Grace Church Guildford and Chertsey Street Baptist Church Trust
Grace Church Guildford, previously known as Chertsey Street Baptist Church (this name is still used in some contexts) and Chertsey Street Baptist Church Trust (together “GCG"), Chertsey Street, Guildford, Surrey GU1 4HL.
GCG only collects personal information for the purposes set out below and will not sell that personal information nor provide it to third parties without your consent unless required by law to do so. This policy sets out how we deal with the personal information we collect.
HOW WE COLLECT INFORMATION
Personal information is collected through our website, from social media, the internet, CCTV, by photographic and video cameras (subject to our Social Media Policy) which you can request by contacting us at firstname.lastname@example.org and from individuals, organisations, the parents or guardians of minors and from the carers of vulnerable adults. We do not use commercial databases.
THE INFORMATION WE COLLECT
GCG collects personal information about its members, staff, those attending its activities, those who seek counsel or assistance from us and the parents, guardians and carers of such persons, persons and organisations we support or work with, our suppliers and persons who we believe may be interested in our activities or ministry. This personal information includes contact details, and date of birth. We may also collect sensitive personal data (see note 1) and information required so that we can provide suitable counsel, advice, assistance, services and facilities. We will only collect information that is needed for the purposes set out in the next paragraph.
OUR USE OF THE INFORMATION
We use personal information for the present and future
promotion of the purposes of our organisation
the promotion and administration of our organisation and its activities and persons, organisations and activities which we support, including distribution of information about our activities and the persons and organisations we support by post, email, telephone, SMS, our website or other technology whether or not currently known or in use;
monitoring and assessing the quality of our activities and services;
welfare of our employees, members and other persons attending our premises or activities or receiving counsel or assistance from us, and co-operation with and support of other persons and organisations.
security of our premises, assets, employees and persons attending our premises or activities.
We may share personal information with your parents, guardians or carer and other persons or agencies providing you with counsel, advice, assistance, services or facilities. Information provided in respect of a particular activity may be used by us in connection with any of our other activities.
INFORMATION PROVIDED BY THE PARENTS OR GUARDIANS OF MINORS etc.
Sensitive Personal Data (see note 1) relating to a minor or vulnerable adult shall be given on a form provided by GCG.
SAFEGUARDING PERSONAL INFORMATION
We are committed to protecting the security of your personal information. We use a variety of technological, physical and organisational protections and procedures, such as encryption, passwords and physical security measures, to help protect your personal information from being accidentally lost and unauthorised access, use, alteration or disclosure. We will take particular care of sensitive personal data (see note 1) and security measures will reflect the importance of keeping sensitive personal data secure.
In addition, we limit access to your personal data to those employees, church officers and volunteers who need to know. They will only process your personal data on our instructions. We will ensure that staff and members who handle personal data are adequately trained and monitored. Any agent employed to process data on our behalf will be bound to comply with this Data Protection Policy by a written contract.
We have put in place procedures to deal with any suspected data breach and will notify you and the Information Commissioner’s Office where we are legally required to do so.
We will not keep your personal information for longer than is necessary for the purposes for which we use it. We will hold your data for varying lengths of time depending on the type of information in question but in doing so we will always comply with Data Protection legislation. Details of retention periods are available in our retention policy which you can request by contacting us at email@example.com
Where personal data needs to be deleted or destroyed adequate measures will be taken to ensure that data is properly and securely disposed of and particular care will be taken over the destruction of manual sensitive personal data.
KEEPING PERSONAL INFORMATION UP TO DATE
Please inform us if you think any of the personal information we hold about you or a minor or vulnerable adult whose information you supplied to us is not up to date or is incorrect so that we can amend it. If you are a member of GCG you can do this through ChurchSuite.
We will contact you annually to check that the information we are holding is accurate and that you agree to us holding it.
ACCESS TO YOUR PERSONAL INFORMATION
You have a right to request access and rectification of your personal information by contacting us. In all cases we will treat requests to access information or change information in accordance with the applicable legal requirements, however safeguarding the welfare and interests of minors and vulnerable adults will always take priority over such access. We will reply to your request within 30 days.
You also have the right to:
object to processing of personal data that is likely to cause, or is causing, damage or distress;
prevent processing for the purpose of direct marketing;
object to decisions being taken by automated means;
in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
claim compensation for damages caused by a breach of the Data Protection regulations.
TRANSFERING PERSONAL INFORMATION OVERSEAS
We may transfer some personal information to countries outside the European Economic Area if this is necessary for the uses of the personal information set out above.
INFORMATION FROM YOUR USE OF OUR WEBSITE
We may collect standard Internet log information about how and when you use our website. This information may include but, not be limited to your IP address and location personal information, weblogs, time, date, browser used, referring web addresses, other communication personal information, searches conducted, pages visited.
Cookies and similar technologies and IP addresses
PUBLIC INFORMATION AND THIRD PARTIES
Social Media Widgets
Links to Third-Party Sites
Our website includes links to other websites whose privacy practices may differ from ours. If you submit personal information to any of those sites, your information is governed by their privacy policies and we do not accept any responsibility or liability in respect of third-party sites. Please check the privacy policies published on any third-party sites which you may access through our website before submitting personal information to them.
For further information on how your information is used, how we maintain the security of your information and your rights to access information we hold on you or to discuss anything in this privacy notice, please contact firstname.lastname@example.org
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
Note 1 Sensitive Personal Data includes information about a person’s religious beliefs, physical or mental health, including dietary requirements, sexual orientation and trade union activity but does not include information about financial matters.