Here at Grace Fellowship Manchester, your privacy is important to us. To better protect your privacy, we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used at this Grace Fellowship site.
Data Protection Principles
Under GDPR, all personal data obtained and held by us must be processed according to a set of core principles. In accordance with these principles, we will ensure that:
- processing is fair, lawful and transparent
- data is collected for specific, explicit, and legitimate purposes
- data collected is adequate, relevant and limited to what is necessary for the purposes of processing
- data is kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay
- data is not kept for longer than is necessary for its given purpose
- data is processed in a manner that ensures appropriate security of personal data including protection against unauthorized or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organization measures
- we comply with the relevant GDPR procedures for international transferring of personal data
THE INFORMATION WE COLLECT
The types of personally identifiable information that may be collected by us about you are:
- Date of Birth
- Email address
- Gift Aid information
- Congregational giving
- Details of your transaction/purchase history
- General email enquiries
- Contact telephone number
- Spouses Name
- Spouses contact telephone number
- Children(s) Name
- Children(s) Age
- Information about your ministry serving interests.
Grace Fellowship Manchester uses your personal information to maintain our church membership records, and for contacting you regarding involvement in the church community activities; advertising upcoming events and promoting our outreach programmes.
We hold the data within computer systems such as Google Apps, Microsoft apps and Donor box powered by Stripe Credit/Debit
The categories of information that we collect, hold and share include:
- Personal details such as name, titles;
- Contact details such as telephone numbers, addresses, and email addresses;
- Where they are relevant, or if you provide them to us, we may process demographic information such as gender, age, date of birth, marital status, nationality, education/work histories, academic/professional qualifications, hobbies, family composition, and dependents;
- Where you make donations or pay for activities such as events, financial identifiers such as bank account numbers, payment card numbers, payment/transaction identifiers, policy numbers, and claim numbers;
- The data we process is likely to fall under special categories of data because, as a church, the fact that we process your data at all may be suggestive of your religious beliefs.
HOW WE USE THE INFORMATION
The law on data protection allows us to process your data for certain reasons only. In the main, we process your data in order to provide appropriate pastoral care, to monitor and assess the quality of our services, to fulfill our purposes as a church and to comply with the law regarding data sharing. In legal terms, this is called ‘legitimate interests’. When it is required, we may also ask you for your consent to process your data. We do not share your information with others except as described in this notice.
We will always consider your interests, rights and freedoms. Some of our processing is necessary for compliance with a legal obligation. For example, we are required by HMRC to provide details of your personal data when your donations are eligible for Gift Aid. Religious organizations are also permitted to process information about your religious beliefs to administer membership or contact details. Where your information is used other than in accordance with one of these legal bases, we will first obtain your consent to that use.
How do we process your personal data?
We, as the data controllers, will comply with the legal obligations to keep personal data up to date; to store and destroy it securely; to not collect or retain excessive amounts of data; to keep personal data secure, and to protect personal data from loss, misuse, unauthorised access and disclosure and to ensure that appropriate technical measures are in place to protect personal data.
We use your personal data for some or all of the following purposes:
- To enable us to meet all legal and statutory obligations
- To carry out comprehensive safeguarding procedures (including due diligence and complaints handling) in accordance with best safeguarding practice from time to time with the aim of ensuring that all children and adults-at-risk are provided with safe environments;
- To minister to you and provide you with pastoral and spiritual care (such as meeting with you).
- To deliver the church’s mission to our community, and to carry out any other voluntary or charitable activities for the benefit of the public as provided for in the constitution and statutory framework of each data controller;
- To administer the church attendees and membership records;
- To fundraise and promote the interests of the church and charity;
- To maintain our own accounts and records;
- To process a donation that you have made (including Gift Aid information);
- To seek your views or comments;
- To notify you of changes to our services, events and role holders;
- To send you communications which you have requested and that may be of interest to you. These may include information about campaigns, appeals, other fundraising activities;
STORING YOUR DATA
We hold your data for varying lengths of time depending on the type of information in question but in doing so we always comply with Data Protection legislation. We will contact you annually to check that the information we are holding is accurate and that you agree to us holding it.
Who do we share your information with?
We will not share your information with third parties without your consent unless the law requires us to do so. Your personal data will be treated as strictly confidential. It will only be shared with third parties where it is necessary for the performance of our tasks or where you first give us your prior consent. It is likely that we will need to share your data with some or all of the following (but only where necessary):
- Internally: We will share your data amongst staff and trustees, for example, only when it is relevant to do so. When you give us your email address or number, for example, that is stored in a secure staff-only repository (we use the programme ChurchSuite).
- Legal compliance: We are legally obliged to share some information to adhere to UK law. For example, as we are a registered charity, we must submit our accounts, which need to be audited by a third party accountant. We must also fulfill our legal requirements for safeguarding, for which it may be necessary to share your information with law enforcement entities.
- Approved 3rd Parties: When we use the term 3rd party, we mean systems or organizations that are necessary for Grace Fellowship Manchester to function, as we are not able to internally do that work or create those programmes. We will carefully vet these before use to ensure they will, in turn, keep personal data secure in line with the law. We do not give, sell, trade or share any of your personal data to organizations that we think may be of interest to you, ever.
Examples of our approved 3rd parties are:
- IT: Google (staff email and administrative tools)
- Financial organizations: HMRC (gift aid reporting), our main bank account provider, Donor box (giving), Stripe (online card payment processing).
Your details will never be shared with anyone outside of Grace Fellowship Manchester without your express advance permission, except in certain limited situations, such as where we are required to do so by law or to protect members of the public from serious harm.
OUR COMMITMENT TO SECURITY
We have put in place appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online.
HOW TO CONTACT US
If you have any questions or concerns about the Grace Fellowship Manchester’s online policy for this website or its implementation you may contact us at [email protected].