Introduction
This Privacy Notice outlines the way in which we, Banchory Christian Fellowship Church (BCFC) will use personal information provided to the church. We take very seriously the importance of your privacy and the safety of your personal information. Outlined below is how we will use, disclose, and protect this information.
Who are we?
We are a charity registered in Scotland with trustees who are responsible for the general control and management of the church. The trustees are the "data controller" as defined by the General Data Protection Regulation (the "GDPR") and as such are responsible for how we process your personal data and for what purposes. Adrian Rowett is the lead trustee (contact details below).
On a day-to-day basis, the congregation at Banchory Christian Fellowship Church is led by Elders, supported by Deacons, ministry leaders/helpers and support staff who look after different areas of work within the church and who may have responsibility for processing your personal data.
We are a not-for-profit charity, and any profit made, is for the church's own purposes and not to enrich others. Consequently, we do not need to register with the Information Commissioner's Office.
Your personal data – what is it?
Personal information relates to a living individual who can be identified from that data such as name, address, email address or telephone number. Identification can be by the information alone or in conjunction with any other information in the data controller's possession or likely to come into their possession. The processing of all recorded personal data is governed by the "GDPR".
We receive and store personal information provided by our congregation/members, employees, volunteers, donors and others who participate in our events and activities and others with whom the church works and/or associates. This information can be supplied to us in various ways, including via on-line software portals, hardcopy forms or via email, by telephone conversation or via our website, or when donating money to the church. We may also receive information indirectly about an individual, for example, through a prayer request from someone in the congregation for a relative or friend.
How do we process your personal data?
Our trustees are responsible for compliance with the "GDPR" by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data. We use third party software systems for church administration and to host our website as well as for electronic communication along with 'cloud' storage for some processing of personal data, including for example Microsoft and social networking sites.
We use your personal data for the following purposes: -
We process your information with appropriate safeguards in place, as a not-for-profit body with a religious aim and on the basis that the processing relates solely to the congregation/members, former congregation/members or people who have contact with the church.
We also process information:
Sharing your personal data
Your personal data will be treated as strictly confidential and will only be shared with others in the congregation to carry out a service to you or others in the church or for purposes connected with the church subject and where relevant, to the consent you have provided.
We will only share your data with third parties outside the church with your consent or where legally obliged to do so and will never sell, rent, distribute or otherwise make your personal information commercially available to any third party.
How long do we keep your personal data?
We will take reasonable, necessary steps to ensure that your data is treated securely and in accordance with this privacy statement. We will keep data in accordance with our "Document & Data Retention Policy". Generally, we retain your data while it is still current and where appropriate to meet legal obligations including for example safeguarding records; financial records and gift aid declarations and associated paperwork; and employment records.
Your rights and your personal data
Unless subject to an exemption under the "GDPR", you have the following rights with respect to your personal data: -
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then a new notice will be provided to you which will explain this new use prior to commencing the processing. The new notice will also set out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
Please note that our website pages may contain links to other websites, and you should be aware that we are not responsible for the privacy practices on other websites.
Contact Details
For any queries or complaints please contact the Church Administrator in the first instance.
Data Controller Trustee
Adrian Rowett, Trustee and Elder
[email protected]
01330 820791
Data Protection Officer
Church Administrator
[email protected]
01330 820791
Information Commissioner's Office (Scotland)
Queen Elizabeth House
Sibbald Walk
Edinburgh
EH8 8FT
[email protected]
0303 123 1115
This Privacy Notice outlines the way in which we, Banchory Christian Fellowship Church (BCFC) will use personal information provided to the church. We take very seriously the importance of your privacy and the safety of your personal information. Outlined below is how we will use, disclose, and protect this information.
Who are we?
We are a charity registered in Scotland with trustees who are responsible for the general control and management of the church. The trustees are the "data controller" as defined by the General Data Protection Regulation (the "GDPR") and as such are responsible for how we process your personal data and for what purposes. Adrian Rowett is the lead trustee (contact details below).
On a day-to-day basis, the congregation at Banchory Christian Fellowship Church is led by Elders, supported by Deacons, ministry leaders/helpers and support staff who look after different areas of work within the church and who may have responsibility for processing your personal data.
