GORDANO VALLEY CIRCUIT – PRIVACY NOTICE AND DATA MAPPING
Managing Trustees’ Privacy Notice
Local Churches, Circuits and Districts within the Methodist Church in Great Britain respect your privacy and are committed to protecting all personal information (personal data).
The TMCP privacy notice lets you know how we look after personal data which either has been provided to us or we obtain and hold about people and explains privacy rights and how the law protects people. This privacy notice is available online https://www.tmcp.org.uk/kcfinder-uploads/files/managing-trustees-privacy-notice.pdf
Data Controller
The Methodist Church in Great Britain is a membership church made up of different bodies of Managing Trustees; Local Church Councils, Circuit Meetings and District Synods. These individual charities form part of the wider connexion of the Methodist Church in Great Britain.
The controller for routine, day to day changes to the personal information we hold(eg change of address, email etc) is the local data controller or the Local Methodist Minister.
(for changes relating to Circuit Information, admin@christchurch-clevedon.org.uk )
The controller for routine, day to day data protection matters/breaches for Methodist Local Churches, Circuits and Districts is:
Trustees for Methodist Church Purposes
Central Buildings
Oldham Street
Manchester M1 1JQ
The controller for matters relating to safeguarding matters or complaints and discipline for Methodist Local Churches, Circuits and Districts is:
The Methodist Church in Great Britain
The Conference Office
Methodist Church House
25 Marylebone Road
London NW1 5JR
NOTIFYING PEOPLE ABOUT EVENTS AND FUNDRAISING We like to notify our members, those in regular contact with the Methodist Church and third parties who support the Methodist Church about upcoming church events and fundraising opportunities so that they can play as much of a role in the life of the Church as they choose from time to time. Most of the time we will let them know about such opportunities on the basis that we have a legitimate interest in doing so.
THIRD-PARTY MARKETING As a Church we will not share personal data with any third parties for marketing purposes but if a Local Church, Circuit or District thought you might be interested in hearing from another Christian denomination or a community group or charity about certain events or fundraising we require express opt-in consent to allow us to share information with you before doing so.
OPTING OUT Anyone can ask the Methodist Church or third parties to stop sending them marketing messages (e.g. messages about church events or fundraising) at any time by contacting the Local Contact.
Security Principle:
The Methodist Church in Great Britain takes its obligations under data protection law (including the General Data Protection Regulation (GDPR)) seriously. The Methodist Church is committed to ensuring that personal data is handled and managed appropriately. Together we adhere to the principles relating to the processing of personal data set out in the GDPR and UK data protection legislation which in relation to security require personal data to be : “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures”
Article 5(1)(f) of the GDPR
Data mapping form for Managing Trustees
In order to comply with GDPR, Managing Trustees for the Gordano Valley Methodist Circuit need to know what personal data they hold, where they get it from and how they use it. Below is a list of questions that will help Managing Trustees identify the personal data which is being processed by them. They will need to review all databases, spreadsheets, email lists, paper documents and any other form of list or documentation which contains personal data every 12 months.
Personal data is any information that can either directly or indirectly identify a living individual
Sensitive Personal Data under GDPR is described ‘Special Categories of Personal Data’ and is any information about a living individual regarding their racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
NB: PRIVACY NOTICE : www.tmcp.org.uk/about/data-protection/managing-trustees-privacy-notice
| Document/list description | For what purpose is the data held? | What data is collected? | Do you have explicit consent to use the data? | Do you process any Special Categories of personal Data? | How is the data held and what security measures are in place? | Who holds the data and who has access to it? | How long is the data kept for? | How is the data destroyed? | Is any data kept by or circulated to persons outside of the Methodist Church including any Ecumenical partners? |
| DBS checks | To ensure safeguarding compliance | DBS Number, Date of issue, Name and address | Yes Public Interest & Legitimate Interest | No | Circuit Safeguarding Officer’s computer, password protected | Circuit Safeguarding Officer | Until no longer need a DBS check | Deletion from computer | No |
| Circuit Meeting Members list | To send out notices, agendas, minutes, and paperwork related to meetings | Names, addresses, email address and telephone number | Yes Legitimate Interest | No | computers (password protected) | Minute secretary, Superintendent and his PA, Circuit Treasurer | Until cease to be part of Circuit Meeting | Paper shredded and electronic deletion from laptop | No |
| Document/list description | For what purpose is the data held? | What data is collected? | Do you have explicit consent to use the data? | Do you process any Special Categories of personal Data? | How is the data held and what security measures are in place? | Who holds the data and who has access to it? | How long is the data kept for? | How is the data destroyed? | Is any data kept by or circulated to persons outside of the Methodist Church including any Ecumenical partners? |
| Circuit Plan | Information and communication for Sunday Service plan | Names, addresses, email address and telephone number | Yes Legitimate Interest | No | Laptop, email and computer Notice to not share. | Electronic copies and paper copies distributed to all preachers, ministers, stewards | Electronic copies are kept for one year then archived | Paper shredded and electronic deletion from devices | Yes – Anglican Minister at Christchurch Clevedon LEP |
| Safeguarding Records | Safeguarding Compliance including Covenants of Care | Safeguarding breaches | Yes Public Interest/ Legal Obligation | No | Paper copies (locked filing cabinet) and Safeguarding/Ministers Computer (password protected) | Church, Circuit & District Safeguarding Officers | 75 years S/O 1104 & 121(7), 111(2A) | N/A But Data may be passed to Church House London. | No – unless requested |
| Church Stewards | Contact purposes for arranging meetings etc | Names, addresses, email address and telephone number | Yes Legitimate Interest | No | Computer (password protected) | Minister, Church Stewards and members of the congregation | Until Stewardship is relinquished | Paper shredded and electronic deletion from laptop | No |