Last updated: 17 May 2018
1. Data protection
This policy explains how the Church and the website comply with the DPA (Data Protection Act), the General Data Protection Regulation (GDPR) which comes into effect on 25 May 2018, and the Privacy and Electronic Communications Regulations. We may update this policy the UK's exit the European Union.
By providing your personal details you agree to allow the Church to contact you by mail, email, telephone or SMS text message in connection with its charitable purposes, either on the basis of the consents you have given us or for our legitimate interests in accordance with current data protection regulations.
If you continue to browse and use this website, you are agreeing to comply with and be bound by the following terms and conditions of use, which, govern the Church’s relationship with you. If you disagree with any part of this policy please do not provide personal information and do not continue to use our website
2.1 Cookies policy
Cookies are small files saved to the device you are using to that track, save and store information about your interactions and use of the website. We will issue cookies to your computer when you visit the website. Cookies make it easier for you to use the site during future visits. They also help to monitor website traffic and to personalise the content of the site for you but will not store save or collect personal information. You may set up your computer to reject cookies although, in that case, you may not be able to use certain features on our site.
2.2 Site tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor as outlined in section 10.
2.3 Email newsletter
If you choose to join our mailing list, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor as outlined in section 10.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal by emailing the privacy officer.
When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within the MailChimp database, you will receive periodic (approximately weekly) newsletter-style emails from us.
Occasionally, the Church may also include links to other websites which provide further information. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites.
Any documents or files made available to download from our website are provided at your own risk.
2.6 Social media
The Church uses social media such as Facebook, YouTube, Twitter, Instagram, WhatsApp and Vimeo. We use these platforms so to keep people informed of the life of the Church and to promote events and services.
Unless it is material supplied or officially posted by the Church we do not endorse social media website(s) and have no responsibility for the content nor for the cookies they may contain.
The Church will not ask for passwords or personal details on social media.
3. How we collect information about you
We collect personal information each time you are in contact with us. For example, when you:
visit our website
join our mailing list
make a donation, by completion of Gift envelopes or via electronic means
register for a conference or other Church event
provide your contact details, in writing or orally, to Church staff or volunteers
purchase goods or services, including when you provide credit or debit card details
when you attend church services or participate in other Church activities
communicate with the Church by means such as email, letter, telephone
have face to face meetings with staff and volunteers
access social media platforms such as Facebook, YouTube, Twitter, Instagram, WhatsApp and Vimeo
attend one of our services or events we may take photos & video to publicise future events.
The Church does not hold any debit or credit card details for donations/payment. All card payments are handled by service providers who encrypt card information.
4. How we use your information
The Church will use the personal information we collect for the purpose disclosed at the time of collection, or otherwise as set out in this policy. We will not use your personal information for any other purpose without first seeking your consent, unless authorised or required by law. Generally, we will only use and disclose your personal information as follows:
to keep you informed by text and/or email about church services, activities, resources and events
to establish and maintain your involvement with the Church, including providing you with regular correspondence
to register you for events, conferences
for promotion of products or services and to keep you informed of new developments we believe may be of interest to you. If we contact you in this way without obtaining your prior consent, we will provide you with the opportunity to decline any further promotional communications
to improve our general ability to assist Church attendees and the wider community
to enable the leadership of the Church to occasionally personally and directly communicate with you
to manage our employees, volunteers and attendees
to enable us to provide a voluntary service for the benefit of the public
to maintain our own accounts and records (including the processing of Gift Aid applications)
to answer an inquiry or request for further information or complaint about the Church, its services, activities and events.
5. Who sees your information
5.1 Where your information stored
The information you provide to us will be held on computers in the UK, the European Union and the USA and may be accessed by or given to staff at the Church who act for us for the purposes set out in this policy or for other purposes approved by you. If the information you provide us is in paper format, then this will be stored in secure storage with restricted access.
Your personal information will be kept strictly confidential and held safely and securely in accordance with our Data Protection Policy.
We use cloud-based systems to process data and therefore data may be processed outside of the European Economic Area (EEA). We adopt the Information Commissioners approved measures and therefore ensure that personal data is held in compliance with European data protection regulations. We take all reasonable steps to ensure that your data is stored and processed securely in accordance with this policy. By submitting your personal data you agree to this transfer, storing and processing of your information.
6. Sharing of your information
We will not normally share any information we hold about you with others without your prior consent, unless one of the following exceptions apply. Information may be shared between the Church staff or with authorised volunteers in order to effectively provide services to you. We may disclose information we hold about you if:
We feel there is a legitimate interest for us to do so.
It is necessary for law enforcement or similar purposes.
we need to review the quality of our services — for example, we regularly employ auditors to inspect our files and assist with maintaining high levels of security & integrity across our organisation. HMRC also have the right to review our files to ensure we are complying with their rules.
it’s a necessary part of providing you with our service(s) or contacting you as a member, donor — for example, by using a third party mailing house to process our communications
it’s a necessary part of ensuring we comply with our legal obligations as a data controller — for example, sending information to HMRC for gift aid purposes
Where such details are shared we have confidentiality agreements in place that restrict the use of your information to the purpose for which it is provided and ensure it is stored securely and kept no longer than necessary.
6.1 Financial details
We do not intend to store or currently store financial details (credit or debit card numbers) obtained through electronic means. Where you have consented to us collecting Gift Aid we will keep a record for 6 years in compliance with the HMRC.
6.2 Sensitive personal information
Where you provide the information, we may collect sensitive personal data, including, but not limited to, church attendance, your religious beliefs, or your physical or mental health.
The Church will take reasonable steps to keep secure any personal information, which we hold and to keep this information accurate and up to date. The Internet is not a secure method of transmitting information. Accordingly, the Church cannot accept responsibility for the security of information you send to or receive from us over the Internet or for any unauthorised access or use of that information.
We take security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. Your information will be held for a reasonable period or as long as the law requires or permits.
8. How long we hold your information for
We only keep it as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations (for example, the collection of Gift Aid) or as long as the law requires.
9. Your rights
As an individual, you have control over what information we hold about you, how it is used, and whether you are happy for us to keep it. General Data Protection Regulation (GDPR) states that you have:
Right to be informed — to know what information we collect about you and why. This policy is in response to this right.
Right of access — to see what information we hold about you and to verify the lawfulness of our processing of your data.
Right to rectification — to ask us to change or complete any inaccurate or incomplete personal information held about you.
Right to erasure — to ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
Right to restrict processing — to change the way in which we use your data.
Right to data portability — to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
Right to object — to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
Right not to be subjected to automatic decision making including profiling — You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent. We do not currently carry out any automated decision-making.
If you wish to exercise any of these rights or make a complaint, you can do so by contacting the privacy officer of the Church.
You can also make a complaint to the data protection supervisory authority, the Information Commissioner's Office, https://ico.org.uk/.
Please note, some of these rights only apply in certain circumstances and we may not be able to fulfil every request.
10. Our third-party data processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 6.0.
11. Changes to this policy
The Church may amend the policy from time to time to ensure compliance with changes or amendments to the law of the UK. Any amended version will be available on our website at www.libertychurchuk.com. We suggest that you visit our website regularly to keep up to date with any changes.
12. Contact details
If you would like any further information or have any queries, problems or complaints relating to the policy or our information handling practices in general, please contact our privacy officer:
Telephone: +44 (0) 7943 501007,
Writing: The Privacy Officer, Liberty Church, Gaer Christian Centre, Gaer Park Drive, Newport, NP20 3NN
Registered Charity Number: 1161640
Registered Office: Liberty Church, Gaer Christian Centre, Gaer Park Drive, Newport, NP20 3NN