St John's Church - Privacy Policy

1. Introduction

At St John's Church we store contact details and other information about people who are connected with the church. This helps us to communicate well with you about church activities that you are involved with and, if you opt-in,  new events that are coming up. It also helps the staff team with their oversight of what is happening in the church and who is involved. We may also record attendance information, for instance in children's groups, to help us manage these groups effectively and for child protection requirements.

We take our duty to process your personal data seriously.  This policy explains what data we collect, how it is used and managed and your rights in connection with your details.

The information you provide will be used for the operational running of St John's Church.  It is stored on a computer system in the UK to keep all this data up-to-date, secure and to ensure we comply with data protection regulations. It will not be shared with any party outside of the St John's Church organisation and membership.  Only if you opt in to allowing your data to be shared with other church members on this system then they will have access to read parts of your contact details.

2. What information we collect

The information that we keep usually consists of your name, status (adult/child), gender and family connections. If you have provided them to us then we will also keep your address, telephone, email addresses, mobile number, allergies and date-of-birth. If the church is involved in your pastoral care, then information relating to this care may be stored. We will also store information regarding membership of groups or committees within the church, such as being an attendee of a congregation or small group. It will also be necessary to store information about ministries you are involved with and the dates and times of any duties associated with those ministries, details of any church-related subscriptions and all information we may have requested for the purposes of DBS checks.

3. How we use this information 

If you are involved with a ministry at the church we may email or text you about this ministry, for instance with rota updates or information about what's coming up. If you consent to receiving emails about new ministries, events or products then we can keep you advised of those things that may interest you. We may also process and store information on any invitations we have sent to you for activities or events, your attendance at any activities or events. We may "profile" the information we collect about you and use automatic processing particularly for the purposes of choosing how relevant a church activity is to you based on group membership, age, gender or address.

4. Retaining your data

The General Data Protection Regulations provide several acceptable reasons for processing your information. If you are a regular attendee at the church or a recent new contact then we use the "Legitimate Interest" reason because keeping your contact details is important to running the church. If you are not a regular attendee then we use the "Consent" reason which requires us to get your opt-in consent allowing us to process your data. If you are a church attendee who has left the church, we may keep your name on record, for historical or statistical purposes for a limited period of 3 years. We may keep more details and for longer periods if you have been involved in ministries that have legal record-keeping obligations such as child-protection, employment or accident reporting. Details of retention policies for many different scenarios are published by the Church of England and could be more than 50 years.

5. Keeping you in control of your data

You have various rights under the General Data Protection Regulations:

a).   You have the right to erasure - the right to request that we delete some or all of your details. This right only applies where we have no legitimate interest or legal requirement (e.g. child protection) to keep them. For example, if you gave us your mobile number but now want us to delete it, since it's not a requirement for running the church, but just a convenience, then we are obliged to do so.

If you are not currently involved with the church and have not been involved in any ministries that would legally require us to keep records then we require optin consent from you to keep your data. You have the right to withdraw this consent at any time.

Legitimate Interest is also overridden by your interests, rights or freedoms. For example, if we want to keep your address to help us provide pastoral care, but you argue that you want your address to be totally secret because you would be at risk of harm if it became known, then that risk would override our convenience and we would be obliged to delete it.

b).   You have the right to rectification - if we hold incorrect details about you then you can require us to correct them.

c).   You have the right to be informed about how we use your contact information.

d).  You have the right of access - we must provide you with details of information we hold about you on request. However, if your request is manifestly unfounded or excessive then we can charge a reasonable fee for responding or we can refuse to respond.

e).   You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you think we have been mishandling your data.

f).   You have the right to restrict further processing of your data for example if you have lodged a formal complaint and are awaiting the outcome.

g).   You have a right of portability - the right to request that all of your information be sent to another church or organisation

The full detail of your rights can be found on the ICO's website.

The data protection supervisor for the church is Philip Jones and can be reached at:
Tel:  (01892) 540897
St John's Church
Amherst Road
Tunbridge Wells

 Requests regarding data protection should be sent here.

Contact us

For more information, please do get in touch with the Church office on 01892 540897