Privacy Policy
Introduction
Syston Evangelical Baptist Church (hereafter "SEBC") acknowledges its responsibility regarding the collection and use of personal data. This policy outlines how SEBC collects, uses, stores, and protects personal data of its members and friends, in compliance with the General Data Protection Regulation (GDPR).
Definitions
GDPR: General Data Protection Regulation.
Data Controller: The entity responsible for determining the purposes and means of processing personal data. For SEBC, this is the Deacons and Church Officers.
Data Processor: Any individual or entity that processes data on behalf of the Data Controller.
Data Subject: The individual to whom the personal data relates (i.e., you).
Data Protection Law: means all data protection laws and regulations applicable to the UK including:
UK Data Protection Act 2018
UK General Data Protection Regulation (UK GDPR)
Privacy & Electronic Communications Regulations 2003 (PECR) for electronic communications
If the EU GDPR applies to certain activities, SEBC will also comply with it.
Personal Data: Any information that can be used to identify an individual, including but not limited to name, address, phone number, and email address.
Data Collection and Use
SEBC collects and uses personal data for the following purposes:
Maintaining records of church membership.
Disseminating information pertaining to church news, events, and activities.
Maintaining a church directory for use by church members.
Fulfilling safeguarding responsibilities.
Communicating via the church’s website, Facebook page, X (Twitter) account, and other online platforms.
Managing church operations through ChurchSuite
ChurchSuite
SEBC utilises ChurchSuite as its church information management system. ChurchSuite assists in organising and managing church data for the purposes outlined in this policy. ChurchSuite may involve the processing and storage of personal data by a third-party provider, and SEBC ensures that any such processing is carried out in compliance with GDPR regulations. Specific details on ChurchSuite's data handling practices can be made available upon request.
Data Storage and Protection
Personal data is stored securely in both electronic and paper formats. SEBC takes reasonable steps to ensure this data is protected against loss, misuse, or unauthorised access.
Data Sharing
Personal data may be shared with other church members for administrative and church-related purposes. It may also be disclosed to external agencies when necessary, including but not limited to:
Social Services
FIEC (Fellowship of Independent Evangelical Churches)
Thirtyone:eight (formerly known as the Churches' Child Protection Advisory Service)
HMRC (for tax-related purposes such as Gift Aid)
Data Retention
SEBC retains personal data only for the period necessary to fulfill the purposes for which it was collected. Data may continue to appear in printed and electronic materials until updated, replaced, or deleted. Gift aid declarations and related paperwork will be retained for a period of 7 years following the end of the relevant calendar year.
Legal Basis for Processing
SEBC processes personal data based on the following legal grounds:
Explicit consent for the purposes of informing individuals about church activities, news, and events, as well as for processing gift aid donations.
Processing is necessary to comply with legal obligations.
As a not-for-profit religious organisation, processing is conducted in relation to members or former members of the church, provided there is no disclosure to a third party without consent.
Data Subject Rights
Under the GDPR, individuals possess the following rights regarding their personal data:
The right to request a copy of the data which SEBC holds about them.
The right to request rectification of inaccurate or outdated personal data.
The right to request erasure of personal data when it is no longer necessary for SEBC to retain it.
The right to withdraw consent to data processing at any time.
The right to request data portability.
The right to request restriction of processing in certain circumstances.
The right to object to the processing of their data.
The right to lodge a complaint with the Information Commissioner’s Office.
Safeguarding
SEBC is committed to safeguarding children, young people, and vulnerable adults. If required, personal data may be shared with law enforcement, social services, or other safeguarding agencies in accordance with legal obligations. In such cases, safeguarding concerns will take precedence over data protection rights. All safeguarding-related data is handled with the highest level of confidentiality and care.
Online Presence
SEBC maintains an online presence through its website and social media platforms. While the website does not process personal data directly, personal information is managed and stored through ChurchSuite, as outlined in the ChurchSuite section of this policy.
Our website may use cookies to enhance user experience. Users can manage their cookie preferences through their browser settings. Website analytics may track site visits, but they do not collect personally identifiable information.
Changes to this Policy
SEBC reserves the right to modify this privacy policy. Users will be provided with a new notice explaining any new processing purposes, including the reasons and manner of such processing, prior to the commencement of said processing. Where necessary, SEBC will seek explicit consent for any new processing activities.
Contact Information
If you have any questions, need to exercise your data rights, or wish to raise a concern, please contact the church officers using the contact form on the contact page.
For written correspondence, you can also reach us at:
Syston Evangelical Baptist Church,
1111 Melton Road,
Syston, Leicestershire, LE7 2JS
Consent
The use of personal data by SEBC requires your consent. Please contact a member of the SEBC team if you require clarification or have any questions regarding this policy.