Privacy Policy

Holy Trinity Church, Eastbourne is committed to respecting your privacy and ensuring that the personal data you have entrusted to us is collected and processed in accordance with the General Data Protection Regulation that comes into force in May 2018. These regulations are intended to strengthen your rights and give you control over the personal information that organisations hold about you.                   

Your information rights and choices

Data regulations give you the right:-

  • To request in writing and securely obtain copies of the personal information Holy Trinity Church holds about you

  • To have us correct up update your personal information processed by Holy Trinity Church.

  • To request Holy Trinity Church to stop using your personal information for any purpose where there is no legitimate requirement for continued processing.

Sensitive Personal Data

Data Protection regulations recognise some information as ‘sensitive personal data’ or ‘special category data’. This includes but is not limited to information which reveals your health issues, race or ethnic origin or your religious beliefs.

When you share personal information with us we will check that you are happy for us to hold this information and we will keep it confidential within Holy Trinity Church, Eastbourne.  We will ensure that we process and treat such sensitive personal data with the greatest of care and in accordance with the current Data Protection Regulations.

At Holy Trinity Church we store contact details and other information about people who are connected with the church. This helps us to communicate well with you about church activities that you are involved with and new events that are coming up. It also helps the staff team with their oversight of what is happening in the church and who is involved. We may also record attendance information, for instance in children's groups, to help us manage these groups effectively and for child protection requirements.

We use a computer system to keep all this data safe and to help us comply with data protection regulations. If you opt in to allowing your data to be shared with other church members on this system then they will have access to read parts of your contact details at your discretion.

The information that we keep usually consists of your name, adult/child, gender and family connections. If you have provided them to us then we will also keep your address, telephone, email addresses, mobile number, occupation, website, company, allergies and date-of-birth.

If the church is involved in your pastoral care, then information relating to this may be  stored. We will also store information regarding membership of groups or committees within the church, such as being an attendee of a congregation or small group. We may also

process and store information on any invitations we have sent to you for activities or events, your attendance at any activities or events, details of any church-related subscriptions and all information we may have requested for the purposes of DBS checks. It will also be necessary to store information about ministries you are involved with and the dates and times of any duties associated with those ministries.

We may “profile” the information we collect about you and use automatic processing particularly for the purposes of choosing how relevant a church activity is to you based on group membership, age, gender or address. If you are involved with a ministry at the church we may email or text you about this ministry, for instance with rota updates or information about what's coming up. If you opt-in to receiving emails about new ministries, events or products then we can keep you advised of those things that may interest you.

The data protection supervisor for the church is Liz Edwards and can be reached at office@hteastbourne.org.uk Requests regarding data protection should be sent here.

The General Data Protection Regulations provide several acceptable reasons for processing your information. If you are a regular attendee at the church or a recent new contact then we use the “Legitimate Interest” reason because keeping your contact details is important to running the church. If you are not a regular attendee then we use the “Consent” reason which requires us to get your opt-in consent allowing us to process your data. If you are a church attendee who has left the church, we may keep your name on record, for historical or statistical purposes for a limited period of 3 years. We may keep more details and for longer periods if you have been involved in ministries that have legal record-keeping obligations such as child-protection, employment or accident reporting. Details of retention policies for many different scenarios are published by the Church of England and could be more than 50 years.

You have various rights under the General Data Protection Regulations:

You have the right to erasure – the right to request that we delete some or all of your details. This right

only applies where we have no legitimate interest or legal requirement (e.g. child protection) to keep them. For example, if you gave us your mobile number but now want us to delete it, since it's not a requirement for running the church, but just a convenience, then we are obliged to do so. If you are not currently involved with the church and have not been involved in any ministries that would legally require us to keep records then we require opt in consent from you to keep your data. You have the right to withdraw this consent at any time.   Legitimate Interest is also overridden by your interests, rights or freedoms. For example, if we want to keep your address to help us provide pastoral care, but you argue that you want your address to be totally secret because you would be at risk of harm if it became known, then that risk would override our convenience and we would be obliged to delete it.

You have the right to rectification – if we hold incorrect details about you then you can require us to correct them.

You have the right to be informed about how we use your contact information.

You have the right of access – we must provide you with details of information we hold about you on request. However, if your request is manifestly unfounded or excessive then we can charge a reasonable fee for responding or we can refuse to respond.

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you think we have been mishandling your data.

You have the right to restrict further processing of your data for example if you have lodged a formal complaint and are awaiting the outcome.

You have a right of portability – the right to request that all of your information be sent to another church or organisation

 

The full detail of your rights can be found on the ICO's website.                                                GDPR/May/2018