We are a not-for-profit charity, and any profit made, is for the church's own purposes and not to enrich others. Consequently, we do not need to register with the Information Commissioner's Office.
Your personal data – what is it?
Personal information relates to a living individual who can be identified from that data such as name, address, email address or telephone number. Identification can be by the information alone or in conjunction with any other information in the data controller's possession or likely to come into their possession. The processing of all recorded personal data is governed by the "GDPR".
We receive and store personal information provided by our congregation/members, employees, volunteers, donors and others who participate in our events and activities and others with whom the church works and/or associates. This information can be supplied to us in various ways, including via on-line software portals, hardcopy forms or via email, by telephone conversation or via our website, or when donating money to the church. We may also receive information indirectly about an individual, for example, through a prayer request from someone in the congregation for a relative or friend.
How do we process your personal data?
Our trustees are responsible for compliance with the "GDPR" by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data. We use third party software systems for church administration and to host our website as well as for electronic communication along with 'cloud' storage for some processing of personal data, including for example Microsoft and social networking sites.
We use your personal data for the following purposes: -
- To provide the services of a church to the community;
- To provide a voluntary service for the benefit of the public;
- To administer a congregational database, membership records and, with your consent, a congregational directory;
- In relation to participation in congregational activities;
- For pastoral care purposes;
- To fundraise and promote the interests of the charity;
- To manage employees and volunteers;
- To communicate with the congregation and others associated with the church e.g. provide you with information about news, events, activities and services within, or supported by us; and to send birthday/special occasion cards/gifts;
- To maintain accounts and records (including the processing of Gift Aid applications); and
- To fulfil contractual and legal obligations.
We process your information with appropriate safeguards in place, as a not-for-profit body with a religious aim and on the basis that the processing relates solely to the congregation/members, former congregation/members or people who have contact with the church.
We also process information:
- Where this is necessary for compliance with legal or contractual obligations, for example our obligations under employment, social security or social protection law, or a collective agreement. Failure by an individual to provide any requested personal data for such compliance, may result in us being unable to offer/deliver for example, a service/activity or employment to an individual;
- Where processing is necessary for the purposes of our legitimate interests and where such interests are not overridden by your interests or fundamental rights and freedoms, for example to manage the church finances; maintain a congregational/members register; manage church services and ministries, maintain the premises, promote events and activities and share church news; and
- Where you have given consent to the processing of your information for a particular purpose.
Sharing your personal data
Your personal data will be treated as strictly confidential and will only be shared with others in the congregation to carry out a service to you or others in the church or for purposes connected with the church subject and where relevant, to the consent you have provided.
We will only share your data with third parties outside the church with your consent or where legally obliged to do so and will never sell, rent, distribute or otherwise make your personal information commercially available to any third party.
How long do we keep your personal data?
We will take reasonable, necessary steps to ensure that your data is treated securely and in accordance with this privacy statement. We will keep data in accordance with our "Document & Data Retention Policy". Generally, we retain your data while it is still current and where appropriate to meet legal obligations including for example safeguarding records; financial records and gift aid declarations and associated paperwork; and employment records.
Your rights and your personal data
Unless subject to an exemption under the "GDPR", you have the following rights with respect to your personal data: -
- The right to be informed.
- The right to request a copy of your personal data which we hold about you.
- The right to request that we correct any personal data if it is found to be inaccurate or out of date.
- The right to request that your personal data is erased where it is no longer necessary for us to retain it.
- The right to withdraw your consent to the processing at any time.
- The right to request that the data controller provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability).
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction be placed on further processing.
- The right to object to processing of personal data held by us for our legitimate interests.
- The right to lodge a complaint with the Information Commissioners Office.
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then a new notice will be provided to you which will explain this new use prior to commencing the processing. The new notice will also set out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
Please note that our website pages may contain links to other websites, and you should be aware that we are not responsible for the privacy practices on other websites.
Contact Details
For any queries or complaints please contact the Church Administrator in the first instance.
Data Controller Trustee
Adrian Rowett, Trustee and Elder
[email protected]
01330 820791
Data Protection Officer
Church Administrator
[email protected]
01330 820791
Information Commissioner's Office (Scotland)
Queen Elizabeth House
Sibbald Walk
Edinburgh
EH8 8FT
[email protected]
0303 123 1115