Privacy and how we use your data
How Grace Communion International (GCI) uses your information.
GCI respects the personal data* we hold on you and takes the security of it seriously. We are committed to safeguarding the privacy of your information.
*Personal data means any information that may be used to identify an individual, including, but not limited to, a first and last name, a home or other physical address and an email address and/or other contact information.
GCI is a charity that seeks to advance the Christian faith and educate in accordance with its statement of beliefs.
Grace Communion International (the Data controller) is a registered charity in England and Wales (311098) and Scotland (SC040008) and is a registered private company in England and Wales (654913). The company’s registered office is 9 the Point, Market Harborough, LE16 7QU.
We collect personal information from:
- our supporters/those who attend our churches
- our volunteers
- those who attend our camps and events
- our donors when they donate
- those who contact us
We use personal information to:
- keep in touch with our supporters
- carry out reasonable administration of our mailings, donations, volunteering and other services
- manage enquiries from supporters and others
- improve our communications and develop our work
We also collect data relating to use of our websites.
How we obtain personal information
Most of the personal data we hold is given to us directly by the data subject. Those who join our mailing lists, or attend our churches, provide us with their information. The information includes
- Name and title
- Address including postcode
- Email address
Some of our supporters also provide
- A telephone number
- Birth date/age
- Baptism date
- Gift Aid declaration
We sometimes need to collect additional information, e.g. for those who are working with children and vulnerable adults, and those who attend our summer camps and/or retreats.
We also collect
- Information about our relationship with our supporters / those who attend our churches
- Information provided by those who contact us with enquiries
Occasionally we might obtain personal data from other sources – e.g. we sometimes verify postcodes/addresses with the Royal Mail website or look up phone numbers in public directories if we need to get in contact with them.
Why are we collecting your personal data?
The information you provide about yourself will be used primarily for the operational running of the Church. We will use your data for purposes relating to our ministry, including but not limited to:
- Keeping you up to date about our church services
- Letting you know about upcoming church events (e.g. summer camps and festivals)
- Sending out bible studies and other literature designed to help people grow in the Christian faith
- Keeping financial records (including thanking donors and sending out receipts).
- Managing our volunteers and staff
- Provide ministerial support (E.g. biblical counselling and hospital visits)
- Plan meetings and events
- Make occasional phone calls to our contacts for specific time-sensitive purposes
- Improve our communications and services.
We endeavour to keep this information up to date. This includes monitoring returned mail to let us know if someone no longer lives at his or her current address.
If someone has applied to work for us, his or her information will only be used for the purpose of recruitment and processing their applications. Applicant information is retained for six months after a recruitment decision has been made.
How long to we keep your personal data?
We hold your data for varying lengths of time depending on the information in question, but in doing so we always seek to comply with Data Protection Legislation. Our relationship with those who attend our church is long term, so we keep that information as long as we need it to maintain that relationship. Certain data, e.g. financial records, are required to be held for a certain length of time in case we are audited by the Inland Revenue.
How we use your information is subject to your instructions, Data Protection Legislation, and other relevant legislation. Emails sent by us should all have a clearly identifiable way to unsubscribe from the list.
Our work, however, may require us to give information to third parties from time to time, for example, our insurance providers. We may disclose and exchange information when required to do so by law. We hold information at our Service Centre.
When we no longer need to keep your data, your data is disposed of securely using specialist companies where necessary.
Security, storage and sharing
We have measures in place to ensure there is proper security for the information we hold and protect against the loss, misuse or alteration of personal information. Where possible we use encryption for electronic files or locks for hardcopy files. We cannot promise that loss, misuse or alteration of data will not occur, but we seek to review regularly the security of our personal information and will keep you informed should any data breech take place that affects your personal information where appropriate.
We do used third parties from time to time to help us store and process personal information (e.g. with Dropbox for storing and backing up data, or Google with our email services). We, however, remain in control of the information and the companies involved are not allowed to do anything with the information other than what we have requested of them.
Occasionally we might need to share your information where it is required by law, or to respond to any legal or regulatory action. E.g. we might need to share your data if we are audited or pass on information regarding Gift Aided donations to HMRC because we have a legal obligation to do so.
Should it be necessary to transfer your data outside of the EEA, we ensure that robust data sharing agreements are in place. For example, Google is a US company, but it has certified compliance with the EU-US privacy shield framework.
Under GDPR you have the right of access to the personal data we hold about you. To make a request for personal information we hold about you, please contact Alexis Luckhoo on 01858 437 099 or firstname.lastname@example.org
Your rights also include:
- Objecting to the processing of personal data that is likely to cause, or is causing, damage or distress
- Any personal data found to be inaccurate or out of date be rectified
- Any personal data be erased where it is no longer necessary to be retained
- Objecting to any automated decisions being made
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. When necessary, we will seek your prior consent to the new processing.
To exercise all relevant rights, queries or complaints please in the first instance contact the Data Co-ordinator, Alexis Luckhoo on 01858 437 099 or via email email@example.com or Grace Communion International, 9 The Point, Rockingham Road, Market Harborough, Leicestershire, LE16 7QU.
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.