Your privacy is important to us and we are committed to safeguarding your personal information. Please read this notice together with any other privacy notice that we may provide on specific occasions when we collect or process personal data about you so that you are fully aware of how and why we are using your data.
Christ Church Hemel is the data controller and is responsible for your personal data.
We collect and use personal data to provide pastoral care, to fulfil our purposes as a church and to comply with the law.
The legal bases we rely on are:
legitimate interests (for carrying out our activities as a church)
compliance with legal obligations
performance of a contract (for example, when hiring facilities)
consent (where required)
As a church, we may also process information about your religious beliefs where necessary for membership, pastoral care and church activities.
The categories of information that we may collect, hold and share include:
Personal information (such as name, telephone number/s, address and email address)
Characteristics (such as gender, ethnicity, language, nationality, country of birth)
Special categories of personal data (such as your religious beliefs)
We use your personal data for purposes such as:
providing pastoral care and support
communicating with you about church life, events and activities
administering church membership and records
processing donations and maintaining financial records
safeguarding children and adults at risk
meeting our legal and regulatory obligations
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including legal, accounting or reporting requirements.
We retain different types of data for different periods, in line with Data Protection legislation. For example, financial records are typically kept for up to seven years.
Further details are set out in our records retention policy, which is available on request.
We may periodically review the information we hold to ensure it remains accurate and up to date.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, trustees and finance team members who need to know. They will only process your personal data on our instructions.
We have put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Office (ICO) where we are legally required to do so.
We will only share your information where necessary and in line with Data Protection legislation. This may include:
service providers who support our activities (such as email or database systems)
partner organisations or other churches where we are working together
where we are required to do so by law or for safeguarding purposes
professional advisers where necessary (for example, legal or safeguarding support)
We do not sell your personal data to third parties.
Where we use third-party service providers, we ensure appropriate safeguards are in place to protect your personal data.
Some of the organisations we use may store data outside the UK. Where this happens, we ensure appropriate safeguards are in place so that your data is protected.
Under Data Protection legislation, you have the right to:
request access to the personal data we hold about you
request correction of inaccurate data
request erasure of your data in certain circumstances
object to or restrict how your data is processed
request transfer of your data to another organisation (data portability)
withdraw consent at any time (where processing is based on consent)
lodge a complaint with the Information Commissioner’s Office (ICO)
We will normally respond to requests within one month. We may need to verify your identity before processing your request.
If we need to use your personal data for a new purpose, we will provide you with an updated privacy notice where required.
If you have a concern about the way we collect or use your personal data, you should raise your concern with us in the first instance or directly with the Information Commissioner’s Office at https://ico.org.uk/concerns/
If you would like to discuss anything contained in this privacy notice, require further information on how your information is used or kept secure, wish to request access to data we hold about you or would like to request a copy of our records retention policy please contact the church office.
You can contact us via the church office using the form on our website or by email. [[email protected]]
Cookies are small files stored on your device when you visit a website. They help the website function properly.
We use only essential cookies that are necessary for the operation of our website.
These include:
a cookie that records whether you have acknowledged our cookie notice
We do not use cookies for analytics, advertising, or tracking purposes.
Some pages may include embedded content (such as videos). Where we embed content such as YouTube videos, we use privacy-enhanced settings designed to limit the use of cookies.
Only essential cookies are used, and these are set automatically when you use the site.
You can still control cookies through your browser settings if you wish. Disabling cookies may affect how the website functions.
We aim to keep our use of technology simple and respectful of your privacy.
Our website contains links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
