What is personal data?
Personal data is any information about to a living individual who can be identified from that data. Identification can be by the information alone, or the information plus any other information held by (or easily accessible to) the person whose has it. How organisations should process and store personal data is governed by the General Data Protection Regulation (the “GDPR”).
What sort of personal data does the church have?
We hold the following types of information if people have chosen to give it to us:
- Names and addresses so that we can post out calendars.
- Names and addresses of church members so that we can post out church meeting papers.
- Names and email addresses so that we can send you information about what is happening at the church.
- Names and bank details for anyone who gives by standing order, and Gift Aid Declarations for anyone who has completed these.
How do we store and process people’s personal information?
We comply with our obligations under the “GDPR” by:
- Keeping personal data up to date.
- Storing securely and destroying it if it is no longer needed.
- Only collecting and storing personal data if we really need it.
- Protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data – such as password-protecting it and using up-to-date virus protection software.
What do we use it for?
We use people’s personal data for the following purposes:
- To enable us to support Unitarianism in Newcastle upon Tyne, as specified in our church constitution.
- To administer membership records, for example sending out the Annual General Meeting papers.
- To maintain our own accounts and records (including the processing of gift aid applications).
- To inform you of news, events, activities and services.
How do we make sure we are doing this legally?
- When dealing with information such as email addresses for the mailing list, or addresses for the church calendar, we will always check with you (“obtaining explicit consent”) if you are happy for us to use this information for us to do this.
- Information such as addresses and bank details will be processed when necessary for carrying out legal obligations in relation to Gift Aid (or under employment, social security or social protection law, or a collective agreement).
- Religious and faith-based not-for-profit organisations are allowed to process data, provided:
- the processing relates only to members or former members of the organisation (or people who have regular contact with it in connection with those purposes); and
- we do not share your information with any other organisation (a “third party”) without your consent.
Confidentiality and sharing your personal data
Your personal data will be treated as strictly confidential and will only be shared with other members of the church in order to carry out a service to other church members or for purposes connected with the church. We will never share your data with anyone else without getting your permission to do this first.
How long do we keep your personal data?
We keep gift aid declarations and associated paperwork for up to 6 years after the calendar year to which they relate, information relating to donations for as long as the donations are active, information relating to membership for as long as required to provide you with service, information relating to us communicating with you for as long as you want us to do this, and church registers (baptisms, marriages, funerals) permanently.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to ask us what personal information we have about you.
- The right to ask us to correct any personal data we have about you if it is found to be inaccurate or out-of-date.
- The right to ask for your personal data to be deleted where it is no longer necessary for us to hold it.
- The right to withdraw your consent for us to use your information at any time.
If you want to ask questions about the personal data we have about you, please contact the church Secretary at: email@example.com or call: 0191 232 2348.
You can contact the Information Commissioner’s Office on 0303 123 1113, by email at:https://ico.org.uk/global/contact-us/email/ or by post at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
Information about your privacy and our website
Our website address is: http://www.newcastleunitarians.org.uk/wp.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.