Privacy
The following privacy policy was adopted by the parochial church council of St Giles-in-the-Fields in May 2018
1 Definition of personal data and role holders
‘Personal data’ is defined any information about a living individual which allows them to be identified from that data (for example, by a name, photograph, video, email address, or postal address). Identification can be by the information alone or in conjunction with any other information. ‘Role Holders includes volunteers, employees, contractors, agents, staff, retirees, temporary employees, beneficiaries, workers, treasurers and other role holders.
2 Joint data controllers
This Privacy Notice is provided to you by the Parochial Church Council (PCC) of St Giles-in-the-Fields which is the data controller for your data. The Church of England is made up of a number of different organisations and office-holders who work together to deliver the Church’s mission in each community. The PCC works together with Rector, the Bishops of the Diocese of London; and the London Diocesan Fund, which is responsible for the financial and administrative arrangements for the Diocese of London. As the Church is made up of all of these persons and organisations working together, it may be necessary for the PCC to share personal data we hold about yourself with them so that they can carry out their responsibilities to the Church and our community. The organisations referred to above are considered to be joint data controllers. Each of the joint data controllers have their own tasks within the Church and a description of what data is processed and for what purpose is set out in this Privacy Notice. This Privacy Notice is being sent to you by the PCC on its own behalf and also on behalf of each of the joint data controllers. In the rest of this Privacy Notice, ‘we’ refers to each of the joint data controllers.
​​
3 The types of general personal data held
-
Names and titles.
-
Contact details, including telephone numbers, addresses, and email addresses.
-
Information such as gender, age, date of birth, marital status, nationality, education and work histories, academic and professional qualifications.
-
Financial identifiers such as bank account numbers, payment card numbers, payment and transaction identifiers and policy numbers for those who hire the church.
​
4 How personal data is gathered and processed
All personal data will be kept data up to date, will be stored securely and deleted when no longer required.
Excessive amounts of personal data will not be collected or retained.
Personal data will be protected from loss, misuse, unauthorised access and disclosure
Appropriate technical measures will be in place to protect personal data.
5 The reasons why personal data is collected and how it is used
Personal data is collected and used for the following reasons:
-
To enable all legal and statutory obligations to be met;
-
To carry out safeguarding procedures
-
To provide pastoral and spiritual care (for example, to the sick) and to arrange ecclesiastical services such as baptisms, confirmations, weddings and funerals;
-
To deliver the Church’s mission to the community;
-
To administer the parish, deanery, archdeaconry and diocesan membership records;
-
To fundraise and promote the interests of the Church and charity;
-
To process any donations;
-
To notify of changes to services, events and personnel;
-
To send out communications requested and that may be of interest;
-
To enable a voluntary service to be provided for public benefit;
-
Please note that the church uses CCTV cameras for the prevention and prosecution of crime.
6 The legal basis for processing personal data
Personal data is gathered and kept so that the PCC can:
-
carry out legitimate interests, such as undertaking safeguarding enquiries for work with children and adults at risk;
-
comply with legal obligations, such as those required under the Church Representation Rules or for the publication of wedding banns;
-
enter into employment contracts or hiring agreements;
-
assist role holders to fulfil pastoral and administrative roles necessary for compliance with a legal obligation.
7 Sharing personal data
All personal data will be treated as strictly confidential. Personal data will only be shared with third parties where it is necessary for the performance of legitimate tasks or where we have first received consent. The PCC may be required to share information with appropriate bodies of the Church of England; agents contractors, other clergy or lay persons nominated or licensed by the bishops of the Diocese of London to support the mission of the Church; assistant or temporary ministers, commissioned lay ministers or persons with Bishop’s Permissions who may participate in our mission; and persons or organisations operating within the Diocese of London.
8 The length of time personal data is retained
Some personal data will be kept permanently if there is a legal requirement to do so.
Some personal data may be kept, such a financial records for a minimum period of 7 years
Personal data will only be kept for as long as necessary.
When no longer required, personal data will be deleted.
9 Rights over personal data
Role holders have the following rights over their personal data; please note that in order to gain access to personal data proof of identity may first be required by role holders:
-
The right to access information held on role holders, why it is held, who holds it, and where the information was obtained from; a response will be made within one calendar month, for which there shall be no fee.
-
The right to correct and update information held.
-
The right to have information erased.
-
The right to object to the processing of personal data
-
The right to request that personal data be transferred to another data controller.
-
The right to withdraw consent to the processing of personal data
-
The right to object to the processing of personal data where applicable.
-
The right to lodge a complaint with the Information Commissioners Office.
10 Changes to this notice
This Privacy Notice will be reviewed annually; updates will be placed on the church’s website.
11 Contact Details
The Data Controller is The Church Administrator, St Giles-in-the-Fields, 60 St Giles High Street, London WC2H 8LG | administrator@stgilesonline.org.
The Information Commissioners Office can be contacted on 0303 123 1113, at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or at .ico.org.uk/global/contact-us/email/.