Queen’s Park Baptist Church is committed to protecting your privacy and making sure the data you provide us with is kept safe. This policy explains how we collect data, how we use and store information and what it means for you. We welcome your feedback – just call us on 0141 423 3962 or email firstname.lastname@example.org.
Basis of processing your data
As part of the work of the church, we need to process personal data. We undertake to gather and process this data on the lawful basis of consent and under condition 9(2)d of GDPR, in terms of which we process in the course of legitimate activities with appropriate safeguards as a church.
What information do we collect and why?
We process data in relation to members, former members and those having regular contact, in connection with the pursuit of our purposes as a church. Personal data is not disclosed outside the church processes without the consent of the data subjects (i.e. those to whom the data belongs).
We collect personal information each time you deal with us. For example when you make a donation, join membership, request information, sign up for an event, or otherwise provide your personal details we collect the information you provide. We will use this information to keep in contact with you in the ways you have asked us to, via phone, email and post, depending on your preferences and the nature of the communication.
We collect sensitive personal data, including, but not limited to, your religious beliefs, or your physical or mental health. We will use this data to enable us to provide services you have requested, such as providing pastoral care, church youth activities, etc. We will never disclose this information without your consent.
How long will we keep this information & your rights concerning it?
We will keep your data for the period of your involvement with the church. It may also be archived as part of our historical record of membership of the church.
You have the right to request access to your personal data held by us, to change and update those details. You can also withdraw consent for us to hold your data at any time and we will immediately take action to delete/ destroy it. Your provision of this data is not part of a statutory requirement or obligation.
When we share your data
We will never pass your details to another organisation for marketing purposes.
We may make limited use from time to time of external companies to collect or process personal data on our behalf, for example, to send our members email newsletter. When we do use external companies, we remain responsible for the storing and processing of your personal data.
We may share your personal information without notice if required to do so by law or by a regulatory body, for example if asked for details by Police Scotland.
We collect data using cookies, which help to personalise your online experience. A cookie is a text file that is stored on your hard drive when you visit a website. It helps us to identify your computer (not you) and collects information in an aggregate, anonymous way.
You can accept or decline cookies – most browsers automatically accept cookies. We recommend you leave them on to get the best experience of our website. To decline cookies, look at the settings function or help function of your browser.
Security of your data
We ensure that we have appropriate technical controls in place to protect any personal data you provide. For example, any payments made for conference tickets are protected by the use of encryption, such as the Secure Socket Layer (SSL) protocol. However, we need to remind you that despite all our efforts, the internet cannot be guaranteed to be 100% secure, and that you submit data at your own risk.
We use cloud based systems to process data and therefore data may be processed outside of the European Economic Area (EEA). We adopt the Information Commissioners approved measures and therefore ensure that personal data is held in compliance with European data protection regulations. We take all reasonable steps to ensure that your data is stored and processed securely in accordance with this policy. By submitting your personal data you agree to this transfer, storing and processing of your information.
Should you travel overseas with us, we may share personal information with our partners in overseas locations. For example, this may include sensitive personal data such as medical information. When we do so we will make you aware of the data being transferred and seek your consent to do so.
Changes to this policy
This policy was last updated in March 2018. We may amend this policy from time to time to take account of changes to our processes or changes to data protection or other legislation.
The Data Controller is:
Trustees of Queen’s Park Baptist Church, 180 Queen’s Drive, Glasgow, G42 8QD
The Data Protection contact person is:
Phone: 0141 423 3962
You have the right to lodge a complaint with the Information Commissioner’s Office (the Supervisory Authority for Data Protection) on 0303 123 1113.