Introduction
Widcombe Parish PCC (“the Church”) recognises the right of people to keep their personal information private.
This Privacy Policy explains how the Church and the website comply with the Data Protection Act (DPA), the General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications Regulations. It explains how we make use of personal identifiable information that you provide and we collect or hold, including when you continue to browse this website www.widcombe.church
By providing your personal details you agree to allow the Church to contact you by post, email, telephone or telephonic and electronic text messages (and other messaging tools including Facebook, WhatsApp etc. in connection with its charitable purposes. The Church will do this either on the basis of the consents you have given us or for our legitimate interests in accordance with current data protection regulations.
This policy does not cover every situation so we encourage you to read notices on forms, web pages or other places where you give information about yourself.
If you disagree with any part of this policy please do not provide personal information and do not use our website.
Widcombe Parish PCC is a charitable trust and is registered as a data controller with the ICO (the Information Commissioners Office).
How do we collect information about you?
We collect personal information each time you are in contact with us. For example, when you:
- Visit our website and/or register on MyChurchSuite
- Register your details and your family details (e.g. Soul Groups, youth events. BRIX etc.)
- Register for a Church event
- Provide your contact details, in writing or orally, to Church staff or volunteers
- Make a donation, including when you provide credit or debit card details
- When you attend particular Church activities (e.g conferences, training events etc.)
- Communicate with the Church by means such as email, letter or telephone
- Face to face meetings with staff and volunteers
- Access social media websites (e.g Facebook, WhatsApp etc.)
- Provide visual images
The Church does not hold any debit or credit card details for donations/payments made via our website. All card payments are handled by service providers who encrypt card information sent from this website.
How do we process your personal data?
We comply with the regulations by:
- Keeping personal data up to date
- Storing and destroying it securely, both electronic and paper copies
- By not collecting or retaining excessive amounts of data
- By protecting personal data from loss, misuse, unauthorised access and disclosure
- By ensuring that appreciate technical measures are in place to protect personal data
How we use your information
Generally, we will only use and disclose your personal information as follows:
- To administer events
- To administer membership records
- To manage employees and volunteers
- To maintain our own accounts and records, including the processing of Gift Aid applications, safeguarding records, accident records
- To inform you of news, events, activities and services running at either St Thomas à Becket Church or St Matthew’s Church, or at other venues
- To provide pastoral care and support to you and your family
- To answer an inquiry or request for further information or complaint about the Church, its services, activities and events
Who sees your information
The information you provide to us will be held on our Church database, ChurchSuite. ChurchSuite data is hosted in secure UK data centres.
This information may be accessed by or given to our team at the Church, and our service providers who act for the purposes set out in this policy or for other purposes approved by you. Those parties may process information, fulfil and deliver orders process credit card payments and provide support services on our behalf.
The Church uses the ChurchSuite App where members of the church can access information about the church as well as personal details of other members in the “Contact” section. When signing top to ChurchSuite or giving contact details to the church, members can choose what information they share with others on this platform. Users can opt out of sharing all data with others whilst allowing the Church team to use their details for administrative purposes. Users can also opt out of communication from the church but should note that they won’t receive emails/updates/invitations etc.
We do not sell or pass any of your personal information to any other organisations and/or individuals without your express consent, with the following exceptions:
- By providing us with your details, you are giving the Church your express permission to transfer your data to our service providers including mailing houses, such as Mailchimp, to enable the fulfilment of the purpose for collection. We will always ensure that that there are clear restrictions in place for the use of your information to the the purpose for which it is provided and ensure that it iOS stored securely and kept for no longer than is necessary.
- We do not intend to store or currently store financial details (credit or debit card numbers) obtained through online transactions. We do not store details online nor do we pass any information to third parties, except where we are legally required to do so, to assist fraud reduction, or to provide a service requested and minimise credit risks.
The Church may collect and store sensitive personal information such as health information or records of conversations (for pastoral support). Your personal information will be kept strictly confidential; it is never sold, given away, or otherwise shared with anyone, unless required by law.
Keeping details up to date
So that we can keep our records up to date, please tell us as soon as any of your contact details change. You can change the way we contact you, or the kind of material we send you, at any time by contacting us by mail or email at admin@widcombe.church
If you register with MyChurchSuite you can personally log-on and update your contact details and contact preferences.
How long do we keep your personal information?
We keep your personal data as long as necessary for the purpose/s it was collected for. This will vary depending upon the type of information, legal requirements or other justifications permitted by Data Protection law.
Specifically, we retain member and former member information while it is still current; Gift Aid declarations and financial data for up to 6 years after the calendar year to which they relate; and legal registers (baptisms, marriages, funerals) and safeguarding records permanently.
Your rights and your personal data
Unless subject to an exemption under GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data held by the Church
- The right to request that the Church corrects any personal data if it is found to one inaccurate or out of date
- The right to request your personal data is erased where it is no longer necessary for the Church to retain such data
- The right to withdraw your consent to the processing of data at any time
- The right to request that the Church provides you with your personal data and, where possible, to transmit that data directly to another data provider
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
- The right to object to the processing off personal data
- The right to lodge a complaint with the Information Commissioners Office
How secure is your personal information?
The Church uses a secure church administration system that is only accessible by authorised church leaders, staff and ministry leaders. We take all practical and reasonable steps to ensure our administrative and processing activities are secure.
The internet is not a secure method of transmitting information. As such, the Church cannot accept responsibility for the security of information you send to or receive from us over the internet or for any unauthorised access of use of that information.
Links
This website may also include links to other websites. Links provided by the Church are for your convenience to provide further information. Where these are included you may receive cookies from these websites. Please look at the cookie and privacy policies on these third-party sites if you want more information.
Social media
The Church uses social media websites, eg Facebook, Instagram. Users must verify authenticity of sites before posting or providing personal information on such sites
Downloads
Any documents or files made available to download from our website are provided at the users own risk.
Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, we will notify you, explaining the new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
Changes to this Policy
The Church may amend this Privacy Policy from time to time to ensure compliance with changes or amendments to the law of the UK. Any amended version will be available on our website at www.widcombe.church
Our contact details
If you would like any further information, or have any queries, problems or complaints relating to the Church’s Privacy Policy or our information handling practices in general, please contact our GDPR Officer at St Matthew’s Church Office, St Matthew’s Church, Widcombe Hill, Bath, BA2 6AA or by emailing admin@widcombe.church
