Introduction
We do our very best to protect your privacy and to make sure the personal data you provide us is kept safe. This notice explains how we collect data, how we use and store information and what it means for you.
Who we are
Whitstable Community Church is the data controller. This means it decides how your personal data is processed and for what purposes.
Whitstable Community Church
Cedar Lodge
38a Pigeon Lane
Herne Bay
CT6 7ES
Charity Number: 1192378
Telephone: 07843 668554
Email: info@whitstablecommunity.church
What information we collect
Whitstable Community Church keeps the personal data it collects up to date, stores and destroys it securely, does not collect or retain excessive amounts of data and protects personal data from loss, misuse, or unauthorised access by ensuring that appropriate technical measures are in place. There’s a few ways we collect data:
Through direct contact with us
Some examples are:
- You fill out a form
- You sign up for an event/group
- You make a donation
- You fill in a consent form for your child to attend our creche, children or youth work
Through our website
We collect data such as IP addresses, details of pages visited and files downloaded.
Sensitive data
If you provide the information, we may collect sensitive personal data, including, but not limited to your physical or mental health.
What we do with it
Processing personal data
We use personal data to:
- Inform you of news, events and activities happening at Whitstable Community Church
- Enable us to provide voluntary services for the benefit of the public
- Provide pastoral care for our attendees
- Administer attendance/membership records
- Raise funds and promote the interests of Whitstable Community Church
- Manage our employees and volunteers
- Maintain our own accounts and records (including the processing of Gift Aid applications)
Basis of processing your data
We will only process your personal data on the basis of the consent you have provided us. You are free to change your preferences at any time. Other processing based on legitimate interest may be necessary for carrying out obligations under law. Legitimate interest is also the basis of our processing data relating to former members or attendees for claiming back tax under the government’s Gift Aid scheme, as we are a not-for-profit body with religious aims. It may also be our basis for processing data without consent in a safeguarding context.
Applying for a job or volunteering with us
Where you provide personal data or sensitive personal data when applying for a job or volunteer role with us, such as the information on your CV, we will process, store and disclose the personal data we collect to support the recruitment process, and potentially use third parties for qualification checks or Disclosure & Barring Service checks.
How and where we store your information
How long?
We will keep your personal information only for as long as we consider it necessary to carry out each activity. We take account of legal obligations as well as accounting and tax considerations.
Security
We ensure that we have appropriate technical controls in place to protect any personal data you provide. We ensure that access to personal data is restricted only to those staff members or volunteers whose job roles require such access and that suitable training is provided for these staff members and volunteers.
Where we store your personal data
We primarily process data digitally (see service providers below) and some data will be processed outside of the EU. We take all reasonable steps to ensure that personal data is held in compliance with the General Data Protection Regulation. We have data processing agreements in place where appropriate. In the few cases that we have to store personal data on paper it is stored securely.
When we share your personal information
Your personal data will be treated as strictly confidential and will only be shared with staff and members of the church in order to carry out a service connected with the church.
Legal duty
We may need to pass on information if required by law or by a regulatory body. For example, a Gift Aid audit by the HMRC, or if asked for details by a law enforcement agency.
Our service providers
We do not pass any of your personal information to any other organisations and/or individuals without your express consent, with the following exceptions in the case of receiving donations, making payments and general accounting:
Where such details are shared we have confidentiality agreements in place that restrict the use of your information to the purpose for which it is provided and ensure it is stored securely and kept no longer than necessary.
The service providers we use through which we only process your personal data if we have your express consent are:
- ChurchSuite (churchsuite.com)
- Mailchimp (mailchimp.com)
- Microsoft Office 365 (microsoft.com)
- Google Drive (google.com)
We will never sell any of your personal information to any other organisation.
Cookies
Please see our separate cookie policy.
Children
Parents/Guardians allowing their children to join in with our under 18’s groups during our Sunday morning services or other events are required to provide personal data about themselves and their children. This data is provided with the consent of the parent or guardian and is securely stored as above. We require parental consent for any child under the age of 18.
Your choices and telling us when things change
Preferences
You can change your preferences as to what you receive from us or how we contact you at any time. You can do so by:
- Logging into ChurchSuite if you have an account by clicking here and changing your privacy/communication preferences
- Emailing info@whitstablecommunity.church
- Writing to: Data Security Manager, Whitstable Community Church, Cedar Lodge, 38a Pigeon Lane, Herne Bay, CT6 7ES
Updating your details
We really appreciate it if you keep your details up to date. You can do this in the same way as updating your preferences (above). We may use Post Office address search or other available services to confirm data that you provide us with, where, for example, we are unsure of what you have completed on a form. We will not use these sources to create data that you have chosen not to provide, for example, if you have left a telephone number blank; nor will we automatically update changes of address, we will only update your address when you tell us it has changed.
Asking us to stop processing your data
You have the right to ask us to erase your personal data, restrict our processing or to object to our processing of your personal data. You can do so by:
- Emailing info@whitstablecommunity.church
- Writing to: Data Security Manager, Whitstable Community Church, Cedar Lodge, 38a Pigeon Lane, Herne Bay, CT6 7ES
Access to your information
You have the right to request details of the information we hold about you. To make this request, please write to us at the details above. For more information about your rights under the Data Protection Act (DPA) and General Data Protection Regulation (GDPR) you can visit the website of the Information Commissioner’s Office (ico.org.uk)
Changes to this privacy notice
This privacy notice was last updated on 28 January 2021. We may amend this notice from time to time to take account of changes to our processes or changes to legislation. If we make any significant changes to this policy we will show this clearly on our website and in our communications.
Further processing
If we wish to use your personal data for a new purpose not covered by this Privacy Notice, we will provide you with a new notice explaining this new use prior to commencing that processing. If necessary we will seek your prior consent to the new processing.
Governing law
This Privacy Notice is subject to English law. All claims or disputes arising out of or in connection with our processing of personal data shall be subject to the non-exclusive jurisdiction of the courts of England and Wales.
For any queries regarding this Privacy Notice please contact us at info@whitstablecommunity.church