DATA PRIVACY NOTICE

Last reviewed July 2023. Next review due in 2026

Cornerstone Church Grays is committed to ensuring that any personal data we hold about you and your family is protected in accordance with data protection laws and is used in line with your expectations.

Our Data Protection Policy can be found here in our policies section.

The Data Privacy Notice described below is also available in our Contact Details and Data Privacy Booklet.

This notice relates to data collected from you in person at church events  and also data collected from you in church life and data collected by this website.

Relating to data collected from you in person at church events

1. What is personal data?

Personal data relates to a living individual who can be identified from that data. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

2. Who are we?

Cornerstone Church Grays is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.

3. What data do we collect?

  • Name, date of birth and gender
  • Contact information such as email address, postal address and telephone numbers
  • Family relationships between our data (e.g. parent, child, grandparent)
  • Financial information relating to giving and gift aid (including bank details)
  • Parental consent forms for children and youth work (including medical and photo consent)
  • Additional details relating to volunteers, such as experience with children and references for DBS
  • Attendance records (registers) for certain groups

4. Your rights

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –

  • The right to request a copy of your personal data which we hold about you
  • The right to request the correction of any personal data if it is found to be inaccurate or out of date
  • The right to request your personal data is erased where it is no longer necessary for us to keep it
  • The right to withdraw your consent to the processing at any time
  • The right to data portability (obtaining a copy of your data to re-use with another organisation)
  • The right to object to us using your personal data for particular purposes
  • The right to lodge a complaint with the Information Commissioners Office

5. Our principles of use

Under the obligations of the GDPR the data we hold is:-

  • Collected and processed for a lawful reason, and in a fair and transparent way
  • Only used for the purpose that we originally collected it
  • Limited to that which is necessary for the stated purpose (in other words, we don’t collect irrelevant data)
  • Accurate and kept up to date
  • Kept only for as long as it is necessary
  • Kept securely whether it is held on paper or electronically

6. How do we use your data? (this is known as processing)

We use your personal data to enable us to achieve the aims of gospel ministry in Grays and beyond, including but not limited to the following 3 consent categories:-

a-Pastoral oversight and the administration of the church family:-

  • To provide appropriate pastoral care
  • To administer membership records
  • To maintain our own accounts and records (including the processing of gift aid applications);
  • To manage our employees and volunteers e.g. info for DBS (Disclosure and Barring Service)
  • Statistical analysis regarding the make-up of the congregations

b-Communication:-

  • To inform you of news, events, activities and services
  • To promote the interests of the charity including raising funds
  • To operate the website and other internet related services to deliver information

7. What is the legal basis for processing your personal data?

  • Explicit consent of the data subject or the parent / guardians of children so that we can keep you informed about news, events, activities and services.
  • Processing is necessary for carrying out legal obligations in relation to Gift Aid or under employment, social security or social protection law, or a collective agreement.
  • Processing is carried out by a not-for-profit body with a political, philosophical, religious or trade union aim provided: –
    • the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and
    • there is no disclosure to a third party without consent.

8. Sharing your personal data

Your personal data will be treated as strictly confidential. Authorised personnel will only share your information with other members of the church for purposes connected with the church.

9. How long do we keep your personal data?

We keep data in accordance with our legal obligations and specify retention periods in our Data Protection Policy.

Specifically, we retain gift aid declarations and associated paperwork for up to 6 years after the calendar year to which they relate.

10. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, we will seek your prior consent to the new processing.

Additional information relating to data collected by this website

Cornerstone Church Grays operates this website www.cornerstonegrays.org

This website collects no Personal data unless you sign up for contact newsletters. If you do this we will ask you to provide us with your name and email address so we can send you the messages. Your information will not be used for any other purpose. We do collect anonymous usage data for improving and monitoring the site. By using this site, you agree to the collection and use of information in accordance with this policy.

Information about Google Analytics and Cookies can be found on our cookies page

Contact Us

If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance at dataprivacy@cornerstonegrays.org. Alternatively, you can contact the Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/concerns/