Privacy Policy - Strathmore Christian Fellowship

DATA PRIVACY NOTICE

Strathmore Christian Fellowship (SCIO – Scottish Charity No.: SC 014737)

Who we are

Strathmore Christian Fellowship (SCIO – Scottish Charity No.: SC 014737) is the Data Controller. SCF decides how your personal data is processed and for what purposes.

Strathmore Christian Fellowship (SCF) complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

How do we process your personal data?

Your data will be processed by office bearers of SCF depending on the type of data. For example, the treasurer for finance matters, the pastor or group leaders for contact regarding events or your participation in church rota activities.

SCF will not share your data with third parties without your consent unless required by law e.g. HMRC for Gift Aid claims. We use some third party software to process some of your data. These include:

FileZilla is the processor for SCF’s website
SU LightLive holds contact details of children’s workers
WhatsApp mobile phone group contact platform
First Books for accounting & Donations Coordinator for Gift Aid
MailChimp is the platform used for email communication
Eventbrite for the organising and the booking of some events
Dropbox is used for backing up SCF computer files

Why we are using your data

We use your personal data for the following purposes:

To become a member of SCF the pastor/leader will compile a short report of your faith journey including details of how you came to faith and if you have been baptised.
To allow other church members to know how to contact you for church-related or personal activities. This is our church address list.
For the pastor/leaders to contact you with regards to pastoral concerns/duties and church/ministry events.
For the pastor/leaders to send you the weekly update bulletin and other updates/information from time to time.
For the organisation and running of all regular ministry/groups and any ad hoc events.
For storing information regarding children’s ministry e.g. dates of birth for those under the age of 13, plus any allergies and additional needs.
In order to facilitate giving/offerings and to process Gift Aid.
To organise payroll for paid staff.
In order to facilitate and promote evangelism.
To record information required by the SCF SCIO Constitution e.g. registering attendance at AGMs/EGMs; the minutes of SCF Leaders’ Meetings

What basis we are using to process your data

We must indicate a lawful basis to process your data. We will process your data under one of the following bases for the purposes outlined above:

Consent – We will ask for your consent to collect and use your data. Please fill in a Consent Form, which will allow you to tell us exactly how we can collect, use and store your data. This consent can be withdrawn at any time.
We may rely on a separate basis for processing your data in specific circumstances:
Legal Obligation – we will collect, store and process your data if it is necessary to comply with a legal obligation e.g. for the processing of Gift Aid claims with HMRC or to comply with SCIO requirements.
Criminal Offence Data – we are required to hold and process this data if it is deemed necessary i.e. for job applications or for PVG applications. This is to ensure that we can protect the interests of the members of our church.

Special Category Data

This is data such as age; race; genetics; ethnic origin; politics; health; sexual orientation/sex life; religion. Under GDPR legislation this data is considered more sensitive and therefore requires more protection. These are the circumstances where we would process this type of data:

if you have given us your explicit consent – for example prior to contacting church members/regular attenders with prayer requests for specific health needs.
if it is necessary to protect your vital interests and you are incapable of giving consent – for example if emergency medical treatment is required
if it is necessary in the course of our legitimate activities – i.e. the data we hold for you is needed to aid in the normal running of the church. For example, we record details of your faith journey if you wish to become a member of SCF.
if you have already made the data public.
if it is required by legislation or a court acting in its judicial capacity.
with regard to employees of SCF – if it is necessary for employment rights or necessary occupational medicine and the provision of health or social care.

Who will see your personal data

Details included on the SCF Address List are distributed on a named basis to members and regular attenders of SCF in paper and electronic format.

Any additional personal data is treated as strictly confidential. When data is stored electronically it is password protected. When data is stored on paper it is in a locked cabinet.

We will only share your data with third parties outwith SCF with your consent or where there is a legal requirement e.g. Gift Aid claims.

Your rights under GDPR

You have the following rights with regards to your data.

Right to be informed – we will let you know what data we are processing, why and how it is stored. You have the right to withdraw consent at any time.
Right to access – you have the right to ask to see any of the data we hold for you, and we must comply within 1 calendar month.
Right to rectification – if you tell us that the data we hold for you is incorrect we must update your data within 1 month.
Right to object – you can object to some types of processing. For example, to fundraising requests. We must honour this within 1 month.
Right to erasure – you can ask us to erase your data at any time, and we must comply with this within 1 month, except when your data must be held for legal reasons (e.g. Gift Aid donation records or SCIO compliance).
Right to restrict processing – you have the right to restrict processing of your data under certain conditions. Most likely this will apply if you tell us your data is incorrect. We will not process or use your data until the corrections have been applied.
Right to Data Portability – this right applies to data held on computer. You have the right to obtain your data if you wish to re-use elsewhere

Removing Your Data

You can withdraw your consent for us to hold your data at any time – contact the administrator for Strathmore Christian Fellowship by emailing strathmorecf@gmail.com
We will then remove your data within a period of 1 month. (Please note that the removal of your data will mean that you will no longer be notified of church and ministry events.) It says above 1 month for removal
You can amend your contact preferences at any time. Either fill in another consent form and tick the relevant boxes, or contact the administrator as above.

Data retention and disposal

Under the SCIO constitution of SCF we have a legal requirement to store your data while you remain a member of SCF and for a period of six years after that time. This includes records of attendance at AGMs
We are required to store payroll and Gift Aid documentation for a period of seven years.
Any data which is to be disposed of will be securely deleted (in the case of computer held data) or securely shredded (in the case of paper data)

Further processing
If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, we will provide you with a new notice. We will explain the new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

Contact Details
If you have any queries, in the first instance please contact the administrator, email: strathmorecf@gmail.com or speak to one of the Elders.