Purpose of this privacy notice
The purpose of this privacy notice is to explain what personal information we collect about you and how we process it. This privacy notice also explains your rights, so please read it carefully. If you have any questions, you can contact us using the information provided above.
Who this privacy notice applies to
This privacy notice applies to you if:
Are a Member of the Church, Church Visitor, Service user and Website Visitor. This privacy notice applies to any personal data collected by us or on our behalf, by any format – phone, letter, email, online, or face to face.
Personal information we collect
We currently collect and process the following personal information:
- your name;
- your contact details (including postal address, telephone number, e-mail address and/or social media identity);
- your date of birth;
- your gender;
- telephone number
- your bank or credit card details where you provide these to make a payment;
- information about your activities on our website(s) or social media platforms when you interact with us, and about the device you use to access these, for instance your IP address and geographical location;
- information about events, activities and products which we consider to be of interest to you;
- information as to whether you are a taxpayer to enable us to claim Gift Aid;
- age, nationality and ethnicity information for monitoring purposes; and
- any other personal information you provide to us.
Certain types of personal information are in a special category under data protection laws, as they are considered to be more sensitive. Examples of this type of sensitive data (known as “special category data”) would be information about health, race, religious beliefs, political views, trade union membership, sex life or sexuality or genetic/biometric information.
We only collect this type of information about our members or visitors to the extent that there is a clear reason for us to do so, for example asking for health information if you are taking part in our annual summer sporting event, or where we ask for information for the purpose of providing appropriate facilities or support.
How we get the personal information
Most of the personal information we process is provided to us directly by you for one of the following reasons:
Church membership, Visitors, Church Events, Cell Group, Pastor’s directory, Appointments, Donations and SEO purposes.
We collect your personal data through many different ways. You might give us your personal data yourself, by entering your information in a form on our website or by during a Church service, in writing or over the phone.
We also receive personal information indirectly, from the following sources in the following scenarios:
Pastoral Care & visitation or from other agencies or local authorities if required.
What we do with your personal information
We use the personal information that you have given us in order to contact you about official Church news, Church activities and events, livestream, on-demand videos, about opportunities to get involved with the church, to include you on the distributed contact list and to provide pastoral care and support.
Sharing your personal information
We may share the personal information with Elim Head Office, Medical Officer or Law Enforcement Agency.
Our lawful basis
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
(a) Your consent. You can contact us to remove your consent at any time.
(b) We have a legal obligation.
(c) We have a vital interest.
(d) We have a legitimate interest.
How we store your personal information and how long we keep it
Your information is securely stored on our electronic Church database system.
We will endeavour to keep your information accurate and up to date and not keep it for longer than is necessary. Your personal data is kept in line with our Retention Schedule. The retention schedule sets out the kinds of information we create and use, how long it should be kept, and what should be done with it at the end of its ‘life. We will dispose your information by permanently deleting it off the Church database system.
We may transfer your personal data to countries outside the United Kingdom in order to provide our services. The laws in these countries may not offer the same level of protection for personal data as in the United Kingdom.
All our data is processed and stored in the UK; however, our website server is in the US.
If we transfer personal data to countries outside of the United Kingdom, we will do so in a lawful way and may rely on:
- An adequacy decision from the Secretary of State, which says that the recipient country provides an adequate level of protection of personal data
- The UK-US Data Bridge for transfers from the UK to the US
- Appropriate safeguards to protect the personal data (for example, the international data transfer agreement)
- A lawful exception to the rules relating to overseas data transfers (for example, the transfer is necessary to perform a contract with you, which is in your interests)
Your data protection rights
Under data protection law, you have rights including:
- Your right to be informed – You have the right to know what personal information we have about you, how we use it, for what purpose and in accordance with which lawful basis, who we share it with and how long we keep it. We use our privacy notice to explain this.
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
- Your right not to be subject to automated decision-making. We do not use automated decision-making.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us using the contact details at the top of this privacy notice.
You can also complain to the ICO if you are unhappy with how we have used your data. The ICO’s contact details are:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
What else you should know about privacy
Remember to close your browser when you have finished your user session. This is to ensure that others cannot access your personal information and correspondence if you share a computer with someone else or are using a computer in a public place like a library or internet cafe. You as an individual are responsible for the security of, and access to, your own computer.
Please be aware that whenever you voluntarily disclose personal information over the internet that this information can be collected and used by others. In short, if you post personal information in publicly accessible online forums, you may receive unsolicited messages from other parties in return. Ultimately, you are solely responsible for maintaining the secrecy of your usernames and passwords and any account information. Please be careful and responsible whenever you are using the internet.
Our pages may contain links to other websites, and you should be aware that we are not responsible for the privacy practices on other websites.