top of page

Privacy policy

At Ashford Baptist Church we are committed to respecting your privacy and protecting your personal information/data at all times. We will only use your data for the purposes for which you have given us consent.
This privacy notice explains how we may collect, process, protect and share personal data about you and the rights you have in relation to your personal data.

 

Please contact the church if you have any queries or concerns. Our contact details are:

Address: Ashford Baptist Church

Church Road

Ashford

Surrey

TW15 2TT

Email: ashfordbaptistchurch@gmail.com

Telephone: 01784 557377

 

Our Data Protection Officer may also be contacted via the church office. He/she is responsible for advising the Church and its staff, leaders and members about their legal obligations under data protection law, monitoring compliance with data protection law, and dealing with data security breaches.

 

We may provide other privacy notices on specific occasions, when we are collecting or processing personal data about you. It is important that you read them all so you know how and why we are using your data. 

 

Purposes for which we will use your personal information/data

Ashford Baptist Church collects and processes information so that we can:

  • Manage, administer and promote the life of the church

  • Administer financial transactions and donations

  • Manage our website and social media presence 

  • Administer events

  • Manage our staff and volunteers

  • Comply with a legal or regulatory obligation as required.

 

How we use your personal information/data

As a church, we hold records of the people in our congregation, volunteers, community groups hiring space at the church, and church-run event attendees. We use this information to provide pastoral and spiritual care, to coordinate church activities, and to keep you informed of things happening in the life of the church where we have your consent for those purposes.

We also collect and use information about our suppliers,contractors and staff. This information is used to manage and administer the church and to carry out our purposes as a church. We will only use your personal data when the law allows us to do so. We will process your data on one or more of the following bases:

  • Because it is necessary for our legitimate interests (our primary basis)

  • It is necessary for compliance with legal obligations;

  • If it is necessary for the performance of a contract (e.g. an employment contract or a contract to hire premises), or to take steps to enter into a contract.

  • Or where we have your consent

 

Where data is being processed with your consent you have the right to withdraw that consent at any time without detriment. This may be done by contacting the data controller or office staff (see the contact details above).

Where data is being processed for a contractual or statutory reason, failure to provide adequate information may result in the church not being able to provide the service/event advertised to the individual.

 

How we collect information/data

There are a number of ways that we may collect personal information about you. For example, when or if you :

  • Attend church services or participate in other church activities.

  • Are employed by the church.

  • Make a donation by electronic means, complete financial details for offering/donations, or make payment by credit or debit card.

  • Join a serving rota

  • Apply for a Disclosure and Barring Service (DBS) check under the auspices of the church.

  • Register you and your family’s details with us at Ashford Baptist Church for events

  • Provide your contact details in writing or orally to church staff or volunteers.

  • Fill out a self-declaration form

  • Communicate with the church by means such as email, letter or telephone.

  • Have face to face meetings with staff or volunteers


 

What information/data we might collect

Personal data, or personal information, is any information about an individual from which that person can be identified. We may collect, store or use different kinds of personal data about you as follows:

  • Identity Data includes first names, last name, marital status, title, date of birth and gender.

  • Contact Data includes address, email address and telephone numbers.

  • Transaction Data includes details about payments to and from you and other details of events or services you have purchased from us, or gifts you have donated to us.

  • Financial Data includes bank account information, payment card details and gift aid details.

  • Consent Data includes information relating to permissions, consents and your preferences in receiving marketing / communication from us.

  • Special Category Data includes details about your ethnicity, your health or your religious beliefs.

  • Safeguarding Data includes information about concerns or allegations and any investigation into those. It could also include information about criminal convictions, offences or allegations where this information has been provided in relation to safeguarding.

 

How we store your information/data

Data is processed for various uses in the church and therefore may be stored and used in different ways. Our primary method of data storage is through the purpose built Churchsuite application which has been built to help us comply with GDPR :

  • Most data will be stored digitally on computers which are password and virus protected.

  • Some data will be kept in paper form. Where security is necessary this will be held in locked file cabinets within the church office. 

