Data Protection Policy

DATA PRIVACY NOTICE ~ GATEWAY CHURCH NORTHUMBERLAND
Gateway Church Northumberland is the data controller and processor (contact details below). This means it decides how your personal data it holds is processed and for what purposes.

We are absolutely committed to protecting your privacy, and our legal duties under the Data Protection Act and the General Data Protection Regulation.

As such:
• Gateway Church Northumberland will process and control all data on the basis of informed consent, except where one of the other lawful grounds applies (a) contracts e.g. for employment; (b) legal obligations e.g. safeguarding; (c) vital interests e.g. when it will protect physical integrity or life; (d) legitimate interests
• We will respect your privacy. You will only be contacted in regard to Gateway Church Northumberland related matters

Your acceptance of our privacy policy
This policy is effective from May 25th 2018. Accepting our privacy policy means you are happy for us to use your personal information as described in it. We may change this policy so please check from time to time.

What information do we collect?
At Gateway Church Northumberland, we may collect different types of information about you for the following main reasons:
• To be able to communicate with you by email and other means
• To be able to register you into events and training programs
• To be able to collect donations and claim gift aid
• To help us to improve the service we offer
• To enable us to provide a voluntary service for the benefit of the public in a particular geographical area as specified in our constitution.

We may collect information on you through email sign-up, contact forms, donation forms, training application forms, event registration forms, safeguarding requirements and/or legal proceedings.

We collect the minimum information required to provide the service requested. We will ask you to consent to Gateway Church Northumberland holding and processing the information we are requesting.
• For email sign-up and contact forms – to identify you and be able to communicate with you
• For donations – to verify payments and claim Gift Aid
• For training applications – to assess suitability for the course being applied for, including contact details, and relevant experience and knowledge
• For event registration – contact details, payment details, church, access and dietary needs
• For children – to identify them, age, access needs and dietary needs
• For safeguarding and legal proceedings, the information held is governed by law
• We only keep other personal information where it was supplied by you for other reasons

No personal data is shared with a 3rd party for any reason including marketing and research.

Gateway Church Northumberland does not operate automated processing, decision making or profiling

Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

Who will have access to my information?
Your personal information will be visible to our internal, authenticated users. Such personnel are only allowed to use that data for Gateway Church Northumberland purposes.

Information will only be transferred to a 3rd party, or outside the EU, on the basis of informed consent, or for the performance of a contract, to protect the data subject or other persons, for important reasons of public interest, or for legal reasons.

How long do Gateway Church Northumberland keep my information?
Different types of information are subject to different retention periods. Specific data retention periods relating to your data can be supplied with a subject access request. We will delete personal information once it is no longer needed or on the request of the data subject, restrictions permitting (some data has to be legally retained).

What are my individual rights?
Individuals have the following rights concerning information that Gateway Church Northumberland holds about them:
• Request confirmation that your personal data is being processed
• Request access to a copy of information including the source and recipients of your data
• Request the correction of any information
• Request the deletion/erasure any information
• Restrict the processing of your data when the accuracy, legitimacy or legality of the data or processing is being investigated
• Object to the processing of your data based on legitimate interests or the performance of a task in the public interest

Rights relating to data portability and automated decision making do not apply as Gateway Church Northumberland does not carry out automated processing or decision making.

You have the right to a copy of all the information we hold about you (apart from a few things which we may be obliged to withhold because they concern other people as well as you).

How can I exercise my rights?
To exercise any of your individual rights, including obtaining a copy of the information Gateway Church Northumberland holds about you, write to the Data Manager at the Gateway Church Northumberland or via the email address shown below.

This is free of charge for electronic copies of information, but an admin fee may be charged for hardcopies of information, or where a request is manifestly unfounded or excessive.

If you are not known to the Data Manager your identity will need to be verified before handing over any information. We will reply as promptly as we can and within the legal maximum of one month.

What else should I know about privacy?
Like many websites, Gateway Church Northumberland uses tiny computer files called ‘cookies’ to enhance your browsing experience. We do not identify you through the use of cookies or information sent by your computer except where you have asked us to remember your details. Our pages may contain links to other websites, and you should be aware that we are not responsible for the privacy practices on other websites.

Remember to close your browser when you have finished your user session. This is to ensure that others cannot access your personal information and correspondence if you share a computer with someone else or are using a computer in a public place like a library or Internet cafe. You as an individual are responsible for the security of, and access to, your own computer.

Please be aware that whenever you voluntarily disclose personal information over the Internet that this information can be collected and used by others. In short, if you post personal information in publicly accessible online forums, you may receive unsolicited messages from other parties in return. Ultimately, you are solely responsible for maintaining the secrecy of your information.

Breach of Data Procedures
We have procedures in place to detect data breaches. In the event of a breach likely to result in a risk to the rights and freedoms of an individual e.g. it could result in discrimination, damage to reputation, financial loss, loss of confidentiality or other significant economic or social disadvantage, we will notify the Information Commissioner’s Office and the individual concerned. We will investigate the breach and implement any improvements to our practices necessary as a result.

Contact Details
To exercise all relevant rights, queries or complaints please in the first instance contact the Data Manager, Gateway Church Northumberland, Dene House, Shilbottle, Alnwick, Northumberland, NE66 2HS or at gatewaychurchnorthumberland@gmail.com

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.