St Christopher’s Church Hinchley Wood (the “Church”)
As a Church, we want to encourage people to participate fully in our worship and community.
When you become more involved with us, this may mean sharing some of your personal information with us. We want you to feel confident that your personal information will be used in a legally-compliant and respectful way.
We are committed to treating everyone involved with the Church with respect and openness, and to bringing them into our community to be involved in our worship, and our family.
- Who we are
- How we collect information about you
- Information we collect and why we use it
- Legal basis for using your information
- Sharing your Information
- Keeping your information safe
- How long we hold your information for
- Your rights
1. Who we are:
- We are St Christopher’s Church, based in Hinchley Wood, in Surrey. We are a community of Christians within the Church of England, who worship together and share our lives together in prayer and friendship.
- The Church is committed to protecting your personal information in whatever way you choose to interact with us, and to making every effort to ensure that your personal information is processed in a fair, open and transparent manner.
- The Church is a “data controller” for the purposes of the Data Protection Act 2018 (“Data Protection Law”). This means that the Church is responsible for, and controls the processing of, your personal information.
- We have a Data Protection Committee comprising Emma Rush and Ann Ellis (as at January 2019), and they can be contacted via the Church Office, during working hours. The phone number for the Church Office is: 020 8398 9095. The email address for the Church Office is: email@example.com
2. How we collect information about you:
- We are a community of believers and we want to grow our community and include more people in everything that we do. To do that effectively will mean sharing communications with you, whether that’s through a visit to our website, or receiving emails, phone calls or post from us. When we communicate with you we collect information from you in the following ways:
- When you interact with us directly: This could be if you ask us about our activities, register with us for an event, apply for a job or volunteering opportunity, are added to our prayer lists or otherwise provide us with your personal information. This includes when you phone us, email us, visit our website, or get in touch through the post, or in person.
- When you interact with us through third parties: This could be if you provide a one-off donation through a third party such as Gift Aid or one of the other third parties that we might work with and provide your consent for your personal information to be shared with us. You may also provide us with a regular donation, by standing order, which will be governed by the Data Protection Policies of our provider, EasyFundraising.
- When you visit our website: We gather general information which might include which pages you visit most often and which events or information are of most interest to you. We may also track which pages you visit when you click on links in emails from us. We also use “cookies” to help our site run effectively. There are more details below – see ‘Cookies’.
- Wherever possible we use anonymous information which does not identify individual visitors to our website
3. Information we collect and why we use it
- Personal Information – The personal information we collect may include details such as your name, emailv address, postal address, telephone as well as information you provide in any communications between us.
- You will have given us this information whilst registering for an event, indicating an interest in volunteering or any of the other ways to interact with us.
- To update you with important administrative messages about the event you are interested in, the services you are interested in or the volunteering or employment opportunities you have applied for
- To keep a record of your relationship with us.
- Where you volunteer with us, to administer the volunteering arrangement.
- To keep you on our prayer lists, at your specific request, to remember you in our prayers on a regular basis.We will mainly use this information:
- If you do not provide this information, we may not be able to sign you up for a particular event or process your application to volunteer or seek employment, or remember you regularly in prayer.
- A special note about the Sensitive Personal Information we hold – Data Protection Law recognises that some categories of personal information are more sensitive than the general categories of personal information.
- Sensitive Personal Information can include information about a person’s health, race, ethnic origin, political opinions, sex life, sexual orientation or religious beliefs.
- If you contact us through the office email, or by telephone with a member of the Church clergy, you may choose to provide details of a sensitive nature.
- We will only use this information:
- For the purposes of dealing with your enquiry
- We will not pass on your details to anyone else without your express permission except in exceptional circumstances. Examples of exceptional circumstances might include anyone reporting serious self-harm or thoughts of suicide, anyone posing a threat to others or who has committed a criminal offence, or if children contact us and share serious issues such as physical abuse or exploitation.
- We will limit the time that we hold this information to six months from the date that you give it to us, unless you specifically request in writing that we hold it for longer than that. For example, you may wish to be remembered in prayers for a shorter or longer period than six months.
