This information sheet tells you how Grace Church Sydenham (GCS) uses personal data. Personal data means information about you from which you can be identified such as your name and address.
Why is my data being collected?
We use your personal data to provide you with information about our current and future program of activities and to facilitate administration of the church. If you have given us personal data about your children, we use this to help run our children’s activities. These are known as GCS’s ‘legitimate interests’. With consent, we use your data to tell you about new church activities and products.
With your consent we may use your personal data to maintain our own accounts and records, including processing of gift aid. We have a legal obligation to process certain categories of personal data, such as data relating to employment contracts and safeguarding. Our Membership listincludes your name if you have agreed to become a partner of GCS. With consent, we may include personal data on our website (e.g. leaders’ biographies) to help publicise GCS.
How is my data collected?
In most cases, you have given us your personal data. For example, you may have filled in a ‘Contact Details’ form with information such as your name, email and telephone number. You may also have given us personal data about your children, for example on an Ignite activities permission slip. You may have provided us with financial data, for example to purchase items, facilitate gift-aid or receive salary payments.
If you (or your children) are part of any church groups such as growth groups we will record this information. Data relating to safeguarding, including Ignite registers, will be collected by group leaders or safeguarding coordinators. Pastoral information may be recorded by individuals providing pastoral care.
Who is my data shared with?
In general, your data is shared with the Minister and other individuals providing leadership, administrative and/or organisational support to the staff team. This includes the Elders, Church Council, Growth Group leaders, our safeguarding team and (for children’s data) Ignite leaders. It may also be accessed by Mailchimp, who run our weekly church email, GoDaddy who host our website, and Dropbox where some shared documents are placed. For sensitive data such as financial, safeguarding or pastoral data, shared access is restricted to nominated individuals who have been given responsibility for that particular area.
If you help on the church rotas your name will be visible to members of GCS’s congregation. With consent, information about you may be visible to the public via our website (e.g. leaders’ biographies, photographs, and talks). Your data will not be shared with other third parties unless you give consent or unless required by law.
How long will my data be held?
For members of the church family, we keep your data for as long as you are a part of Grace Church Sydenham. The Elders and Administrative team reviews the list of people for whom we hold data every year.
If you are no longer a part of Grace Church Sydenham, we delete your data other than where it is necessary to keep it for official records (e.g. Sunday Club registers, membership list, Gift Aid).
If you have filled in a feedback form at an event, we will hold your data until you tell us you wish to unsubscribe from any e-mails that we might send you.
Can I see my data?
You can ask to see your personal data held by GCS and if there are any mistakes you can ask to have these corrected. Please email email@example.com and we will happily arrange this for you.
Can I ask for my data to be deleted?
You can ask for your personal data held by GCS to be destroyed. Unless there are legal reasons why we need to keep your data we will destroy all paper and electronic copies of your data. Please email firstname.lastname@example.org.
What if there is a problem?
If you think there is a problem with the way we are handling your data you can lodge a complaint with the Information Commissioner’s Office. We encourage you to come and talk to us about the problem first so we can try and resolve it.
Who can I speak to for more information?
If you would like more information about data protection, please email email@example.com.