  • Some data is shared with third party organisations. Where we use third parties to provide elements of our service and to process data on our behalf, they are bound by law or contract to protect your personal data and only use it in accordance with our instructions. We only allow third parties to handle your personal data on the understanding that they will keep the information confidential. Whilst listing our most common third party service providers below, we may on occasion use other third party providers such as Surveymonkey, Dropbox or others.
     

  1. ChurchSuite
    We use a third party service, www.churchsuite.com to facilitate much of our church management. We use Churchsuite as our main contact database for people who are connected with us. Members of Ashford Baptist Church will be given a login to ChurchSuite where they can view and update the personal information we hold about them. ChurchSuite also uses various cookies, their privacy policy can be viewed on the following link: https://churchsuite.com/privacy-policy/
     

  2. Church Website
    Our church website is currently hosted by Church123. For more information please see their privacy policy https://www.church123.com/privacy.htm
     

  3. DBS Checking
    People who work or volunteer at the church may be asked to complete a DBS check. We use a third party called DDC Ltd. Their privacy statement can be found by clicking on the link: https://www.ddc.uk.net/policies/ . The data we keep with regards to DBS checks is minimal and only used to ensure checks are kept up to date. This is kept securely on password protected computers.
     

  4. Emails
    We use Gmail  to send and receive emails. For more information please see Google and their privacy policy https://policies.google.com/ If you would like to opt out of receiving emails from us, then please contact the church office: email; ashfordbaptistchurch@gmail.com or tel; 01784 557377
     

  5. Electronic file storage
    We use Google and OneDrive to store/share documents with relevant people within Ashford Baptist Church. This is to enable the smooth & efficient running of the church.
     

Please see https://policies.google.com/ & https://privacy.microsoft.com/en-gb/privacystatement for more information and to read their privacy policies.

 

Confidentiality and security of personal information

The security of your personal information is of paramount importance to us and we use a range of technical and organisational security measures to safeguard it.

All staff and volunteers who have access to personal and /or confidential information are subject to confidentiality obligations and training. They may be subject to discipline, including termination, if they fail to meet these obligations. 

Access to the ChurchSuite database is strictly controlled through the use of name specific passwords which are selected by the individual. Those who are approved and have authorised access to use the database only have their specific area of use within it. This is controlled by the Data Controller and the other Administrators on the software who are the only people who can access and set these security parameters. All access and activity on the database is logged and can be viewed by the Data Controller. 

If we have you as a contact at Ashford Baptist Church we are able to provide you with access to the My ChurchSuite platform, available in “app” form or within a browser. This enables you to access your personal information and that of your children, keep it up to date and manage your own privacy settings.


 

Using your personal information to keep in contact with you.

Ashford Baptist Church will use your contact information to keep in touch with you, for example providing you with updates on church life including news about events, services, resources and church news.

We will not contact you if you have asked us not to.

You can ask us to stop sending you communications or change your contact preferences:

 

How long will we maintain your information?

Most personal information will be held only whilst you wish to maintain a relationship with us as a church.  Some data may be held for longer for the purposes of satisfying any legal, accounting or reporting requirements.

 

Your rights

Under Data Protection legislation, you have the right to request access to information about you that we hold. To make a request for your personal information please contact the church office using the contact details at the beginning of this document..

 

You have the right to:

  • Request access to your personal data.

  • Request correction of the personal data that we hold about you.

  • Request that we delete your personal data.

  • Object to processing of your personal data that is likely to cause, or is causing damage or distress.

  • Request restriction or processing of your personal data.

  • Withdraw consent at any time where we are relying on consent to process your personal data.

For any further information around data protection, to make a request for your personal information or to exercise any of the above rights, please contact the church office.

Ashford Baptist Church aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 30 days of receipt of a request.

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance, or directly to the Information Commissioner's Office at https://ico.org.uk/make-a-complaint/your-personal-information-concerns/

If you would like to discuss anything in this privacy notice, please contact the church office.

bottom of page