Way Church uses personal data about living individuals for the purpose of general church administration and communication.
Way Church recognises the importance of the correct and lawful treatment of personal data. All personal data will be subject to the legal safeguards defined in the General Data Protection Regulation Act 2017.
Way Church fully endorses and adheres to the eight principles of the GDPR. These principles specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transportation, and storage of personal data. Employees and any others who obtain, handle, process, transport, and store personal data for Way Church must adhere to these principles.
How we collect information about you
We collect personal information each time you are in contact with us.
For example, when you:
- Visit our website;
- Register you or your dependents on our website at https://www.way.church
- Donate using an offering envelope or via any electronic means;
- Register for an event;
- Provide your contact details to Church staff or volunteers;
- Communicate with the Church by means such as email, letter, telephone;
- Face to face meetings with staff and volunteers;
- Access social media platforms.
Way Church will treat all your personal information as private and confidential and not disclose any data about you to anyone outside the church and then only to facilitate the church administration and ministry.
All Way Church staff and volunteers who have access to personal data will be required to sign our data protection policy.
There are four exceptional circumstances to the above permitted by law:
- Where we are legally compelled to do so.
- Where there is a duty to the public to disclose.
- Where disclosure is required to protect your interest.
- Where disclosure is made at your request or with your consent.
Use of Personal Information
Way Church will use your data for three main purposes:
- The day-to-day administration of the church; e.g. pastoral care, ministry rotas, maintaining giving records for audit and tax purposes.
- Contacting you to keep you informed of church activities and events.
- Statistical analysis; gaining a better understanding of church demographics.
Information contained on the database will not be used for any other purposes than set out in this section. The database is accessed through the cloud and therefore, can be accessed through any computer or smart device with internet access. The server for the database is in the UK and hosted by ChurchSuite.
Access to the database is strictly controlled and granted to approved users each having their own user id and password.
Those authorised to use the database only have access to their specific area of use within the database.
This is controlled by the Data Controller and other specified administrators.
Administrators are the only people who can access and set these security parameters.
People granted secure access to the database include Way Church Staff, Ministry Team Leaders, and group leaders.
There is a full audit trail of all activity on the database which is logged and can be reviewed by the Database Controller.
All individuals who are the subject of personal data held by Way Church are entitled to:
- Ask what information the church holds about them and why.
- Request access to their information.
- Be informed how to keep it up to date.
- Be informed what Way Church is doing to comply with its obligations under the General Data Protection Regulation 2017
Personal information will not be passed onto any third parties outside the church environment.
Way Church does not sell or pass any of your personal information to any other organisations and/or individuals without your express consent.
Sensitive Personal Information:
Way Church may collect and store sensitive personal information such as health information or registration for church events.
Your personal information will be kept strictly confidential. It is never sold, given away, or otherwise shared with anyone, unless required, by law.
Rights to Access Information
Employees and other subjects of personal data held by Way Church have the right to access any personal data that is being held in certain manual filing systems. This right is subject to certain exemptions: Personal Information may be withheld if the information relates to another individual.
Any person wishing to exercise this right should make the request in writing to the Way Church Data Officer, using the standard letter which is available online from www.ico.gov.uk.
Please address all correspondence to:
FAO: The Data Protection Officer
or by emailing firstname.lastname@example.org
If personal details are inaccurate, they can be amended upon request.
Way Church aims to comply with requests for access to personal information as quickly as possible but will ensure that it is provided within 30 days of receipt of a completed form unless there is good reason for delay. In such cases, the reason for delay will be explained in writing to the individual making the request.