Data Protection Policy
Centrepoint Church
Data Protection Policy
2020.04.21
4.2.1 Personal data is information relating to a living individual who can be identified:
5.1 Centrepoint Church intends to comply fully with all aspects of data protection legislation.
5.2 Centrepoint Church will make all reasonable efforts to maintain a comprehensive written notification with the Data Protection Commissioner.
5.3 Centrepoint Church will do its utmost to ensure that all its staff, consultants and trustees are conversant with data protection legislation and practice.
5.4 Centrepoint Church will only hold data for prescribed charitable purposes. These include student administration, personnel administration, membership administration, accounts and records, advertising marketing and public relations, fundraising, charity objectives and local church ministry.
5.5 Centrepoint Church will not pass personal data to third parties.
5.6 Centrepoint Church will use standard, approved statements about data protection in all Centrepoint Church’s literature in which personal data is collected. The statements for use are:
“Centrepoint Church will only use personal data in connection with its charitable purposes. It does not make personal data available to any other organisation or individual”.
“ENSM will only use personal data in connection with its educational purposes. It does not make personal data available to any other organisation or individual”.
5.7 Centrepoint Church will provide procedures for access to personal data for all those for whom personal data is held. No charge will be levied on anyone (staff, personal members or other contacts) requesting access to their personal data.
5.8 Data will not be held longer than is necessary.
5.9. Access to data by staff and volunteers will be allocated on a domain-relevant basis.
6.1 Personal and sensitive personal data are held securely in online clouds, on computers and in manual files. This data may include the following:
6.2 Staff will be asked to sign a form consenting to data being held and processed for the following purposes:
6.4 Centrepoint Church’s employment application form has been amended to include the individual’s consent to sensitive personal data being used by Centrepoint Church for recruitment, selection and statistical purposes. Likewise when CV’s are received, the letter in acknowledgement will contain a clause: “The information contained in your letter and CV will only be used by Centrepoint Church for recruitment, selection and statistical purposes.”
6.5 Centrepoint Church’s student application form has been amended to include the individual’s consent to sensitive personal data being used for school-related purposes.
7.2 Centrepoint Church needs to ensure that:
The Database provides for different levels of security giving us the ability to ensure confidentiality of data by restricting access to different records and functions to only those users that need to use them. Persons should not disclose their password to other individuals. Passwords are required to have a minimum password strength and to be changed every 6 months.
CONTACTS: COLLECTION OF DATA
8.1 Centrepoint Church will make sure the Data Subject knows our identity and why and how data will be used and that the data is relevant to our charitable work.
8.2 If individuals are being added to Centrepoint Church’s database or Manual filing system they need to be informed how Centrepoint Church will store and use their data at the time the data is collected.
Data Protection Policy
2020.04.21
- SCOPE
- CONTEXT
- PURPOSE
- DEFINITIONS
- Accounts and Records
- Advertising, Marketing and Public Relations
- Staff, Contractor, and Vendor Administration
- Administration of Student Records
- Fundraising
- Realising the Objectives of a Charitable Organisation or Voluntary Body
- Local Church Ministry
4.2.1 Personal data is information relating to a living individual who can be identified:
- from the data
- from the data which includes an expression of opinion about the individual
- racial or ethnic origins of the data subject
- political opinions
- religious beliefs or other beliefs of a similar nature
- trade union membership
- physical or mental health
- sexual life
- the commission or alleged commission of any offence
- any proceedings for any offence committed or alleged to have been committed by the data subject.
- POLICY
5.1 Centrepoint Church intends to comply fully with all aspects of data protection legislation.
5.2 Centrepoint Church will make all reasonable efforts to maintain a comprehensive written notification with the Data Protection Commissioner.
5.3 Centrepoint Church will do its utmost to ensure that all its staff, consultants and trustees are conversant with data protection legislation and practice.
5.4 Centrepoint Church will only hold data for prescribed charitable purposes. These include student administration, personnel administration, membership administration, accounts and records, advertising marketing and public relations, fundraising, charity objectives and local church ministry.
5.5 Centrepoint Church will not pass personal data to third parties.
5.6 Centrepoint Church will use standard, approved statements about data protection in all Centrepoint Church’s literature in which personal data is collected. The statements for use are:
“Centrepoint Church will only use personal data in connection with its charitable purposes. It does not make personal data available to any other organisation or individual”.
“ENSM will only use personal data in connection with its educational purposes. It does not make personal data available to any other organisation or individual”.
5.7 Centrepoint Church will provide procedures for access to personal data for all those for whom personal data is held. No charge will be levied on anyone (staff, personal members or other contacts) requesting access to their personal data.
5.8 Data will not be held longer than is necessary.
5.9. Access to data by staff and volunteers will be allocated on a domain-relevant basis.
- SCOPE
6.1 Personal and sensitive personal data are held securely in online clouds, on computers and in manual files. This data may include the following:
- Name, address and telephone
- National Insurance number and date of birth
- Nationality
- Passport information
- Health and health insurance information
- Bank details and details of any previous pension scheme
- Start date/salary at start date
- Job title
- Next of kin and contact details
- Details of any regular medication
- Church affiliation and Christian experience
- Career history/previous employment
- Qualifications obtained/membership of professional bodies
- References
- Appraisals
- Student records
- Attendance
- Discipleship benchmarks
- Giving records
- Children’s details
- PVG status
- ChurchSuite: https://churchsuite.com/terms-of-service
- MailChimp: https://mailchimp.com/legal/privacy/?_ga=2.100453789.224609872.1526389084-1911980369.1516012689
- Moodle: https://moodle.org/mod/page/view.php?id=8148
6.2 Staff will be asked to sign a form consenting to data being held and processed for the following purposes:
- Recruitment and selection
- Performance management and training
- Absence recording
- Monitoring
- Statistical analysis
6.4 Centrepoint Church’s employment application form has been amended to include the individual’s consent to sensitive personal data being used by Centrepoint Church for recruitment, selection and statistical purposes. Likewise when CV’s are received, the letter in acknowledgement will contain a clause: “The information contained in your letter and CV will only be used by Centrepoint Church for recruitment, selection and statistical purposes.”
6.5 Centrepoint Church’s student application form has been amended to include the individual’s consent to sensitive personal data being used for school-related purposes.
- SECURITY
7.2 Centrepoint Church needs to ensure that:
- Our IT network is as secure as possible from unauthorised access including access through the website.
- Individual PC’s are password protected.
- Individual PC’s are logged off when individuals are away from their desk for more than a few minutes at a time.
- Personnel and other files holding sensitive or confidential personal data are secured and only made available to staff with authorised access.
The Database provides for different levels of security giving us the ability to ensure confidentiality of data by restricting access to different records and functions to only those users that need to use them. Persons should not disclose their password to other individuals. Passwords are required to have a minimum password strength and to be changed every 6 months.
CONTACTS: COLLECTION OF DATA
8.1 Centrepoint Church will make sure the Data Subject knows our identity and why and how data will be used and that the data is relevant to our charitable work.
8.2 If individuals are being added to Centrepoint Church’s database or Manual filing system they need to be informed how Centrepoint Church will store and use their data at the time the data is collected.
- QUERIES
- Data protection policy and practice is monitored, updated and continuously developed further by Centrepoint Church’s appointed Data Protection Person.