GDPR Policy
Christ Church West Green is committed to protecting and respecting your privacy.
This statement explains when and why we collect personal information about people
who visit us, our website, or connect with us on social media, how we use it, the
conditions under which we may disclose it to others and how we keep it secure.
We may change this statement from time to time and a fuller version of our data
protection policy can be found below. Both this statement and our policy are kept under
regular review, so please check this page occasionally to ensure that you’re happy with
any changes. By using our website, or connecting with us on any other available
touchpoint you’re agreeing to be bound by this statement and our data protection policy.
Any questions regarding this Policy and our privacy practices should be sent by email to
Chris Brees at hello@ccwg.church or by writing to Christ Church, Waldeck Road, N15
3EP.
Who are we?
We’re Christ Church West Green, a member of the Church of England, in the Diocese of
London.
How do we collect information from you?
We obtain information about you when you use our website, sign up for any of our
events or groups on ChurchSuite, register a child with us for a kids group, fill in a
Connect Card, Serve, Give or Welcome flyers, or apply for a paid or volunteer position
with the church.
What type of information is collected from you?
The personal information we collect might include your name, address, email address,
phone number, attendance information at events, groups and meetings, IP address, and
information regarding what pages are accessed and when. If you make a purchase from
us, for example for the purpose of purchasing event tickets, your card information is not
held by us, it is collected by our third party payment processors, who specialise in the
secure online capture and processing of credit/debit card transactions, as explained
below.
If you are a prospective employee or volunteer working with children or vulnerable
adults, we may also collect criminal records information (such as Disclosure and Barring
Service (DBS) checks) where we have a legal right or reason for doing so.
How is your information used?
We may use your information to:
- Process a donation that you have made, and claim gift aid on it, with your written
permission.
- Process transactions that you have requested, i.e. registering you for groups and
events run by the church, or supplying you with tickets for events or products
where that is applicable
- Ensure that children attending a Christ Church group or event are safely
registered and accounted for.
- Send you communications which falls within the scope of the charitable
objectives of the church, and for the purpose of developing the congregation at
Christ Church. This would be with your written permission, via our Connect Card,
or through a Newcomers event.
- To seek your views or comments;
- To notify you of changes to our services, events and role holders;
- To carry out comprehensive safeguarding procedures (including due diligence
and complaints handling) in accordance with best safeguarding practice from
time to time with the aim of ensuring that all children and adults-at-risk are
provided with safe environments.
- To enable us to meet all legal and statutory obligations (which include
maintaining and publishing our electoral roll in accordance with the Church
Representation Rules).
- Process an application for a job or a volunteer position
We review our retention periods for personal information on a regular basis. We are
legally required to hold some types of information to fulfil our statutory obligations (for
example the collection of Gift Aid, or children’s registration and attendance). We will hold
your personal information on our systems for as long as is necessary for the relevant
activity.
Our legal bases for collecting and using your information
We are entitled to use your personal data in the ways set out in this privacy notice on the
following bases:
- the use of your personal data is necessary for our legitimate interests in:
communicating with you;
- ensuring the quality of the services we provide to you;
- the physical security of our premises (with regard to CCTV); and
statistical analysis; and/or we have legal obligations that we have to discharge; and/or
you have consented to such use.
If you do choose to provide your consent you can withdraw it at any time by contacting
us using the details set out above.
Who has access to your information?
We will not sell your information to third parties.
Where necessary, we may pass your information to third parties that are specifically
engaged by us for the purposes of completing tasks and providing services to you on our
behalf.
However, when we use third party service providers, we disclose only the
personal information that is necessary to deliver the service and where we require those
third parties to keep that information confidential and secure and to use it solely for the
purpose of providing the specified service.
The following is a list of the types of third parties who process your personal data on our behalf:
- we may share information with entities that provide external events such as New Wine or Wildfire where you have signed up to those events;
- if you have requested us to do so or consented to the disclosure; or
where we are required to do so by law, for example, by a court order or for the
purposes of prevention of fraud or other crime; or when you are using our secure online donation pages, your donation is processed by a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions.
If you have any questions regarding secure transactions, please contact us.
Your choices
You have a choice about whether you wish to receive information from us. We will
collect your contact information via our website or a contact card and store it on
ChurchSuite from where we send you details of church life, events and groups. If you do
not want to receive these communications, you have the right to remove your
information from ChurchSuite, or you can request such a preference via the church
office at any time.
How you can access and update your information?
Christ Church uses ChurchSuite to host and process all personal information of guests
and members of the church. Members of the congregation are invited to download and
access ChurchSuite for the purpose of staying in contact with the rest of the church and
for adapting their communication preferences. Alternatively, you can contact the church
office at hello@ccwg.church or by post at Christ Church, Waldeck Road, N15 3EP at any
time with such a request. You have the right to ask for a copy of the information Christ
Church holds about you (we may charge £10 for information requests to cover our costs
in providing you with details of the information we hold about you).
Security precautions in place to protect the loss, misuse or alteration of your
information.
When you give us personal information, we take steps to ensure that it’s treated
securely. Christ Church uses ChurchSuite as its data management system. ChurchSuite
is a cloud hosted, web based management system which complies with the principles of
GDPR.
Below is a section of the ChurchSuite privacy policy:
“Maintaining the security of your data is one of our highest priorities, and to
this end, all access to ChurchSuite is over an SSL (https://) connection,
which provides 256-bit military grade encryption to ensure that all data in
transit between your web browser and ChurchSuite is fully encrypted.
Where we are required to store any usernames or passwords for third-party
integrations, such as social media or communication channels, we will always
encrypt these details before they are stored on our servers.
Once we have received any data and stored it on our servers, we make
commercially reasonable efforts to ensure its security on our system. To this end, we
have chosen to host our ChurchSuite servers in a data centre that meets some of the
strictest of industry security requirements, and is classified as a Tier 2 data centre.
Unfortunately, no data transmission over the Internet can be guaranteed to be
100% secure, so whilst we strive to protect your personal information,
unfortunately we cannot warrant the security of any information you transmit to us.”
This final paragraph applies to the transmission of data over the internet from any Christ
Church email account too.
Demographic information
Using management information tools on ChurchSuite, we may analyse your personal
information to understand demographics of those within the church, including address
information. We do this to ensure that the charitable objectives of the church are being
met and that what we provide is relevant for all types of people.
Use of ’cookies’
Like many other websites, the Christ Church website uses cookies. ’Cookies’ are small
pieces of information sent by an organisation to your computer and stored on your hard
drive to allow that website to recognise you when you visit. They collect statistical data
about your browsing actions and patterns and do not identify you as an individual. For
example, we use cookies to store your country preference. This helps us to improve our
website and deliver a better more personalised service.
It is possible to switch off cookies by setting your browser preferences. For more
information on how to switch off cookies on your computer, visit our full cookies policy.
Turning cookies off may result in a loss of functionality when using our website.
For the purpose of keeping web statistics and analysing how people interact with our
website – for the purpose of improving it and making it fit for purpose, we may use
software that allows us to track IP addresses and ‘click’ interaction with the website.
18 or Under
We are concerned to protect the privacy of children aged 18 or under. If you are aged 18
or under‚ please get your parent/guardian’s permission beforehand whenever you
provide us with personal information.
Review of this Policy
We keep this statement under regular review.
