General Data Protection Policy
This policy has been prepared by @Aldenhamchurch.com to comply with the current law regarding data protection, has been operational on 1st June 2021 and will be reviewed on 1st June 2022. For the purpose of simplification, we will refer in this document to the above organisation as Aldenham Church. The organisation has always treated personal data with the highest confidentiality and care, and this policy is just reinforcing its working ethos.
Aldenham Church needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees, and other people the organisation has a relationship with or may need to contact.
This policy describes how this personal data must be collected, handled, and stored to meet the company’s data protection standards and to comply with the law. In this instance Aldenham Church is the Controller and the Processor of such data.
The Data Protection Act follows eight important principles:
- Personal data must be processed fairly and lawfully
- Personal data must be obtained only for specific and lawful purposes
- Personal data must be adequate, relevant, and not excessive
- Personal data must be accurate and kept up to date
- Personal data must not be held for any longer than necessary
- Personal data must be processed in accordance with the rights of individuals
- Personal data must be protected in appropriate ways
- Personal data must not be transferred outside the United Kingdom
This policy has been compiled in good faith, with objectivity and integrity, to the best of Aldenham Church’s knowledge about being in compliance with the General Data Protection Policy.
This policy applies to all members of Aldenham Church as well as all contractors, suppliers, and other people working on behalf of Aldenham Church.
Training is provided when needed and the protection policy revised when necessary.
It applies to all data relating to identifiable individuals and can include:
o Names of individuals
o Postal addresses
o Email addresses
o Telephone numbers
o Banking details
o Imagery (photos, logos etc.)
o … plus, any other information relating to individuals.
Data Protection Risks & Responsibilities
This policy helps to protect Aldenham Church from some data security risks such as:
o Breaches of confidentiality (information being given out inappropriately)
o Failing to offer choice (individuals not in control of their own information)
o Reputational damage (third parties accessing sensitive data unlawfully)
Everyone who works for or with Aldenham Church has some responsibility for ensuring that data is collected, stored, and handled appropriately.
How & Why Do We Use Your Personal Data?
Your data is used for clear and efficient business communication between Aldenham Church and individuals such as dealing with a request, invoicing, being able to upload artwork on the Aldenham Church’s website, providing training on how to edit a website etc.
On occasion your data might be used for marketing purposes and individuals have the option to opt out from marketing communication. Personal data will not be disclosed to a third party without the consent of the individual unless such party is a legitimate law enforcement agency allowed to collect personal data.
Cookies are small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics.
As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
How Do We Store Your Data?
All personal data is digitally stored, and strong passwords are always in use to protect individuals and never disclosed to unauthorised people either within the company or externally. On occasion we might hold physical documentation such as invoices, letters etc. All relevant and sensitive content will be stored in a safe place in one of the committee’s member’s office.
The law requires Aldenham Church to take reasonable steps to ensure data is kept accurate and up to date however Aldenham Church cannot be held responsible for people not providing accurate and current personal information, or not responding to Aldenham Church’s requirement for updated information.
The personal data is kept as long as an individual is in a commercial relationship with Aldenham Church. When that relationship expires all data related to the individual(s) will be deleted within 48hrs unless, due to unforeseen circumstances, Aldenham Church is unable to access some digital device: in such a case, Aldenham Church will delete the appropriate information as soon as possible.
All individuals who are the subject of personal data held by Aldenham Church are entitled to access the following:
o What information we hold about them and why
o Be informed how to keep it up to date and how to access it
o Be informed on Aldenham Church’s policy revision
All requests should be addressed via email to: [email protected]