PRIVACY POLICY

Your privacy is important to us and so is being transparent about how we collect, use, store and share information about you. This statement sets out how we will deal with any personal data we collect and how we use it.

1. Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

2. Who are we?

When we refer to “Life Community Baptist Church”, “we”, “us”, “our” or “church” in this Statement, we mean Life Community Baptist Church, a registered charity, number 1159548, contact details as below (see item 12).  Life Community Baptist Church is the data controller under the data protection legislation. This means it decides how your personal data is processed and for what purposes.

3. How and when we collect personal information

We typically collect personal data straight from the person it is about, for example, this may include when you:

• complete any of our forms requesting personal data;
• contact us via letter, telephone, email, through our website, or any other forms of communication from you;
• register for one of our activities or events;
• attend our church services, small groups or any other meeting run or hosted by us;
• become a Church Member;
• consent to share your contact details in our church directory;
• Information that you share with us for the purposes of pastoral care, encouragement, training and prayer

4. The types of personal information we may collect

The personal data we process can include information such as:

• Names and contact details;
• Characteristics such as your marital status, birthday date, age;
• Under 18s in your care: families making use of the children’s facilities during our services are required to provide personal data for their children (Additional data collected should they attend our children and young people groups – Age, Parent/Guardian Name(s) Parent/Guardian Phone Number, Parent/Guardian Email, GP Name, GP Address, GP Contact Number, Relevant Medical, Nutritional or Allergy needs or requirements). This data is provided with the consent of the parent or guardian;
• Details of money that you give to the church;
• Information contained in checks provided by the Disclosure & Barring Service;
• Photographs, video recordingsor audio recordings of people taken at our church services, events, activities or mission trips;
• Details of your visits to our website (including, but not limited to information about your computer, your IP address, geographical location, browser type and version, length of visit, number of page views and the resources that you access).

‘Special Category Data’

The GDPR recognises some information as ‘special category data’ which is more sensitive and so needs more protection. Some of your data that we collect, store and use may be classified as “special data” such as:

• Medical information and conditions (such as any allergies, medication, emergency contacts), health and sickness which it is necessary for us to know to operate safely and to ensure that the care and hospitality that we provide for you is appropriate to your needs;
  • Religious beliefs, these are classed as special data; therefore if the data we hold indicate that you are a Member of the church, these are classed as ‘special data’.

We will always treat any sensitive personal data we process with the greatest care and in accordance with the Data Protection Act.

‘Special categories of data’ (as referred to in the GDPR) includes information about a person’s: racial or ethnic origin; political opinions; religious or similar (e.g. philosophical) beliefs; trade union membership; health (including physical and mental health, and the provision of health care services); genetic data; biometric data; sexual life and sexual orientation.

We will not hold information relating to criminal proceedings or offences or allegations of offences unless there is an overarching safeguarding requirement to process this data for the protection of children and adults who may be put at risk in our church. This processing will only ever be carried out on advice from the Ministries Team of the Baptist Union of Great Britain or our Regional Association Safeguarding contact person.

Other data may also be considered ‘sensitive’ such as bank details but will not be subject to the same legal protection as the types of data listed above.

5. Why do we need your personal data and how will it be processed?

We process personal data in both electronic and paper form.

Life Community Baptist Church complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Personal information that we collect may be used by us in a number of ways:

• To communicate with you;
• To maintain our list and records of church members and regular attenders;
• To provide pastoral care and support for members and others connected with our church;
• To tell you about news, events, activities, meetings and services that the church is running or by other Christian groups;
• To promote the interests of the charity;
• To help us provide services to the community such as our Tea & Chat, Lunch Club initiatives, children’s and youth groups;
• To provide registration for events and courses.
• To safeguard children, young people and adults at risk;
• To help us organise rotas and groups for service in the church;
• To recruit, support and manage staff and volunteers;
• To maintain our accounts and records (including the processing of gift aid applications and expense claims);
• To respond effectively to enquirers and handle any complaints.
• To fulfil our purposes as a church;
• Exceptionally, to deal with church discipline in accordance with the church’s constitution.

6. What is the legal basis for us processing your personal data?

We are classed as a not-for profit organisation, with a religious aim.

• We have legitimate grounds for processing your data, including ‘special category data’, provided:
  • the processing relates only to our members or former members (or those who have regular contact with it in connection with those purposes) or those who are connected with us because of the activities they or their children attend; and
  • there is no disclosure of information to a third party without prior consent of the individual
• We also have a legal basis for processing data where it is necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement; the safeguarding of children and vulnerable adults, or for other legal reasons.
• We request explicit consent from you in certain situations. One example is so that we can keep you informed about news, events, activities and services provided by Life Community Baptist Church, or by other Christian groups.  We also ask for your consent so that we can include you in our Church Directory. You are free to change your preferences at any time. If at any time you no longer want your personal data used in a way that you have previously consented to, you can email lifehorsham@com or write to us at the address below (see item 12).

