DATA PRIVACY NOTICE
Alsager Community Church, Alsager
1. Personal data
Personal data relates to a living individual who can be indentified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller's possession or likely to come into such possession.
The processing of personal data is governed by the General Data Protection Regulation (the ‘GDPR’).
2. Data Controller
Under Data Protection legislation, the Alsager Community Church (ACC) is the Data Controller (contact details below). This means that the trustee of ACC decide how your personal data is processed and for what purposes.
3. How do we obtain your personal data?
We collect your data when you access one of our activities, give financially, book into an event, submit an enquiry or request to join our mailing list.
4. How do we process your personal data?
ACC complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use personal data for the following purposes: -
· to maintain our list of church members and regular attenders;
· to provide pastoral support for members and others connected with our church;
· to provide services to the community including Little Treasures, ACSC, Food bank;
· to safeguard children, young people and adults at risk;
· to recruit, support and manage staff and volunteers;
· to undertake research;
· to maintain our financial accounts and records (including the processing of gift aid);
· to fundraise and/or promote the interests and activities of the church;
- to provide news and information about events, activities and services at the church;
· to facilitate the hire of our building to other User or Community Groups
· to respond effectively to enquirers and handle any complaints
5. What is the legal basis for processing your personal data?
· The processing is carried out in the course of our legitimate activities and only relates to our members or persons we are in regular contact with in connection with our purposes and there is no disclosure to a third party without consent;
· Processing is necessary for carrying out obligations under employment, social security or social protection law; or
· Explicit consent of the data subject has been given.
6. Sharing personal data
Your personal data will be treated as strictly confidential and will only be shared with other members of the church and volunteers in order to provide a service for you or for purposes connected with the church. We will only share your data with third parties with your consent unless one of the following exceptions apply:
· it is necessary for law enforcement or similar purposes;
· it is necessary as part of our legal compliance (HMRC, Charity Commission, Auditor for example).
7. How long do we keep data?
We retain your information in line with our Data Retention Schedule, which is posted on our website or is available from the church office. You may request at any time for your information to be removed from our database or to change the way you are contacted. Even if your personal data is removed, some data will continue to be archived in line with legal requirements or to provide you with a service you are currently using.
8. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
· The right to request a copy of the personal data which ACC holds about you (a Subject Access Request or ‘SAR’);
· The right to request that ACC corrects any personal data if it is found to be inaccurate or out of date;
· The right to request your personal data is erased where it is no longer necessary for ACC to retain such data;
· The right to withdraw your consent to the processing at any time;
· The right to request that the data controller provide you with your personal data and where possible, to transmit that data directly to another data controller.
· The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
· The right to object to the processing of personal data;
· The right to lodge a complaint with the Information Commissioners Office.
To proceed further with any of these rights, please contact the Data Protection Lead. A Subject Access Request form is available for you to use, however, any written request will be acted upon.
9. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Statement, then we will provide you with a new notice explaining this new use prior to commencing the processing, and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
10. Any concerns?
If you are concerned or have any questions about the way your information is being handled please speak to our Data Protection Lead. If you are still unhappy you have the right to complain to the Information Commissioners Office.
Data Protection Lead on 01270 873859 or at the church office, ACC, 5 Lawton Rd, Alsager, ST7 2AA or via email: firstname.lastname@example.org
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.