How we use your information
This privacy notice tells you what to expect when New Life Community Church collects personal information. It applies to information we collect about:
- People who use our services, eg. Attend an event, subscribe to our newsletter, attend our courses eg: Good to grow & Theology Matters.
- Visitors to our website
- Complainants and other individuals in relation to data protection or subject access request or enquiry
- Job applicants and our current and former employees and volunteers
- Your privacy is important to us. We are committed to safeguarding the privacy of your information. We do all that we can to ensure that the data we hold is accurate, adequate, relevant and not excessive.
Whenever we collect information from you, we will make it clear which information is required in order to provide you with the information or service you have requested. We store your information securely on a cloud-based system which uses encryption, we restrict access to those who have a need to know, and we train our staff in handling the information securely.
New Life Community Church will not pass your personal information onto any third party without having your consent.
New Life Community Church uses a few third-party companies as part of financial management. These are kept to a minimum and all comply with strict industry standards. We therefore do not store any debit/credit card information. These organisations are as follows, with links to their privacy policies:
Xero – Is the finance management application used by New Life Community Church. https://www.xero.com/uk/about/privacy/
Paypal – For processing donations made via our website https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
We bank with Lloyds Bank https://www.lloydsbank.com/privacy.asp
HMRC handles payroll & gift aid https://www.gov.uk/help/privacy-policy
We use a third-party provider Ticketsource to host our event bookings, their privacy statement can be found at https://www.ticketsource.co.uk/kb/terms-of-use/data-processing-agreement
(1) Functionality cookies – these are used to help with the site functions such as the submission and completion of contact forms, playing of media files, and navigating the website.
(2) Analytics cookies – these cookies allow us to track and analyse how visitors use our site and where our enquiries come from.
By using our site, you agree to us storing these cookies on your device and accessing them when you return to our site in future. If you want to delete any cookies on your device, we recommend viewing the ‘help’ section in your browser’s settings which should provide instructions on how to delete them. You can find more information on cookies at: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/. Please note that by deleting or disabling your cookies your experience using our website may be affected.
People who contact us via social media
If you send us a Private or direct message via social media, we will respond directly & personal information will not be extracted or shared with any other parties/organisations.
Messages will be deleted within 30 days of a reply being sent.
People who email us
We will monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
If we do hold information about you, you can ask us to correct any mistakes by contacting the office (Details at the end of document)
We take any complaints we receive very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint.
Complaint files will be stored in line with our retention policy. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Requesting access to your personal data
(Subject Access Requests)
We try to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 2018. If we do hold information about you we will:
- Give you a description of it
- Tell you why we are holding it
- Let you have a copy of the information in an intelligible form.
- To make a request to New Life Community Church for any personal information we may hold you need to put the request in writing to the address at the end of the document. Or call 07909711886 to discuss further.
If you agree, we will try to deal with our request informally, for example by providing you with the specific information you need over the telephone.
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
We shall notify you without undue delay after becoming aware of (and in any event within 72 hours of discovering) any accidental or unlawful destruction, loss, alteration or unauthorised disclosure or access to any Personal Data (“Data Breach”).
Where required under GDPR, New Life Community Church will notify the relevant authorities of the Data Breach and comply with any instructions received from the relevant authorities.
We will promptly investigate every security breach and take reasonable measures to identify its root cause(s), mitigate its adverse effect and prevent a recurrence. As information becomes available, unless prohibited by law, we will provide you with a description of the security breach, the type of Personal Data that was the subject of the Data Breach, and other information you may reasonably request concerning the affected Personal Data
Under the GDPR 2018 and Data Protection Act 2018, you have the rights as an individual which you can exercise in relation to the information we hold about you.
You have the right to:
- Object to processing of personal data that is likely to cause, or is causing, damage or distress
- Prevent processing for the purpose of direct marketing
- Object to decisions being taken by automated means
- In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and;
- Claim compensation for damages caused by a breach of the data protection regulations.
You can also get further information on:
- Circumstances where we can pass on personal data without consent, for example, to prevent and detect crime;
- Our instructions to staff on how to collect, use and delete personal data; and
- How we check that the information we hold is accurate and up to date
- For further information on how your information is used, how we maintain the security of your information and your rights to access information we hold on you please contact our Data Protection Compliance Manager (Details at the end of the document in the Contact us section)
Job applicants, current and former New Life Community Church employees
New Life Community Church is the data controller for the information you provide during the recruitment process unless otherwise stated, if you have queries about the process or how we handle your information please contact firstname.lastname@example.org.
Links to other websites
This privacy notice does not cover the links within this document. We encourage you to read the privacy statements on the other sites you visit.
Data Protection Compliance Manager
New Life Community Church
38 Avon Meade