How Swindon Evangelical Church (“we”) use your information
Your privacy is important to us at Swindon Evangelical Church. We are committed to safeguarding the privacy of your information.
It is important that you read this privacy notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.
Swindon Evangelical Church is the data controller and responsible for your personal data.
Why are we collecting your data?
We collect your data to enable the church to keep in touch with you and provide pastoral support as appropriate. Data Protection legislation allows us to process this information as we regard it as being in the church’s legitimate interest. When it is required, we will also ask you for your consent to process your data. We do not share your information with anyone else except as described in this notice.
The categories of information that we may collect, hold and share include:
- Personal information (e.g. name, telephone number, address, email address)
- Characteristics (e.g. language, nationality, medical conditions)
Storing your data
When you give us your contact details, for example, by completing one of our forms, these will be held securely, in the church office. Your name and contact details may also be entered onto our church database, which is stored on the church office computer. This is password protected and accessed only by the church office manager and the church secretary.
We will contact you annually to check that the information we are holding is accurate and that you still agree to us holding it.
Data Retention – We hold your data for varying lengths of time depending on the type of information in question but in doing so we always comply with Data Protection legislation.
Information Security – We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees or trustees who need to know. They will only process your personal data on our instructions.
Data Breach Procedure – We have put in place procedures to deal with any suspected personal data breach and will notify you and the ICO where we are legally required to do so.
Further details regarding data retention, information security and our data breach procedure are available in our Data Protection Policy, which you can request by contacting the Data Protection Compliance Manager (“DPCM”) (details below).
Who do we share your information with?
We will not share your information with third parties without your consent unless the law requires us to do so.
Church Members: We will include your name and contact details in our printed church members’ directory, which is distributed in hard copy to all church members annually. We will not give copies of the Church Directory to anyone else. You can ask for some or all of your details to be removed or amended by contacting the Church Office Manager: email@example.com.
Requesting access to your personal data
Under Data Protection legislation, you have the right to request access to information about you that we hold. To make a request for your personal information, please contact the DPCM (details below).
You also have the right to:
- object to the processing of personal data that is likely to cause, or is causing, damage or distress
- prevent processing for the purpose of direct marketing
- object to decisions being taken by automated means
- in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
- claim compensation for damages caused by a breach of the Data Protection regulations.
For further information on how your information is used, how we maintain the security of your information and your rights to access the information we hold on you please contact the DPCM (details below).
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
If you would like to discuss anything in this privacy notice, please contact the Data Protection Compliance Manager: firstname.lastname@example.org