DATA PRIVACY NOTICE

The Parochial Church Council of St Luke with St Augustine New Catton (The PCC)

1. Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

2. Who are we?

The PCC is the data controller (contact details below).  This means it decides how your personal data is processed and for what purposes.

3. How do we process your personal data?

The PCC complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for the following purposes: –

  1. What is the legal basis for processing your personal data?
  1. Sharing your personal data
    Your personal data will be treated as strictly confidential and will only be shared with other members of the church in order to carry out a service to other church members or for purposes connected with the church. We will only share your data with third parties outside of the parish with your consent or if prescribed to do so by law, or to undertake legal processes. This would include personal data being sent to the Diocese as part of evidence for calculating Statutory Fees for funerals, banns, weddings etc, or sharing Gift Aid data with HMRC and those involved in accounts preparation and examination. 
  1. How long do we keep your personal data[1]?
    We keep data in accordance with the guidance set out in the guide “Keep or Bin: Care of Your Parish Records” which is available from the Church of England website [see footnote for link].  Specifically, we retain electoral roll data while it is still current; gift aid declarations and associated paperwork for up to 6 years after the calendar year to which they relate; and parish registers (baptisms, marriages, funerals) permanently.
  1. Internet and digital services

The PCC runs websites and visits to those websites captures certain information such as the type of  browser used to access the site, IP address of the device used, pages viewed.  We will not use this information to identify individuals and will only use the data to identify trends and patterns of usage to improve our services.

The PCC also uses various electronic services, such as Facebook and Mailchimp accounts, to communicate images, audio, video and information relating to events, activities and the service provided.  These are used to promote upcoming activities or to provide memories of historical events. These services will only be used to make direct contact with you about services, activities, events, etc. that you have agreed to receive information about.

[Please note, the majority of these accounts are publicly available and our posting/publishing of information to those public accounts is not tailored to specific personal preferences; signing up/subscribing to those accounts will deliver information non-specifically.]

Personal information provided by yourself on those services, and by your use of them, is subject to the Privacy Notice of the respective service provider (e.g. Facebook etc.).

The PCC uses the data you provide relating to those services (e.g. likes, follows, comments) made upon those accounts in order to improve our service.  This will be performed in an anonymised or pseudonymised fashion so that only trends of usage and uptake of the services are monitored. It will not be used to identify or track individual’s behaviour.

All images, videos, audio files and information used on the internet and digital services published by The PCC are used with the subject’s permission and the permission of the owner of the material.

Please note that the audio of sermons and some events are recorded and made available publicly to listen to later; background noise may be picked up during recording which can include your voice.

  1. Your rights and your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –

  1. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

  1. Contact Details

To exercise all relevant rights, queries of complaints please in the first instance contact the Data Protection Officer, Howard Green at howard_green@btinternet.com.

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

[1] Details about retention periods can currently be found in the Record Management Guides located on the Church of England website at: – https://www.churchofengland.org/more/libraries-and-archives/records-management-guides