DATA PROTECTION AND PRIVACY POLICY

City Life Church Sunderland uses personal data about individuals for the purpose of general church administration, pastoral care and communication.

City Life Church Sunderland recognises the importance of the correct and lawful treatment of personal data. All personal data, whether it is held on paper, on computer or other media, will be subject to the appropriate legal safeguards as specified in the General Data Protection Regulation (GDPR) and subsequent legislation.

City Life Church Sunderland fully endorses and adheres to the principles of the GDPR. These principles specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transporting and storing personal data. Employees and any other individuals who handle, process, transport and store personal data for City Life Church Sunderland must adhere to these principles:

1. Lawfulness,fairness and transparency

Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject.

2. Purpose Limitation

Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

3. Data minimisation

Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

4. Accuracy

Personal data shall be accurate and, where necessary, kept up to date.

5. Storage Limitation

Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

INTEGRITY AND CONFIDENTIALITY

Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

ACCOUNTABILITY

The controller shall be responsible for, and be able to demonstrate compliance with the GDPR

HOW WE COLLECT YOUR PERSONAL DATA

We collect personal information each time you are in contact with us. For example, when you:

1. Visit our website;
2. Sign up to serve within the church;
3. Make a donation when completing an offering envelope
4. Register for one of our church events;
5. Provide your details online, in writing or orally to church staff or volunteers.

MAINTAINING CONFIDENTIALITY

City Life Church Sunderland will treat all your personal information as private and confidential. Your personal information will only be disclosed to those within the church responsible for facilitating the day to day administration and day to day ministry of the church, and who also have a need to access your information.

All City Life Church staff and volunteers who have access to personal information will be required to agree and sign a Confidentiality Policy and Data Protection Policy.

There are four exceptional circumstances to the above where we may be permitted by law to disclose personal data:

1. Where we are legally compelled to do so
2. Where there is a duty to the public to disclose
3. Where disclosure is required to protect your interest
4. Where disclosure is made at your request or with your consent

USE OF PERSONAL DATA

City Life Church Sunderland will use your data for four main purposes:

  1. The day today administration of the church including: pastoral care and oversight including calls and visits, preparation of ministry rotas, and maintaining financial records of giving for audit and tax purposes.

  2. Contacting you to keep you informed of church activities and events.

  3. Statistical analysis including attendance and gaining a better understanding

    of church demographics (NB. Collated data may be disclosed to third parties,

    i.e. general connect group attendance, but personal information will always be removed).

4. Employment and payroll for individuals in the employment of City Life Church.

We do not sell or pass any of your personal information to any other organisations and/or individuals without your express consent, with the following exceptions:

By providing us with your details you are giving City Life Church Sunderland the express permission to transfer your data to service providers including mailing houses, such as Mail-Chimp, to enable the fulfilment of the purpose for collection.

THE DATABASE

City Life Church Sunderland utilise a database called I Know Church Software to assist with church administration and the pastoral care of church members. The database is accessed through the cloud and therefore can be accessed by authorised individuals through any computer or smart device with internet access. The server for the database is in the EU and hosted by I Know Church Software (iknowchurch.co.uk)

Access to the database is strictly controlled through the use of individual usernames and passwords which are selected by the individual.

The online site for accessing the database is secured by SSL certificates, and safeguards are in place to prevent against brute force attack.

We employ role-based access controls to ensure those authorised to use the database only have access to their specific area to enable them to fulfil their role. These security parameters are maintained by the designated database manager.

Individuals with access to the database are City Life Church Sunderland staff, Department Heads, and Connect Leaders. (see also iknowchurch.co.uk/privacy- policy)

WEBSITE

City Life Church Sunderland utilise website (www.clcsunderland.org) in order to publicise details about church and our events to you and the wider public. From time to time we may collect data or manage sign ups through the website.

As most sites do, our website utilise cookies in order to give you the best possible browsing experience. Within our site there is also embedded content from third party sites such as Google Maps, YouTube, Vimeo and Instagram.

These third-party sites may also utilise cookies for the same reason. You can block cookies at any time using your browser settings if you wish to do so.

RIGHT TO ACCESS INFORMATION

All individuals who are subject to information held by City Life Church Sunderland are entitled to:

1. Ask what information the church holds about them and why
2. Ensure their datails kept up to date
3. Request a copy of the data held by them
4. Request the erasure of data held about them in certain situations

5. Any queries of this nature should be addressed in writing to:

FAO: Data Protection Officer
City Life Church Sunderland 170 Hylton Road, Sunderland,
Tyne & Wear,
SR4 7YA

City Life Church Sunderland aims to comply with all request for access to personal information as quickly as possible, but will ensure that it is provided within 30 days of receipt unless there is good reason for delay.