Date: 12 May 2018
Document version: 1
Wheatley Community Church (WCC) take your privacy seriously. This policy sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed.
For any queries – please see contact information at the end of this notice.
What information do we hold?
Information that you give us when filling in forms on the WCC website, at events we run, corresponding with us by phone, email or letter. The information you give us may include your name, postal address, e-mail address, phone number, gender, personal description and/or photographs.
If you are a WCC employee, member or volunteer we may also hold certain categories of sensitive information such as personal financial details, age, gender, marital status, date of birth, full employment and educational history, references, medical and criminal records.
How will we use your information?
We will use your personal data to:
Maintain our list of church members (and regular attenders)
Provide pastoral support for members and others connected with our church
Provide services to the community including (e.g. Toddler Group, Women’s breakfast)
Safeguard children, young people and adults at risk
Recruit, support and manage staff and volunteers
Process a donation that you have made (including Gift Aid information)
Respond effectively to enquirers and handle any complaints
Send you communications which you have requested and which may be of interest to you
Where do we store your personal data?
We use church management software which has features to help WCC administration, worship planning, volunteer scheduling and communication. All data will either be kept on servers in the EU or data transferred outside the EU will only be placed on systems giving equivalent protection of personal rights.
WCC are committed to holding your personal information securely. The system is configured so that only those staff and members who need to see the data can access it.
WCC may store your information on computers or in paper form, or both.
What is the legal basis for processing your data?
Our legal basis for processing personal data is different depending upon the person from whom it was collected. The following list covers the main types of data that we hold.
Data collected from contacts who have visited to website or attended events or services is held by consent. We will clearly ask for your consent to store your data and explain for what purpose.
Employee, member and volunteer data records are processed to comply with legal and contractual obligations and to fulfil our legitimate interests as a church.
How long do we hold your data?
We will keep some records permanently if we are legally required to do so. We may keep some other records for an extended period. In general, we will endeavour to keep data only for as long as we need it. This means that we may delete it when it is no longer needed.
Under UK legislation you have rights about how your data is processed. These include the right to:
Request access to the data we hold about you
Have inaccurate and incomplete data rectified
Have the personal data we hold on you deleted (except where we are required to hold the data by law)
To restrict the processing of your personal data in certain circumstances
Data that is held on consent will only be processed for as long as we have your consent. To withdraw your consent please contact us (see below).
To update your privacy settings, please use this consent form.
For more information on your rights, or to make a complaint, you can contact the Information Commissioners Office:
0303 123 1113
Information Commissioner’s Office