Privacy Policy
PRIVACY COMMITMENT
Welcome Church is committed to protecting and respecting your privacy. This policy sets out what personal data we collect from you, or that you provide to us, and how it will be used. Please read it through carefully and if you have any queries please email to data@welcomechurch.uk.
WHERE WE COLLECT INFORMATION FROM
Generally, we will only collect your data when you give it to us directly, for example when you:
Sign up to our mailing list
Give us your details at one of our events or activities
Register your children for one of our events
Apply for or attend one of our events or activities (paid or free)
Contact us on one of our online platforms such as (but not exclusively) our website, Twitter, Facebook or Instagram
Contact us directly by telephone, electronically, post or in person
Purchase a ticket for an event or activity
Make a donation to the church
Apply for a position, paid or voluntary
Sometimes we may also receive your data indirectly because you have given permission to other organisations to share your data, or it is publicly available. For example:
Your likes and preferences on social media and some websites (depending on your privacy settings on those platforms), Information from public sources such as Companies House, the internet or published in newspapers and magazines.
WHAT WE COLLECT AND HOW IT IS USED
Personal Data
Personal data includes your contact details, date of birth, your contact preferences, details of communications with you, images of you taken at participatory and public events, details of your transactions and your access or other requirements. We may also keep information such as which groups you are part of, what courses and events or activities you have attended.
We use this information to effectively manage the church, to provide you with the best service for your needs, and to keep you informed about Welcome Church.
Special Category Data
Special Category Data may be asked for in certain instances; this includes your bank details (if we need to pay you), ethnicity, gender identity, medical information including allergies and next of kin. In certain situations, we may also record information regarding pastoral care and support that is given to you.
This information is available to a restricted number of people for whom it is deemed necessary. It is used to process some transactions, in the case of an emergency, or safeguarding (including, but not exclusively, for things like children’s camps and trips) or aggregated and anonymised for monitoring and reporting as required by funding bodies.
Children’s Data
We collect and store data for under 18s who participate in any of our events or activities, which includes Special Category Data. Where possible and when appropriate, we obtain consent from the parent/carer of the child before collecting this data. This information is available to a restricted number of people for whom it is deemed necessary. When the young person reaches 18, consent is sought from the individual.
WHY DO WE COLLECT AND USE YOUR INFORMATION?
You give us your personal data so that we can efficiently and effectively manage the administration of the church and the events and activities that we do, including providing appropriate pastoral care, monitoring and assesses the quality and effectiveness of the services we provide, and to fulfil our purposes as a church.
Based on your contact preferences we use your details to keep you up to date with the latest information and forthcoming events. You can opt out of this at any time.
When you make a donation to Welcome Church and choose to make a Gift Aid declaration this will be stored against your record and your Personal Details will be shared with HMRC.
When you apply for a job (paid or voluntary), work experience, or to help on a serving team, we collect Personal Data and Special Category Data as part of your application. For any role that requires a DBS (Disclosure and Barring Check) to comply with safeguarding regulations, this data is shared with ThirtyOne:Eight and through these the relevant organisations required to perform the DBS check.
When you visit our website we may automatically collect technical information about your session including the Internet Protocol (IP) address that connects your device to the internet, the type of device you use, your browser, operating system, and from where you have arrived at our site. We do not link this information to anything that identifies individuals. This information enables us to analyse how the website is used, and where improvements can be made.
We use essential and non-essential cookies on our website. A cookie is a small text file of letters and numbers that gets put onto your computer when you visit a website. This allows the site to distinguish you from other users. Essential cookies are required to login or to purchase items from our website. Non-essential cookies are used to track how you use and interact with our website and for analytical purposes and to monitor the efficacy of digital advertising. Cookies are not normally linked to information that allows us to identify individuals.
HOW WE KEEP YOUR DATA SAFE AND WHO HAS ACCESS
We have processes in place and carry out regular reviews of who has access to data to ensure that your information is only accessible to appropriately trained and identified people. Special Category Data is only accessible to the people for whom it is deemed absolutely necessary.
Paper files with Personal and Special Category Data are kept to a minimum and are stored securely when not in use. When they are no longer needed, paper copies are securely shredded.
If there is a breach of data that is likely to have a detrimental effect on individuals (for example, result in discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage), Welcome Church will notify the Information Commissioners Office within 72 hours of becoming aware of the breach. Any individuals affected will also be notified within this timeframe.
WHO DO WE SHARE YOUR INFORMATION WITH?
If legally required we may disclose your information to the police, regulatory bodies or legal advisors. We will only share your data in other circumstances with your consent.
We do not share your information with anyone outside the church except as described in this policy.
KEEPING YOUR INFORMATION UP TO DATE
Please let us know when your details change so we can make sure that our information is current. However, we do have other processes in place to ensure that we keep our records up to date:
If we find a record on our system that matches another one and we are sure it is the same person, we may merge the two accounts so we have all your information in the same place.
Images and film taken of public and participants may be used for up to ten years for marketing and publicity purposes by Welcome Church. After this point it will either be deleted, or if deemed to be of historical and public interest, added to our archive.
If you apply for a job, work experience, or to volunteer at Welcome Church and your application is unsuccessful, we delete/destroy the application 6 months after the closing date.
Records relating to donations, gift aid declarations, DBS checks, safeguarding and similar will be stored for at least the time required by law.
We will generally review all our records once a year and may contact you to ask if your details are up to date and if anything has changed.
YOUR RIGHTS
If you wish to amend your data, ask us to stop using your Personal and Special Category Data for reasons other than processing your transaction, or erase your Personal and/or Special Category Data please contact us.
You have a right to ask for a copy of the information we hold about you. To request this please send an email to data@allwelcome.uk. We do not make a charge for this, but may charge a reasonable administrative fee if we deem the request to be unfounded or excessive. We endeavour to respond to requests within 30 days.
You also have the right to:
· Object to processing of personal data that is likely to cause, or is causing, damage or distress
· Prevent processing for the purpose of direct marketing
· Object to decisions being taken by automated means
· In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
· Claim compensation for damages caused by a breach of the Data Protection regulations.
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/