The church is required to process relevant personal data regarding members of staff, volunteers, applicants, parents, pupils and their siblings, alumni and customers in order to facilitate the administration and day-to-day ministry of the church.
Data Protection Controller
The church has appointed the Deacon responsible for Admin as the Data Protection Controller (DPC) who will endeavour to ensure that all personal data is processed in compliance with this Policy and the Principles of the Data Protection Act 1998, The Freedom of Information Act 2000 and the Protection of Freedoms Act 2012 are also relevant to parts of this policy.
The church recognises the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) adopted 27th April 2016, the two year transition period and the application date of 25th May 2018 and is actively working towards compliance with that directive.
The church shall so far as is reasonably practicable comply with the Data Protection Principles (the Principles) contained in the Data Protection Act to ensure all data is:-
- Fairly and lawfully processed
- Processed for a lawful purpose
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than necessary
- Processed in accordance with the data subject’s rights
- Not transferred to other countries without adequate protection
The church is ‘Bromsgrove Baptist Church’.
Parental consent, includes the consent of a guardian.
Data Subject, an individual who is the subject of the personal data.
We will treat all your personal information as private and confidential and not disclose any data about you to anyone other than the leadership and ministry overseers/co-coordinators of the church in order to facilitate the administration and day-to-day ministry of the church.
There are four exceptional circumstances to the above permitted by law:
- Where we are legally compelled to do so
- Where there is a duty to the public to disclose
- Where disclosure is required to protect our interest
- Where disclosure is made at your request or with your consent
Personal data covers both facts and opinions about an individual where that data identifies an individual. For example, it includes information necessary for communication such as the persons name and address, email address and date of birth for statistical and communication use. Personal data may also include sensitive personal data as defined in the Act.
Processing your Personal Data
We will use your data for three main purposes:
- The Day-to-Day Administration of the Church – Example – contacting you to keep you informed of Church activities and ad hoc Events. Distributing minutes of meetings and agendas.
- Statistical Analysis – Example – gaining a better understanding of church demographics Although collated church data may be passed to a third party, such as the Baptist Union, no personal data will be disclosed
- Prayer Tree – Example – detailing the prayer requests that are received.
Rights of Access to Information
Data subjects have the right of access to information held by the church, subject to the provisions of the Data Protection Act 1998 and the Freedom of Information Act 2000. Any data subject wishing to access their personal data can do so by accessing the following website: https://bgrovebaptist.churchsuite.co.uk/my
The church will endeavour to ensure that all personal data held in relation to all data subjects is accurate.
The church website does not automatically capture or store personal information. We use Google Analytics to log site visits, entry points, exit points, duration, pages visited. The information gathered is stored by Google and used by the church for system administration and to provide statistics, which the Leadership team use to evaluate use of the site.
You may be asked for personal information if you want to take advantage of specific services we offer such as event notifications, updates and resources. In each case we will only use the personal information you provide to deliver the services you have told us you wish to take part in.