Moordown Baptist Church
1. What is GDPR?
The General Data Protection Regulation (GDPR) is a new legal framework being introduced across the EU to set out regulations relating to the processing of personal data. It replaces the existing UK Data Protection Act 1998 (DPA). The GDPR applies in the UK from 25 May 2018. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement or the application of the GDPR.
The Information Commissioner’s Office (ICO) is the independent supervisory authority set up to promote and oversee compliance with data protection legislation in the UK.
2. Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”). All organisations in the UK must state the basis upon which they handle all personal data and explain this in a Data Privacy Notice (this is our such document).
3. Who are we?
Moordown Baptist Church (MBC) is an independent, evangelical church. We meet to praise and worship God and we are committed to helping others become committed followers of the Lord Jesus Christ. The church is a registered company in England and is also a registered Charity. It is a “not for profit” organisation.
The church is governed by a board & group of church elders who decide how your personal data is processed and for what purposes.
For further details on who we are and what we believe please visit our web site at www.moordownbaptist.org. If you wish to get in touch with us regarding anything in this notice our contact details are below. Please note that our website contains links to other websites. This Data Privacy Notice only applies to our website so when you link to other websites you should read their own privacy policies.
4. How do we process your personal data?
We believe the scriptural teaching that a church is a body of individuals whose members share a common faith in the Lord Jesus Christ as their Saviour, rather than the buildings. Within our normal day-to-day work, we undertake various administrative functions and as part of this we naturally collect and use information about our church members and other people who we come into regular contact with. This includes things like membership lists, rotas, youth groups, fellowship meetings and prayer letters.
Moordown Baptist Church complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate measures are in place to protect personal data.
We use your personal data for the following purposes: –
- To administer membership records
- we hold contact details of our church members such as names, addresses, telephone numbers and email addresses (where held). Such records are maintained within a church members directory which is shared with all Church members to facilitate easier communication between individuals.
- Names of Church members may be included within rotas for various activities undertaken as part of the church’s day-to-day work.
- To administer attendance of meetings
- Data held relating to meetings held for church members such church meetings and prayer groups.
- Data held relating to meetings held for both church members and those with whom we have regular contact such as fellowship meetings, Luncheon Clubs and open prayer groups.
- Data held relating to meetings held for predominantly non-members such as youth group activities, Holiday Bible Clubs for children.
- To manage our employees and volunteers.
- To maintain our own accounts and financial records (including the processing of gift aid applications).
- Where we are required to for legal purposes. This includes securely maintaining Child Protections Records (please see our Child Protection Policy Documents for more details) and for health and safety records such as incident books.
- To inform you of news, events, activities and services at the Church such as our weekly news-sheet handed out at Sunday church services.
5. What is the legal basis for processing your personal data?
As defined under GDPR we process data as follows:
- Explicit consent of the data subject. For MBC this includes all our children’s and youth work where we obtain consent from parents / guardians together with emergency contact details and other data which may be significant for the welfare of the children.
- Processing is necessary for the performance of a contact; carrying out obligations under employment, social security or social protection law, or a collective agreement. For MBC this includes employment data we provide to our payroll processors. MBC also shares some data with our insurers where some policies require personal data including data on the drivers of our minibus.
- The processing is necessary for compliance with a legal obligation. For example, the payment of income tax and national insurance, in respect of employee payment details.
- Processing as carried out by a not-for-profit body with a religious aim where there is a legitimate interest to process such data. This is provided: –
- the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and
- there is no disclosure to a third party without consent.
For MBC this includes all other uses of data where not specifically mentioned above.
6. Sharing your personal data
Your personal data is treated as strictly confidential. Church Member details will only be shared with other members of the church in order to provide a service to all church members for purposes connected with the church. We do not share your data with external third parties outside of the Church except where there is a specific contractual or legal obligation (as detailed above). We never share any data for the purposes of Direct Marketing; by us or by any other parties. To the best of our knowledge, we do not share data with any overseas organisations.
7. How long do we keep your personal data?
We keep data in accordance with the guidance set out by the ICO.
“Statutory” data such as employment, gift aid declarations and other such associated paperwork is kept for up to 6 years after the calendar year to which they relate.
“Transient” Data regarding youth club attendees, rotas and fellowship meetings are only kept for the duration of the activities themselves. For example, the registration and consent forms used for our Youth Clubs are kept and used only for the school year to which they relate. At the end of that time all the forms and the data they contain is securely destroyed.
“Ongoing” Data such as members details contained within Membership Directory is held for as long as an individual remains a member of the church.
8. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –
- The right to request a copy of your personal data which Moordown Baptist Church holds about you;
- The right to request that Moordown Baptist Church corrects any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for Moordown Baptist Church to retain such data;
- The right to withdraw your consent to the processing at any time
- The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), in accordance with ICO regulations.
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data, where applicable and in accordance with ICO regulations.
- The right to lodge a complaint with the Information Commissioners Office.
9. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
10. Our Website and Cookies
Website usage information is collected using cookies. Our website uses the following cookies:
Google Analytics: This service collects information about how visitors use our site. The information used to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Google Loader: Used on the ‘How to find us’ page to provide a Google Map of our location.
For further details of our policy on cookies please see our website.
11. Our Public Wi-Fi
Within our church premises we offer access to a public Wi-Fi service to access the internet.
This is a fully open facility for which, whilst access is protected via a password, no data is captured or stored for the purposes of monitoring, usage or filtering.
12. Contact Details
It is our desire to be fully open and transparent about the data we collect during the course of our work as a church and trust that you will find all the information you require in this policy document.
To exercise all relevant rights, or if you have any queries or questions / complaints please in the first instance contact our leadership team via this special email address firstname.lastname@example.org or contact any of our church leaders following any of our regular services.
For more information about GDPR, you can contact the Information Commissioners Office on 0303 123 1113 or via their website https://ico.org.uk/.
This policy was last reviewed and updated on: 18th May 2018
Issued by the Board / Elders of Moordown Baptist Church.
Moordown Baptist Church Limited, 92 The Avenue, Bournemouth, BH9 2UU.
Registered in England: 08813067 Registered Charity: 1156083