- Please address such requests to the member of clergy or clergy team with whom you are working, with the date for deletion of your Sensitive Personal Information included in your request.
4. Legal basis for using your information
- In some cases, we will only use your personal information where we have your consent.
- However, there are other lawful reasons that allow us to process your personal information and one of those is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for the Church to process your information to help us to achieve our vision of growing the community of believers in Hinchley Wood.
- Whenever we process your Personal Information under the ‘legitimate interest’ lawful basis we make sure that we take into account your rights and interests and will not process your personal information if we feel that there is an imbalance.
- Some examples of where we have a legitimate interest to process your Personal information are where we contact you about our mission and activities via post, use your personal information for data analytics, conduct research to understand better who our supporters are, improve our services, for our legal purposes (for example, dealing with complaints and claims), or for complying with guidance from the Charity Commission
- We will only contact you about our work and mission by phone, email or text message, if you have agreed for us to contact you in this manner.
- However, if you have provided us with your postal address we may send you information about our work and mission by mail unless you have told us that you would prefer not to hear from us in that way.
- You can update your choices or stop us sending you these communications at any time by
- contacting the Church Office.
6. Sharing your Information
- The personal information we collect about you will only be used by our clergy, employees and relevant volunteers at the Church so that they can support you.
- We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor will we sell any information about your web browsing activity.
- Legal disclosure – We may disclose your information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority); or to enforce our conditions of sale and other agreements.
7. Keeping your information safe
- We take looking after your information seriously. We’ve implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss.
- Unfortunately the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data transmitted to our site.
- Our website may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that advertisers or web sites that have links on our site may collect personally identifiable information about you. This privacy statement does not cover the information practices of those websites or advertisers.
- Any debit or credit card details which we receive on our website are passed securely to SumUp our payment processing partner, according to the Payment Card Industry Security Standards.
8. How long we hold your information for:
- We will only keep your personal information for as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations (for example, the collection of Gift Aid).
- Where personal information is provided as part of a ceremony of christening, a marriage or a funeral or committal of ashes, under the Church of England’s statutory duties to maintain registers of these events, we are required by law to keep your personal information permanently.
9. Your rights
- You have various rights in respect of the personal information we hold about you – these are set out in more detail below.
- If you wish to exercise any of these rights or make a complaint, you can do so by contacting our Data Protection Officer at the Church Office. The address for the Church Office is: Church Office, St Christopher’s Church, Claygate Ln, Esher KT10 0AQ. The phone number for the Church Office is: 020 8398 9095. The email address for the Church Office is: firstname.lastname@example.org
- ou can also make a complaint to the data protection supervisory authority, the Information
- Commissioner’s Office, https://ico.org.uk/
Your Data Protection Rights
- Access to your personal information: You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making. You can make a request for access free of charge.
- Please make all requests for access in writing, and provide us with evidence of your identity, for example a photocopy of a photo-card driving licence .
- Right to object: You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes. Please contact us as noted above, providing details of your objection.
- Consent: If you have given us your consent to use personal information (for example, for marketing), you can withdraw your consent at any time.
- Rectification: You can ask us to change or complete any inaccurate or incomplete personal information held about you.
- Erasure: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
- Portability: You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
- Restriction: You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.
- No automated-decision making: Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent, it is necessary for a contract between you and us or is otherwise permitted by law. You also have certain rights to challenge decisions made about you. We do not currently carry out any automated decision-making.
- Please note, some of these rights only apply in certain circumstances and we may not be able to fulfil every request.
- ‘Cookie’ is a name for a small file, usually of letters and numbers, which is downloaded onto your device, like your computer, mobile phone or tablet when you visit a website.
- Cookies allow websites to recognise your device, so that the sites can work more
- effectively, and also gather information about how you use the site. A cookie, by itself, can’t be used to identify you.
- The cookies we use are the standard cookies that are necessary to make the WordPress Website Framework work effectively and record your preferences. All cookies expire after 1 month.
- Opting out of cookies – You can opt out of all our cookies (the website will create a cookie to record that you have opted out of cookies!). But, if you choose to refuse all cookies, our website may not function for you as we would like it to.