What information do we hold?
The personal information we collect usually includes your name, address, email address, phone number, date of birth, and marital status. We may also hold sensitive healthcare information that you have provided so that we can circulate prayer requests, so we are aware of food allergies, especially for children and so we can make any necessary access arrangements.
If you donate to the church via our bank account, we do not receive your account details. We do store your name and address to claim Gift Aid if you have ticked this box on the donation envelope or given us a Gift Aid declaration form. Access to this information is limited and information is held securely.
How do we collect your information?
When you attend Calvary Chapel Cardiff or otherwise actively provide personal and sensitive information, we may collect information about you. This applies to details provided electronically, face to face or on our paper sign up forms. Certain basic personal information is collected as a requirement for us to provide you with church news, events, special announcements and prayer requests to help you feel part of the Calvary Chapel Cardiff family. We may also ask you further questions that are relevant for the specific purpose. This additional information helps us to understand what ministries would benefit the church, for example a parenting or marriage programme or the information that is required to keep children safe, for example food allergies but there is no pressure involved to provide it. We would only want to know the answers if you are comfortable telling us. We only ever use the information necessary for fulfilling the purpose for which you provided it.
From time to time, especially at church events, we will take photos and videos to be used internally in church materials, for the website and used in external marketing materials. We will always get your permission before we take any photos and videos.
How do we use your information?
There are several different ways you can engage and share information with us.
We will collect and process the information you provide to send you Calvary Chapel Cardiff’s’ Weekly Bulletin, to facilitate your place on one of our courses, to invite you to church events, to make special announcements, prayer requests and service reminders for which you are scheduled and new service opportunities.
When you are involved in service for the church, we use your information to communicate with you about your role.
When you register for an event, donate or provide your data to us, either electronically, on our paper forms or verbally, we will use this information operationally to support your participation in the church. We will tailor communications about future ways you can get involved, based on your preferences.
When applying for a ministry role with Calvary Chapel Cardiff you may, if necessary be asked to provide certain information including your name, contact details, relevant experience, testimony and a DBS consent form and previous criminal conviction declaration. This information is required for us to consider your application and follow up on references as appropriate.
Sometimes, and only if you have agreed, we will add you to instant messaging groups, such as WhatsApp.
We will use your personal information to fulfil the interests of the church as the body of Christ by providing you with the support and information you have requested and consented to.
We may use information gathered in compiling anonymous statistics and research.
Who do we share information with?
We will never pass on your information to third party organisations and other churches without your express permission.
We work with other churches within the Calvary Chapel network and selected third parties who we trust. Please contact us at the email provided below if you wish to know what third parties we work with.
Church email: firstname.lastname@example.org
We will never sell or swap your information to third party organisations, and we do not share your personal information with third parties for their benefit.
We will only share your information with other third parties without consent if we are legally required to do so, for example, by a law enforcement agency legitimately exercising a power or if compelled by an order of the Court.
How do we protect information?
We take appropriate physical and electronic measures in line with data protection legislation to ensure that we keep your information secure, accurate and up to date. All personal and sensitive information is stored in a central database which is encrypted, protected and measures are in place for restricting access and preventing external data breaches. All data processors receive data protection training. We only keep your information for as long as we have a legal requirement or legitimate interest to do so in line with our retention policy. When you end your relationship with us we will keep your information for 5 years and then move it to our archives, information that is no longer required will be disposed of securely.
The data we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA) but only with your consent. It may also be processed by people operating outside the EEA. If we do send your personal data outside the EEA, we will take reasonable steps to ensure the recipient takes appropriate measures to protect your data.
Unfortunately, no data transmission over the internet can be completely secure. Whilst we do our best to protect your personal data, we cannot guarantee the security of any information which you transmit to us online and you must understand that you do so at your own risk.
What about consent?
We will only use your personal information if you have provided your consent, if we have a reasonable or legitimate interest or if we are allowed to do so by law. Our sign-up forms have clear marketing preference questions and we include information on how to opt out of further contact from us and how you can consent to receiving electronic messages. You have the right to request that we do not process your personal information (including photo’s and video’s) for marketing purposes.
We may contact you for marketing purposes (for example, to let you know about upcoming church events) by email if you have opted in to receive these.
You may opt-out of marketing emails at any time by clicking the ‘unsubscribe’ link in our emails. You can also change your contact preferences at any time, by contacting our Data Officer at email@example.com.
If you request to receive no further contact from us, we will keep some basic information to avoid sending you unwanted material in the future, and to ensure that we do not accidentally store details for the same person multiple times.
How long will you keep my information?
We will hold your information for a period of up to five years from the end of your relationship with us, in accordance with our data retention policy. This information will then be suppressed and archived on our database. In some circumstances, this will be longer. If you would like more details on how long we will hold any specific information, then please contact us and we can provide further details.
What are your rights?
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. You may also object to us keeping your personal data for some or any of the above purposes by writing to us at firstname.lastname@example.org.
You also have a right to access the personal information we hold about you and in certain circumstances to be provided with a copy of that information by submitting a Subject Access Request. You can submit this free of charge by email to email@example.com.
If you are unhappy with the way in which your personal data has been handled, you are entitled to make a complaint to the Information Commissioner’s Office.
Review of this policy
Registered Charity Number: 1195975