Churches Together in Basildon for Data Protection.
Churches Together in Basildon (CTB) uses personal data about living individuals for the purpose of administration and communication.
Churches Together in Basildon recognises the importance of the correct and lawful treatment of personal data. All personal data, whether it is held on paper, on computer or other media, will be subject to the appropriate legal safeguards as specified in the Data Protection Bill/Act 2017 the General Data Protection Regulation 2016/679.
Churches Together in Basildon fully endorses and adheres to the eight principles of the Data Protection Act. These principles specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transportation and storage of personal data. Employees and any others who obtain, handle, process, transport and store personal data for Churches Together in Basildon must adhere to these principles.
The principles require that personal data shall:
- 1. Be processed fairly and lawfully and shall not be processed unless certain conditions are met.
- 2. Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose.
- 3. Be adequate, relevant and not excessive for those purposes.
- 4. Be accurate and where necessary, kept up to date.
- 5. Not be kept for longer than is necessary for that purpose.
- 6. Be processed in accordance with the data subject’s rights.
- 7. Be kept secure from unauthorised or unlawful processing and protected against accidental loss, destruction or damage by using the appropriate technical and organisational measures.
- 8. Not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
Maintaining Confidentiality
Churches Together in Basildon will treat all personal information as private and confidential and not disclose any data about individuals to anyone other than the leadership of the church or their nominees in order to facilitate the administration and day-to-day ministry of the church.
The Privacy Notice will be published on the Churches Together in Basildon Web Site and will be reviewed by Trustees each autumn. Individuals who regularly receive communications from the church in any form will be required to sign Consent Form which will be retained by the Chair of Trustees or his / her nominee.
All Churches Together in Basildon staff and volunteers who have access to Personal Data will be required to agree to sign this document to indicate their understanding and agreement.
There are four exceptional circumstances to the above permitted by law:
- 1. Where we are legally compelled to do so.
- 2. Where there is a duty to the public to disclose.
- 3. Where disclosure is required to protect your interest.
- 4. Where disclosure is made at your request or with your consent.
Use of Personal Information
Churches Together in Basildon will use personal data for three main purposes:
- 1. The day-to-day administration of Churches Together in Basildon.
- 2. Contacting individuals to keep them informed of Churches Together in Basildon
- 3. Statistical analysis; gaining a better understanding of church demographics. N.B. although collated church data may be passed to a third party, such as number of small groups or small group’s attendance, no personal data will be disclosed.
Operation
Churches Together in Basildon is registered with Information Commissioner: registration number Z7493213
At the time of writing this policy Churches Together in Basildon does not currently have a physical office. Therefore information may be held in one of the following forms:
- Paper held by various members of the leadership
- Electronically either:
- On computers owned by Churches Together in Basildon
- Computers owned by members of the leadership
It should be noted that the individual’s right of access to data held by the church applies to all of the above.
With respect to safe storage:
- Any computers belonging to Churches Together in Basildon must be password protected with Churches Together in Basildon members only being granted this password on a “need to know basis”. It is highly recommended that any particularly sensitive documents being individually password protected. It will be the decision of the leadership in collaboration with the Chair of Trustees who has access to these passwords.
- Data held on computers belonging to Churches Together in Basildon should be backed up at least monthly to minimise possible damage from viruses and ransom ware.
- Any paper work related to individuals or pastoral and financial matters should be kept securely in a lockable store
- Any paper work no longer active should be:
- Scanned and stored electronically OR
- Shredded and disposed of
Rights to Access Information
Employees and volunteers and other subjects of personal data held by Churches Together in Basildon have the right to access any personal data that is being held in certain manual filing systems.
This right is subject to certain exemptions: Personal Information may be withheld if the information relates to another individual.
Any person who wishes to exercise this right should make the request in writing to the Churches Together in Basildon Chair of Trustees (the Data Controller) , using the standard letter which is available on line from www.ico.gov.uk
If personal details are inaccurate, they can be amended upon request.
Churches Together in Basildon aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 40 days of receipt of a completed form unless there is good reason for delay.
In such cases, the reason for delay will be explained in writing to the individual making the request.