7. Sharing your personal data

Your personal data will be treated as strictly confidential and will only be shared with other members or attenders of the church in order to carry out a service for purposes connected with the church. We will only share your data with third parties outside of the church with your consent, unless the law requires us to do so.

People who subscribe to our newsletter (e-Breakthrough)

We use a third party provider, MailChimp, to send out mailings to supporters and subscribers (e.g. our weekly newsletter, e-Breakthrough). We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our mailings. MailChimp is based in the US, and transfers personal data from the UK to the US through Standard Contractual Clauses approved by the European Commission. Our newsletter can be unsubscribed from at any time – just look for the link at the bottom of the email. For more information, please see Mailchimp’s privacy policy: https://mailchimp.com/legal/

People who use Zoom

We use a third party provider, Zoom, for the online video conferencing service that we use for services, meetings, courses, events and training. Zoom is the data controller of personal information for users of its service. Users can choose to share or not to share their video, audio and chat messages. In session content is the responsibility of the user sharing it. If a session is being recorded or livestreamed by the host, a visual indicator will be displayed on screen. For more information, please see Zoom’s privacy policy: https://zoom.us/privacy.

People who register for our events or courses

We use a third party provider, TryBooking UK Ltd, for event ticketing and registration services. TryBooking is the data controller for personal data provided by it’s customers in the use of TryBooking services. We will not provide input your personal data in the booking system without your consent. In providing ticketing and registration services to the church, TryBooking acts as a data processor for your personal data, this includes sending emails to those registered for events, processing payments and providing event reports, such lists of those registered. Users can ask TryBooking to remove their data at any time using their Data Deletion Tool at https://www.trybooking.com/uk/book/customerData?action=delete&method=request. For more information, please see TryBooking’s privacy policy: https://www.trybooking.com/uk/info/privacy.

Visitors to our website – Google Analytics

When someone visits our website, https://life-baptist.org.uk/ we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it. For more information about how Google Analytics uses your data see their website: https://support.google.com/analytics/answer/6004245?hl=en. To opt-out of Google Analytics you can install their browser add-on  https://tools.google.com/dlpage/gaoptout

Visitors to our website – Use of Cookies

Like many websites, when someone visits our website, https://life-baptist.org.uk, it uses ‘cookies’ to better the users experience. As required by legislation, where applicable, this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer / device.
What are cookies? Cookies are small files saved to the user’s computer hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.  Users are advised that if they wish to deny the use and saving of cookies from this website on to their computer’s hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.

Visitors to our website – Links to other sites

Our website contains links to or from other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check their policies before you submit any personal data to those websites.

8. How long do we keep your personal data?

We will store your personal information for no longer than is reasonably necessary, usually only for the time that you are involved with the church. After this we may continue to hold your contact details for as long as you agree in order to keep you informed about the ministry of the church.

Additionally, we will comply with official guidance issued to our sector about retention periods for specific records.

9. Your rights regarding your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –

• The right to request a copy of your personal data we hold about you – to which we must respond within one month.
• The right to require that we correct any personal information if it is found to be inaccurate or out of date.
• The right to request that your personal data is erased from our records where it is no longer necessary for Life Community Baptist Church to retain such data;
• The right to withdraw your consent to the processing at any time (when we are relying on consent to process your data).
• The right to data portability which allows individuals to obtain and reuse their personal data for their own purposes across different services.
• The right to restrict processing of your personal data in certain circumstances; when processing is restricted, we are permitted to store the personal data, but not to process it further.
• The right to object to the processing of personal data, (where applicable) [Only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics].

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance by email lifehorsham(at)gmail.com or write to us at the address below (see item 12) or you may go directly to the Information Commissioner’s Office (ICO) at https://ico.org.uk/concerns/

10. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

11. Changes to our privacy notice

This version was issued in 25^th September 2020. Any changes we may make to our privacy notice in the future will be posted on our website and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to this notice.

12. Contact Details

To exercise all relevant rights, queries or complaints please in the first instance contact Life Community Baptist Church

The Trustee with responsibility for Data Protection is the Church Secretary, Anna Pisani.

Address: c/o 6 Curzon Avenue, Horsham, West Sussex, RH12 2LB United Kingdom

Email address lifehorsham(at)gmail.com

You can contact the Information Commissioner’s Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF. Further information can be found on the ICO’s website at https://ico.org.uk/

Revision Log

Version	Comments
1	First published 25th May 2018 in line introduction of GDPR Regulations.
2	Updates include use of Zoom video conferencing, TryBooking event ticketing platform, and MailChimp’s change from EU-US Privacy Shield to Standard Contractual Clauses.