Go back to normal view

 

GDPR Policy

Jennyfield Evangelical Church (JEC) Privacy Notice 

How Jennyfield Evangelical Church (“we”) use your information

 

JEC exists to glorify God on the north side of Harrogate.  As such, the church runs a number of ministries to help serve the people of Harrogate.  During the course of these activities, we may have grounds to process data about you on your behalf.  Your privacy is important to us, which means we are committed to safeguarding the privacy of your information.

It is important that you read this privacy notice so that you are fully aware of how and why we are using your data.   

 

Data Protection Lead

Tristan Harper is the Church Data Protection Lead, has been appointed by the church officers and is responsible for your personal data. He can be contacted care of the church at: 

            Jennyfield Evangelical Church, Grantley Drive, Harrogate, HG3 2ST

Tristan.jechurch@gmail.com

07963 891486

What data do we collect? / Why do we collect it? / How is your data handled?

 

Church Directory / Regular attendees list

On an annual basis, we collect the names and contact details of people who regularly attend services at JEC. This is to enable effective pastoral ministry as well as ministry to those who may be sick / infirm. Furthermore, it enables those who attend regularly to stay in touch / contact each other as the need arises.  The data is checked for accuracy annually, and is distributed to regular attenders at that time, who are responsible for the privacy of the information.  The directory is updated annually, with corrections made and people who no longer attend or revoke their consent can have their contact details removed. However, names of people who attended in the past can continue to be held, but their contact details removed.  This data will be shared with other regular attenders of the church, and so consent to appear on the list will be required.

 

Missionaries newsletters

 

The church supports a number of missionary organisations around the world. From time to time, these missionaries send newsletters of the work they have been doing, specific requests for prayer and their contact details. This enables people who attend the church to pray with some knowledge for their ministries.  These newsletters are displayed on the church notice board in the church building until they are replaced by the next edition of a newsletter from that missionary. In that sense, they are shared with anyone who may enter the church building.

 

Consent forms

 

For those who attend specific children’s ministries, we require a consent form to be completed. This contains information to assist us in providing a service for the children. It also contains specific consent for photos (more below).  Once the consent form has been received it is kept in a separate locked cabinet on the church premises which only ministry leaders, nominated deputies and safeguarding officers / deputies have access to. This will be kept for up to a year (with an update made at the start of each school year). Specific information on the forms which may be required by the ministry leaders or safeguarding offices or their deputies on a more regular basis, e.g. names, medical alerts and emergency contact numbers may be copied to a central “register”, which will also need to be easily accessible to staff in charge of children.  Once the data is no longer required, it will be shredded / destroyed.  This data will not be shared with any third party, except where required for safeguarding purposes.

 

Photos

Occasionally, photos of church events and ministries may be taken, although explicit consent for these must be received in advance.  These are collected for use on the church website or notice board.  Once the photo has been taken, it should be transferred to a secure location as soon as practicably possible. This is likely to be the church laptop, which will be password protected. At this point it should be deleted from the memory card of the camera. When photos are posted to the notice board or website, they will be displayed with no names (anonymising the people in the photos). Photos may be displayed for as long as consent has been withdrawn where the subject of the photo is an adult, or for one year where the subject is under 18. If, on turning 18, the subject of any photo explicitly consents, then their photo may continue to be displayed until consent is withdrawn. After which time they must be securely deleted/destroyed. Because of the public nature of these (in particular the website) the church can not fully guarantee, on deletion that these have not been saved by someone elsewhere. Photos must not be posted to social media.

Employee data

Data, such as DBS checks, payroll etc will be held for employees of the church, as well as in the case of DBS checks, those who volunteer in ministries of the church.  This data should be kept in a separate locked cabinet which only the nominated safeguarding officers should have access to. Information will be entered on the CCPAS site. When clearance is received all that is kept on file by the church is the name, DBS number, date of clearance and type of check. Application forms, self declaration forms and references will be shredded. CCPAS will also hold a skeleton record of name, DBS number, dates of application on file for 5 years. 

 

In addition, if you support the church financially, other data may be held by the following organisations:

·         CAF / Stewardship

·         Gift Aid

Requesting access to your personal data

Under Data Protection legislation, you have the right to request access to information about you that we hold.  In addition, you have the right to withdraw your consent to processing of any data where you have previously provided consent. You can withdraw your consent at any time by contacting Tristan Harper, using the contact details above. Please keep us informed of any changes to your personal data. To make a request for your personal information contact the Data Protection Lead, whose contact details are provided above.  

You also have the right to:

·         object to processing of personal data that is likely to cause, or is causing, damage or distress

·         prevent processing for the purpose of direct marketing

·         object to decisions being taken by automated means

·         in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and

·         claim compensation for damages caused by a breach of the Data Protection regulations. 

For further information on how your information is used, how we maintain the security of your information and your rights to access information we hold on you please contact Tristan Harper using the details above.

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/

If you would like to discuss anything in this privacy notice, please contact the Data Protection Lead, whose contact details are given above.

This privacy notice was created on May 22nd, 2018, and will be reviewed in a year’s time.