Data Protection Policy

Old Trafford Christadelphian Church Data Protection Policy as adopted at a church members’ meeting on 18 May 2019

Introduction

This policy document is a response to the European Union General Data Protection Regulation (GDPR), which comes into effect on 25th May 2018.

The definition of personal data in the GDPR regulation is:

Any information related to a person that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, Bank details, posts on social networking websites, medical information, or a computer IP address.

The Regulation applies to information that is held by members of the churches elders and appropriate activity team, when acting in those capacities. It does not apply to information that individual members may hold about each other.

Personal details of current and past members

The following personal details are held, so that the members can be contacted and cared for as necessary so that if required the history of their adherence to the Christadelphian faith can be demonstrated.

  • Contact details such a postal address, email address and the telephone number(s).
  • Date of birth.
  • Date and place of baptism, and date of transfer to Old Trafford church, if applicable.

For current members this information is maintained by Steve Tanner and is held on a spreadsheet encrypted on the hard drive of his computer.

An Up-to-date password protected version of this information is made available to members of the church annually.

When someone's membership ceases their details are deleted from the spreadsheet.

Any current or past members may see the information held about them and may ask for errors to be corrected.

A record is kept of current members attendance after the weekly breaking of bread and evening services.

Information sharing

Where there is a good reason for doing so a copy of the Address Roll may be passed to member of another Christadelphian church, and any member of Old Trafford Church may give a copy to a member of their immediate family or to someone who is considering baptism. Otherwise, no personal information will be shared with any other person or organisation. 

Privacy notice

The form on which members provide their details will summarise the statement above, describing how the information will be stored, used, and kept secure, and explaining the procedure for checking and correcting personal details.

Email addresses

So that information can be communicated effectively to members of the church the elders maintain a list of the email addresses of those members wishing to receive messages relating to church activities and welfare. Any member may be added to, or removed from, this list on request.

Financial information

The personal information held by the finance team has only to do with Gift Aid. Information held is as follows and is voluntarily given, so permission is provided in the forms being completed and signed:

  • Full name.
  • Postal address details.
  • An Acknowledgement that the named person has sufficient taxable income in order for Old Trafford Christadelphian church (registered charity number 1166491) to claim back Gift Aid for any identifiable donations made.
  • Agreement that the reclaimed tax be directed into the general fund of the church. The person may also provide information on how their donation is split or specifically what it is for.

The information above is filed securely by the finance team.

The information described above should be kept for as long as the named person is contributing to the charity via the government Gift Aid scheme or until the persons income falls below the taxable level (where Gift Aid would not be applicable) and thereafter for a period of six years, which is the minimum requirement for keeping accounting information for charities such as this.

Contacts

The term 'contacts' is used to describe people who are not members of a Christadelphian church, but who have been in touch for some reason–for example by attending an event or requesting information. Contacts personal details are held so that information can be sent about events being organised and general bible–related topics of interest.

The details held may include:

  • Name and contact details such as postal and email address,
  • Telephone numbers.
  • Record of dates and circumstances of interaction with Old Trafford Christadelphians church, for example literature that has been mailed in the past, or bible courses that have been attended in person. This information allows correspondence to be tailored to include only events and offers which might be of interest to the contact.
  • Contacts are asked for their consent for the information above and asked to say whether they prefer to be contacted by post, email or telephone.

This information is maintained by the appropriate church activity Team and is held in a secure spreadsheet.

Contacts are asked for a consent for the information above to be stored before being added to the list. Any contact may see the information held about them and they may ask for errors to be corrected or to be removed from the spreadsheet.

Contact personal information will not be shared with any other individual or organisation. Every five years, contacts will be asked whether they wish to re-consent or be deleted.

Requests for information

When a contact asks to see what information is held, makes a correction or asks for their details to be deleted, an attempt will be made to verify that the request has come from the right person, and wherever possible these communications will be in writing.

Data Protection Officer 

The church will appoint a Data Protection Officer, whose role is to be aware of how GDPR  is being implemented and to advise the elders and the trustees if any changes are needed.

This data protection policy will be reviewed by the elders and trustees at least once every two years.

Appendix – Implementing this Policy

Members will be given a statement of the information that is held about them and will be asked to correct any errors and to give their consent for this information to be held as described above.

The contacts currently on the list will be asked whether they give their consent for their information to be stored by the church. If consent is not given, the details will be deleted.