“Personal data” is any information about a living individual which allows them to be identified from that data (for example a name, photographs, videos, email address, or address). Identification can be by the information alone or in conjunction with any other information.
The processing of personal data is governed by[the Data Protection Bill/Act 2017 the General Data Protection Regulation 2016/679 (the “GDPR” and other legislation relating to personal data and rights such as the Human Rights Act 1998].
This section holds our two statements about how we store and use data about individuals, in accordance with the General Data Protection Regulation.
In addition there is a form to be completed "Photographic release form" This si to be completed before any image of someone under 18 is used on Social Media or the website.
Approved by the PCC:
The PCC of the Parish of Christ Church is committed to, and bound by both the Data Protection Act 1988 and the General Data Protection Regulation 2018 (GDPR). These make a number of provisions which include stating that person data.
- Shall be processed fairly and lawfully.
- Shall be obtained only for one or more specified and purposes and shall not be further processed in any manner incompatible with that purpose(s).
- Shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Shall be accurate and where necessary, kept up to date.
- When processed for any purposes or purposes shall be kept for longer than is necessary for that purpose or those purposes.
- Shall be processed in accordance with the rights of data subjects under the regulations.
- Shall be protected by appropriate technical and organisational measures to prevent unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to personal data.
- Shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection of the rights and freedoms of the data subjects in relation to the processing of personal data.
- The PCC receives and makes use of personal information about Parishioners.
- The PCC receives and makes use of personal information about other volunteers.
- The PCC holds records of financial contributions.
- The PCC holds records of other charitable organisations.
- The PCC holds details of activities of ‘MANNA’ – The Food Bank in Staines.
The PCC will always endeavour to protect personal data from loss, misuse, unauthorised access or disclosure, alteration or destruction. Any subject access data request will be managed in line with appropriate legislations.
The PCC does not collect any personal information from visitors to its website other than information that is knowingly and voluntarily given.
The current data controller is the Vicar of the Parish of Christ Church, Staines.
Records Management Policy
This policy sets out our commitment to achieving high standards in records management. Records management is vital to the delivery of our services in an orderly, efficient, and accountable manner. Effective records management will help ensure that we have the right information at the right time to make the right decisions. It will provide evidence of what we do and why. We will create and manage records efficiently, protect and store them securely and dispose of them safely at the right time. By adopting this policy, we aim to ensure that the record, whatever form it takes is accurate, reliable, ordered, complete, useful, up to date accessible whenever it is needed to:
- help us carry out our mission and our business.
- help us to make informed decisions.
- protect the rights of our parishioners, employees and volunteers.
- ensure we comply with relevant legislation.
- provide an audit trail to legal requirements.
- Support continuity and consistency in management and administration.
- Promote our achievements.
This policy, together with any relevant procedures, applies to the management of all documents and records, in all technical or physical formats or media, created or received by the PCC in the conduct of its mission and/or business activities. It applies to all parties who are given access to our documents and records and information processing facilities.
All Trustees of the PCC have a responsibility to ensure that our records are managed well. However, there are also some specific roles will are detailed below: -
The PCC in body corporate – to devise and annually review all data protection related polices.
The Standing Committee – to devise and annually review all procedures relating to data protection. To ensure that all parties who are given access to our documents and records and information processing facilities are aware of and adhere to both the policies and procedures.
Data retention policy
This policy exits to ensure that the PCC only retains information for as long as it is needed. It takes account of the context within which the PPC operates and complies with the fifth data principle.
A table containing the recommended retention period is given for each type of record held/used. The retention period applies to all records in that category by default and will be adhered to wherever possible. Retention periods also apply to all formats of records, i.e. paper and electronic, unless stated otherwise.
Type of record
Responsibility for destruction
Agenda & Minutes of the PCC.
Agenda & minutes of The Standing and Finance Committee.
Agenda & minutes of respective Leadership Teams.
6 Years from last entry
Electoral Roll Officer
Contact details of staff.
Contact details of volunteers.
Details of financial Contributions.
Details of financial Receipts.
4 Years (Checked every 3 years)
Parish Safeguarding Officer
Contract details for paid staff.
Star Warden for Office staff and caretaker Vicar for Director Music.
Information Sharing Policy
This policy exits to ensure that the PCC only shares information when it is essential to do so. It takes account of the context within which the PCC operates and complies with the second data protection principle.
The PCC will only ever share the minimum amount of data necessary.
The PCC will only share information when it is essential to do so. Information will be shared with the following: -
- The Dioceses of London upon receipt of a legal or reasonable request.
- Specific employees, parishioners and/or volunteers in order that they fulfil their individual roles in pursuit of the PCC’s mission and /or business.
- Other similar organisation if the PCC are unable to fulfil the request.
In the case of safeguarding concerns information will be shared in line with the PCC’s Safeguarding police and appropriate legislation.
On behalf of the PCC
Photographic Release Form
I hereby grant permission to Christ Church, Staines, to use any photographs of myself and/or my child, named below, taken at any Church event in publications, news releases, Facebook page and website from this date forward.
I will be given copies of any photograph if requested.
I can at any time withdraw this permission by requesting in writing use of the photographs be stopped and any that are currently stored are destroyed. I understand it is not always possible to completely remove images from any use on the internet, i.e. Facebook once published.
Copies of any photographs taken will be stored electronically in-line with Christ Church’s Data Protection, including GDPR Policy. Which may be viewed on their website: www.christchurchstaines.co.uk or you may request a copy from any member of staff.
Name (Adult): ______________________________________
E-mail (Optional): ______________________________________
Childs Name: ______________________________________
Relationship to adult above: ___________________________
(Signature of Adult, or Guardian of Children under age 18)
This completed form will be kept on file under Christ Church’s Data Protection,
including GDPR Policy.
Christ Church, Warwick Ave, Staines, TW18 1DP
Church of England
Diocese of London
Parish of St . Mary and St. Peter Staines
Proudly powered by Weebly