us to provide a religious and voluntary service for the benefit of the public;
To provide pastoral care;
To administer membership records;
To facilitate communication within the church and with people who contact us or use our website, for example to keep you informed about news, events, activities, religious services, or communicate with you in relation to any service you have asked us to provide;
To further facilitate communication through our interactive website, where secure messaging and emails are used to communicate with users, where an online directory of information voluntarily provided by users is provided as a church resource, and where, as a security mechanism, access to personal data will be restricted to other church members and/or people with regular involvement in the life of the church;
To comply with legal obligations;
To manage our employees and volunteers;
To maintain our own accounts and records (including the processing of gift aid);
To maintain records of marriages, dedications, funerals, burials, interring or scattering of ashes.
Who will we share your personal data with?
If you are a church member, regular attender, or on the church contact list, some personal data may, with your permission, be shared within or outside the church. Personal data may appear on contact lists, rotas or other church information, which are made public on church notice boards, on the church website, or are distributed in the local community. Brief personal data like name and prayer need may also be shared with the church community for prayer. If your child attends children’s activities run by the church, information necessary to safeguard your child or for smooth running of the activities, will be shared with adult leaders (all of whom had had the legally required checks for suitability to work with children). If you have asked us to conduct a marriage, dedication, baptism, funeral service or other service, your name and the name of the subject of the service may appear on church notice boards or be made public in church information. Your personal data may be shared with government agencies (eg HMRC in relation to gift aid). If we provide services to you on behalf of the charity Christians Against Poverty we may share your personal data with them with your consent.
Who will have access to your information on the church website?
Personal data you have voluntarily provided to the church will be held securely on the website. Your personal information will by default be visible to other authenticated users of the site. You can, however, change the privacy settings from your personal profile page. Your information will be used to build an online address book and, should you wish it, show your birthday in the Inghamite Church calendar. The church will not share any individual user details with any third party without your consent.
If you choose to access our website, you are responsible for your own use of the website. This includes maintaining the secrecy of your username, passwords and any account information. Please be aware that whenever you voluntarily disclose personal information in publicly accessible online forums, you may receive unsolicited messages from others. Pages on the website may contain links to other websites, and you should be aware that the church is not responsible if you choose to click on such links, or for privacy practices on other websites. If you share a computer with someone else or use a computer in a public place, remember to close your browser when you have finished your user session. You are responsible for the security of, and access to, your own computer.
Transfer of Data Abroad
Any electronic personal data transferred to countries or territories outside the EU will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union. Our website is also accessible from overseas so on occasion some personal data (for example in a newsletter) may be accessed from overseas.
How long do we keep your personal data?
We will keep your personal data only for as long as is necessary to fulfil the purposes for which it is held. This is likely to be for at least as long as you are a member or regular attender at church events. Gift aid declarations and associated paperwork will be held for up to 6 years after the calendar year to which they relate. Records of marriages, funerals, dedications and baptisms and graveyard records may be held indefinitely. Employment records will be held for a reasonable period after the end of the employment.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
The right to request a copy of your personal data which the Trustees of the Inghamite Church hold about you;
The right to request that the Trustees of the Inghamite Church correct any personal data if it is found to be inaccurate or out of date;
The right to request your personal data is erased where it is no longer necessary for the Trustees of the Inghamite Church to retain such data;
The right to withdraw your consent to the processing at any time
The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable) [Only applies where the processing is based on consent or is necessary for the performance of a contract with the data subject and in either case the data controller processes the data by automated means].
The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
The right to object to the processing of personal data, (where applicable) [Only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics]
The right to lodge a complaint with the Information Commissioners Office (www.ico.org.uk)
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
Wheatley Lane Inghamite Church
Wheatley Lane Road
Telephone 01282 613598
Minister: Matthew Butler (email email@example.com)
Data protection trustees: Judith Moretta, Anne-Louise Bond and Wendy Gillan
To exercise all relevant rights, queries or complaints please in the first instance contact Matthew Butler, preferably by email or post. If the minister is not available, please contact one of the data protection trustees, preferably by post.
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/preferably by email . You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
Contact us via email at firstname.lastname@example.org