DATA PRIVACY NOTICE
ST MICHAEL AND ALL ANGELS, CLAVERDON
PAROCHIAL CHURCH COUNCIL (PCC)
This Privacy Notice is provided by the PCC to explain what to expect when we collect and process your personal information in accordance with the UK General Data Protection Regulation (GDPR). The PCC is the data controller.
1. Why we collect and use your personal data?
We use personal data for the following purposes:
· to inform you of news, events, activities and services running at Claverdon church;
· in order to comply with the Church of England's safeguarding requirements;
· to administer membership records;
· to fundraise and promote the interests of the PCC;
· to manage our employees and volunteers;
· to maintain our own accounts and records (including the processing of gift aid applications).
2. The categories of personal data we collect are:
· your name and contact details
· records relating to your recruitment to any church roles that involve substantial contact with children or vulnerable adults
· a record of any satisfactory DBS checks
· a record of any safeguarding training that you have undertaken
· any other information required by the Church of England's Safer Recruitment and People Management Guidance.
The PCC complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure; and by ensuring that appropriate technical measures are in place to protect personal data.
3. The lawful basis for processing your personal data
· Consent – we will obtain your consent to send you information about church events or newsletters
· Legal obligation – we are required by law to collect and process data for weddings, funerals, baptism etc. In addition we need to meet the obligation set out in the Church of England's:
o Safeguarding and Clergy Discipline Measure 2016
o Safeguarding (Code of Practice) Measure 2021
o Safer Recruitment and People Management Guidance
o Safeguarding Learning and Development Framework
4. Sharing personal data
Your personal data will be treated as strictly confidential and will only be shared with the PCC and the Coventry Diocese.
5. How long do we keep data?
We keep data in accordance with the guidance set out in the guide “Keep or Bin: The Care of Your Parish Records”: Records management guides | The Church of England.
6. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data. The right:
· to request a copy of the personal data which the PCC holds about you (a Subject Access Request or ‘SAR’);
· to request that the PCC corrects any personal data if it is found to be inaccurate or out of date;
· to request your personal data is erased where it is no longer necessary for the PCC to retain such data;
· to withdraw your consent to the processing at any time where we have obtained your consent;
· to request that the data controller provide you with your personal data in a structured, commonly used and machine-readable format. Also, to transmit that data directly to another data controller (in limited circumstances).
· where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
· to object to the processing of personal data (in limited circumstances);
· to lodge a complaint with the Information Commissioner’s Office.
7. Concerns and/or complaints?
To exercise all relevant rights, or for queries or complaints please in the first instance contact the Parish Secretary at churchesofardenoffice@gmail.com.
You can contact the Information Commissioner’s Office on 0303 123 1113.