This notice applies to all data subjects.
Note: a data subject is a person whose data is processed by Unity Church Orpington. For ease of reading this document and others within the GDPR regulations we will refer to a data subject as a person or anyone or everyone.
The Unity Church Orpington trustees are responsible for ensuring that everyone has sight of this notice prior to the collection and/or processing of their personal data by Unity Church Orpington.
All employees of or volunteers working on behalf of Unity Church Orpington who collect data from people interacting with the church ministries, are also required to ensure that this notice is brought to the attention of them , securing their consent for the processing of their personal data. This can be done through the use of check-boxes on any documentation where data is being collected.
3. Fair Processing Notice
Unity Church Orpington will use the personal data collected from you for providing information on our ministries, activities, events, for fundraising purposes and pastoral care, whether currently or in the future. Please note that you have provided your explicit (firm) consent for the use of your personal information by Unity Church Orpington for the aforementioned purposes(s). You may withdraw your consent by emailing: firstname.lastname@example.org at any time and you will be immediately withdrawn from all our contact lists.
We may store your data in a third-party application, where this is a secure means of keeping your personal data safe. We will never share your data with a third-party organisation for any other purposes without your express consent.
4. What is Personal Data?
The EU’s General Data Protection Regulation (“GDPR”) defines “personal data” as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
The GDPR requires that consent be provided by the data subject (a person) for all types of personal data, including those pertaining to the special categories set out above and otherwise. Consent must be explicitly provided.
When Unity Church Orpington requests sensitive data from anyone, it is required to confirm why the information is required and how it will be used.
5. Why does Unity Church Orpington need to collect and store personal data?
Unity Church Orpington is committed to ensuring that all personal information collected and processed is appropriate for the stated purpose(s) and shall not constitute an invasion of your privacy. We may need to share your personal data with a third party service provider in certain circumstances as part of our Pastoral ministry. We shall ensure that they will hold your personal data securely and shall use it only in order to fulfil the service for which they are established for. When there is no longer a need for that service, the third party will dispose of all personal data according to our procedures. We will never share your personal data with third parties until we have received your consent to do so, unless we are required do so by law.
6. How Unity Church Orpington uses your information
Unity Church Orpington will process your data (i.e. Collect, store and use) according to the requirements of the GDPR at all times and shall endeavour to keep your personal data up-to-date, ensuring its accuracy and will not keep it for longer than it is required. In some situations, there are set legal requirements for the length of time that Unity Church Orpington will retain your personal data but usually Unity Church Orpington will use its discretion, ensuring that personal data is not kept outside of our usual business requirements.
We shall never be intrusive or invasive of your personal privacy and shall not ask you to provide data that is irrelevant or unnecessary and we will enact strict measures and processes to ensure that the risk of unauthorised access or disclosure of your personal data is minimised as much as possible.
We will only use your personal data for providing information on our ministries, activities events and for fundraising purposes.
We generally only hold your personal details to keep informed you of our ministries, activities and events. Exceptionally, we may need to hold other details. This will be for a specified purpose and the reason and extent of this will be made clear to you. In either case, it is your legal right to see the personal data we keep about you. If you wish to do so, please read our Subject Access Request Procedure, complete the form at the end and send it to us.
7. Covid – 19 Track and Trace
We may need to share your personal data with NHS Track and Trace to fulfil the current Government guidelines.