Data Privacy Policy

St Alban the Martyr, Northampton

Data Protection & Privacy Policy

A Brief Summary

 

The PCC & Ministers of the Parish of St Alban the Martyr, Northampton are committed to complying with all current legislation and to maintaining high standards of care of everyone connected with the life of our parish, which includes respecting their privacy and handling their personal data appropriately.  We will ensure that we obtain written consent for all personal data held, as required by GDPR2018, using standard pro forma, including

  • General Consent Form to be completed by all Electoral Roll Members 

This will be kept alongside the Electoral Roll by the Electoral Roll Officer, and updated in concert with the Electoral Roll. Individuals NOT on the Electoral Roll may also choose to complete one, where they wish to give general consent for their data to be used in the running of the parish.

  • Individuals or Groups who use the Church Hall will need to give Consent using an appropriately worded Hall Booking Form.  Repeat bookings (e.g. Beavers) may give consent for the duration of their ongoing booking.  These will be retained by the Hall Booking Clerk.
  • All Parish-affiliated groups will use a Group Membership Registration & Consent Forms(to be provided by the PCC) to obtain permission from their members.  

These forms will be kept securely by the Group Leader/Activity Co-Ordinator or Group Secretary whilst membership is active.  

Once membership ends, the specific Group Leader must inform the PCC Secretary, so that the General Consent Form can be amended/deleted as appropriate.  The Group Leader is responsible for destroying the Group Membership form and recording the destruction in the ‘Data Destruction Log’.  

From September 2018, all group members must complete a form in order to continue their membership.  Any individual who is unwilling to complete a form will not be able to continue as a member.  New members may complete a form at any time.

  • Should any individual wish to make a request for their records to be deleted, this must be made in writing via the PCC Secretary, as stated on the consent form. The PCC Secretary will then inform the Electoral Roll Officer & all relevant Group Leaders, so that the data can be destroyed, according to parish protocol.  This will ensure data is tracked and deleted correctly, and the requirement for recording deletion is complied with.

Reference material provided by the Church of England related to GDPR2018, any further legislation and good practice relating to personal data security/privacy, etc will be available for consultation [kept in the Choir Vestry in a clearly labeled file].  In addition, the PCC & Ministers will ensure that all reasonable steps are taken to ensure that we

  • maintain accurate records
  • only keep records that are actually necessary
  • ensure personal data is not replicated unnecessarily
  • ensure personal data is stored securely
  • ensure only those who have genuine need may access personal data
  • destroy all pertinent records once they are no longer needed for the purpose for which consent has been given, or once the legal requirement to keep them has been met, or once consent has been withdrawn or a request for records to be destroyed has been received (as relevant)
  • record centrally when data has been destroyed, using a ‘Data Destruction Log’
  • review this policy annually and update it to ensure compliance with current legislation/recommended best practice
  • ensure all Group Leaders are aware of their responsibilities regarding GDPR2018/data protection 
  • provide suitable pro forma
  • communicate effectively with parishioners and Electoral Roll members to ensure they are aware of their rights/responsibilities under current legislation

 


Data Privacy
Webpage icon Data Privacy Notice