Privacy Notice

The privacy notice below describes what information we process about individuals, the purposes for which we collect it and how we will handle and use it. It should be made available as per the data protection policy.

1. Your personal data – What is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the Data Controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

2. Who are we?

Under Data Protection legislation, Newport Pagnell Baptist Church is the Data Controller for the purposes of the Act and can be contacted by emailing policy.enquiries@npbc.org.uk

3. How do we process your personal data?

Newport Pagnell Baptist Church, complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Your name and contact details will be entered into our Church database, which is held on the Church server, which is password protected and only accessed by the Minister or trustees of the Church and administration staff. Your contact details will be removed from the database once you are no longer a member of the Church or attend the Church – unless you ask to remain as one of our ‘Church friends’.

We use your personal data for the following purposes:

• to inform you of news, events, activities and services running at Newport Pagnell Baptist Church;

• to provide you with pastoral support as appropriate (should sensitive data be held for any reason, this will only be known by the Minister or one of the designated trustees of the Church);

• to administer members, friends and contacts records;

• to manage our employees and volunteers;

• to maintain our own accounts and records (including the processing of Gift Aid applications).

4. What is the legal basis for processing your personal data?

• Explicit consent of the data subject so that we can keep you informed about news, events, activities and services.

• For carrying out legal obligations in relation to Gift Aid or under employment.

• Processing is carried out by the church to ensure we can provide pastoral care and other church services. (Note: 1 - processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and 2 - there is no disclosure to a third party without consent, except where we have a legal obligation.

5. Sharing your personal data.

Your personal data will be treated as strictly confidential and will only be shared with the other members of the Church and regular Church attendees to carry out a service to other Church members and regular Church attendees or for purposes connected with the Church. We will only share your data with third parties outside of Newport Pagnell Baptist Church with your consent.

6. How long do we keep your personal data?

Personal data processed for any purpose or purposes, will not be kept for longer than is necessary for that purpose or purposes.

7. Your rights and your personal data

Unless subject to an exemption under the “GDPR”, you have the following rights with respect to your personal data:

• the right to request a copy of your personal data which Newport Pagnell Baptist Church holds about you;

• the right to request that Newport Pagnell Baptist Church corrects any personal data if it is found to be inaccurate or out of date;

• the right to request your personal data is erased where it is no longer necessary for Newport Pagnell Baptist Church to retain such data;

• the right to withdraw your consent to the processing at any time;

• the right to request that the Data Controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another Data Controller (known as the right to data portability)

• the right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;

• the right to object to the processing of personal data;

• the right to lodge a complaint with the Information Commissioners Office.

8. Further processing

If we wish to use your personal data for a new purpose, not covered by this privacy notice, we will provide you with a new notice explaining this new use, prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

9. Contact details

To exercise all relevant rights and queries of complaints, please in the first instance contact the Data Protection Officer at policy.enquiries@npbc.org.uk