When you become a member of one of our congregations, choose to go on the electoral role, support our churches as a resident of the villages, get married, be baptized or have your child baptized in our church, the Parochial Church Council (PCC), the Parish Administrator and selected individuals performing key related tasks (for example the wedding co-ordinator) for the churches will keep some data about you. This is ‘personal data’ because it is about you as a particular person, and it can be linked to you.
In addition, the Parish Priest (Vicar), holding the ‘Title of the Parish’, legally has access to all information in respect of the parish and this may include your personal information.
What personal data do we hold?
The PCCs will hold the following personal data about you:
1. Your contact information: this is your name, postal address, email address and phone number/s
2. For those who are married or baptized at St Giles’, St Mary’s or St Bartolomew’s – date of birth and details of parents, Godparents and witnesses
3. For those of you who regularly give money to the church by direct debit, your bank account details will be held by the ‘Giving Officer’ of the PCC and will also be visible to the Treasurer of the PCC who sees the bank statements
This is the only data we will hold about you. We do not get data about you in any other way. Other than details on published pages no data is held on our website (www.ourvillagechurch.org.uk). Names given by people who request prayer via our website are known only to the Vicar and are not stored on the website.
How is your personal data kept safe?
Your name, postal address, email address and phone number/s may be kept on secure computers by members of the PCCs, in hard copy secured in individuals’ houses and in the Parish Office, to which there are five keys, all held by members of the St Giles’ PCC and the Parish Administrator. Details gathered for the purposes of completing certificates of marriage or baptism, once those sacraments are completed, are held in a locked safe. Keys to the safe are restricted to the Vicar, churchwardens and deputy wardens and the PCC treasurer.
What is your data used for?
Your data is only used for purposes directly relating to your membership or support of our church, particularly:
1. So that the PCC knows who is eligible to vote at the Annual Church Meeting (i.e. those on the electoral role)
2. To contact you about, and ask for your support for, services and other events that the church organizes
3. To complete marriage and baptism certificates
4. To ensure that the correct details of your giving by direct debit are held by the bank and that Gift Aid on this giving (and regular envelope giving) may be claimed by the church
5. So that your Parish magazine is delivered to the correct address
Do the PCCs and Parish Administrator have a right to your data?
Under the General Data Protection Regulations, the PCC and Parish Administrator need to have a ‘lawful grounds’ for keeping your data and using it. There are several ‘lawful grounds’. Those that apply in our case are:
• Legitimate interests: where it is necessary to hold and use data in order to carry out the functions that the data subject would reasonably expect (for example keeping individuals up to date on service changes, church meetings and delivering magazines to the correct address)
• Performance of a contract: the donation of regular financial payments by a member of the congregation, and the claiming by the church of Gift Aid on those regular payments constitutes a contract
• Compliance with legal obligations: related to personal data around weddings and baptisms
Who can see your data?
Members of the PCCs and the Parish Administrator have access according to their need to carry out legitimate functions. Other members of the congregation with specific roles (for example wedding and baptism co-ordinators and those who deliver magazines) will see the specific information that they need to carry out their roles. Some information is only seen by the Vicar.
Should you request it, your marriage details will be given to the civic registrar. In addition, wedding, banns and baptism (and burial) registers, when full, must be deposited at the civic archives. When that happens we no longer have control of, nor responsibility for, your data.
How long will your information be kept?
Your personal data will be held as long as it is relevant to your relationship with the church. Information on electoral roll members has a natural life as the electoral roll has a mandatory renewal cycle. If you resign from the electoral role or move away from the church, your personal data will be deleted at the end of year in which you resign. Details related to your regular giving may be held for up to six years for tax related purposes.
Who can you speak to if you have questions?
You can speak to the Vicar or one of the Churchwardens. Contact details are published on our website and in the church magazine.
What rights do you have?
You have a number of rights under data protection legislation:
• You can ask for a copy of the data we hold about you. This is called a ‘subject access request’. If you make a ‘subject access request’ we will give you a copy of all the data we hold about you. We will do this within one month
• You can object if you think we are using your data in the wrong way. You can also object if you think we don’t have ‘lawful grounds’ for using your data. We will give you a statement explaining why we use your data and explaining the ‘lawful grounds’. If you are still unhappy you can complain to the Information Commissioner’s Office. If we find we are using your data in the wrong way, we will stop immediately and stop it happening again
• If you think there is a mistake in your data, please tell us. You have a right to have it corrected. We may need to check what is the correct data, but will put right any mistakes as soon as possible
• You have the right to be forgotten. Other than records of marriages and baptisms, which we are legally obliged to keep in perpetuity, we promise to remove your data at most six years after you have asked us to. You have a right for this to happen, because we don’t need to keep your data any longer than six years.
Finally, if anything happened to your data that could be a risk to you, we will do our best to tell you