For the purposes of this document Wheelock Heath Baptist Church will be referred to as WHBC.
At WHBC we are committed to protecting your privacy. We will not share any information about you without your consent.
We will respect your email privacy. You will only receive emails from WHBC in relation to areas you have requested. Your email address will not be shared with any third party without your consent. Emails displaying the email addresses of other people should not be forwarded.
If you choose to send us information via email we cannot guarantee the security of this information until it is delivered to us.
We may collect the following information about you, (which you provide via email, telephone, website 'Contact us' page or hand-written forms):
Any personal information that you give us is kept confidential and not used for any other purpose apart from that for which it was given.
Who we will share your information with
What we will use your information for
Consent Forms should be signed and dated, and then stored securely. Your consent is required for us to collect and store your data. You have the right to withdraw your consent at any time.
Parental Consent for a child to attend children’s activities is necessary, and also the contact details, permissions and health information are required for the safeguarding of the child.
Right to change, amend or delete your information
You can contact us by writing to us at WHBC, Hassall Road, Winterley, Cheshire CW11 4RJ or via the website 'Contact us' page whbc.co.uk .
If we make any further changes or updates we will inform our contacts by email and place a notice in the Weekly Church Bulletin.
Specific Information and guidelines for people involved in the church.
Your responsibilities regarding Privacy and Data Handling
The Church Directory currently lies on lots of computers, other devices and on printed lists.
Previously Church people have willingly given their information with the understanding that it would be widely shared.
From 25th May 2018 onwards, this consent to share contact details will be given in writing and will be dated.
The reasons for the Directory are-
Your responsibility as a holder of the data of other people -
Your right to have your information amended or erased -
Once you or someone else has formally requested amendment or erasure of their information the Data Controller (church) must inform all those on the directory of the changes.
They must request that the current list is deleted from your computer and a new version, if required, will be emailed to you. Each individual is responsible for complying with this request. Paper copy holders must amend their copies.
Once an entry has been deleted, others on the directory should no longer contact that person on church business.
All emails being sent out should be blind copied (bcc).
However for general church business some distribution lists are used for ‘reply all’ responses. Extra care should be taken not to forward these emails to anyone who is not in the group.
When forwarding an email, take care to remove data that may still show from previous emails in the chain. Do not print emails unless they are needed.
Store papers which show email addresses (and/or other data) securely.
All emails to groups, on church business, must contain a statement saying that if the recipient no longer wishes to receive emails they can reply to the email just received and request to be removed from the list. At that point the person in question must be removed from the distribution list.
Your computer or other device should be protected with a secure log in or password, which is changed regularly. You should not let other people know or use your password.
You should not leave your computer or device unattended but still active; always select ‘sleep’, ‘hibernate’ or shut it down completely.
You should have anti-virus software running on your computer or device.
Beware of using ‘auto-fil’; always check that the email you are sending is going to the person you intend.
Remember that contacts on your computer and other devices are the personal data of other people and you must keep the information secure.
Never ignore a data breach!
All personal data that is held should be kept securely and not shared with anyone, unless you are legally required to do so.
Data should not be stored for any longer than it is needed. It must be deleted from any computer, or other device, and paper copies should be shredded, when no longer needed.
Children’s activities have paper forms that require parental consent, personal data and some sensitive data. This data must be stored securely on a password-protected computer and/or in a file kept in a locked cupboard. This information must be kept up-to-date and each alteration needs to be dated. If there is a request to delete the information, this must be done promptly and completely.
The Church Treasurer holds personal data for legitimate reasons. This data is kept securely and only for as long as is necessary, or the law dictates.
You have the right to access information held about you by making a formal request to the Data Controller (church).
Data Controller Church
Data Subject Anyone who has data stored about them
Data Processors Those who collect personal data and store it
Data Protection Officer Appointed by church to oversee all matters related to Data Protection
ICO Information Commissioner’s Office