Our Privacy Policy

For the purposes of this document Wheelock Heath Baptist Church will be referred to as WHBC.

At WHBC we are committed to protecting your privacy. We will not share any information about you without your consent.


We will respect your email privacy. You will only receive emails from WHBC in relation to areas you have requested. Your email address will not be shared with any third party without your consent.  Emails displaying the email addresses of other people should not be forwarded.

If you choose to send us information via email we cannot guarantee the security of this information until it is delivered to us.

Collecting Information

We may collect the following information about you, (which you provide via email, telephone, website 'Contact us' page or hand-written forms):

  • Name
  • Address
  • Telephone number
  • Email address
  • Other relevant information which you have consented for us to retain

Any personal information that you give us is kept confidential and not used for any other purpose apart from that for which it was given.

Our websites may contain links to websites owned by other organisations. If you follow a link to another website please be aware that these websites will have their own Privacy Policy. We suggest that you check the policies of other websites before giving them your personal information as we cannot accept responsibility for any other websites.

Who we will share your information with

  • People listed on the Church Directory will receive your details if you have consented to be listed on the Church Directory,
  • Leaders of the church and leaders of Church Activity Groups when the sharing of information is considered necessary by the holder of the information
  • A statutory agency in response to a legal request for your data.

What we will use your information for

  • Information about children attending church activities is used to keep people informed about our activities and to provide information required for safeguarding and medical issues.
  • The Church Directory is used to provide contact details to allow people within the church to get in touch with one another.
  • Church Membership list allows the dissemination of information related to members.
  • Church Group lists are used for rotas.
  • Church Leaders may also store other information about people from outside the church, with their consent, which relates to their reasons for the contact


Consent Forms should be signed and dated, and then stored securely. Your consent is required for us to collect and store your data. You have the right to withdraw your consent at any time.

Parental Consent for a child to attend children’s activities is necessary, and also the contact details, permissions and health information are required for the safeguarding of the child.

Right to change, amend or delete your information

  • You can ask us at any time to change, update, amend or delete the information that we hold about you or ask us not to contact you with any further information. You can also ask us to restrict the information we hold about you.
  • You have the right to request to see information that we hold (subject access request).
  • You have the right to withdraw your consent for us to hold your personal data.
  • Once your data has been deleted you will no longer be on our contacts lists.
  • Once a request to withdraw consent, or to change, update, alter, amend or delete your data, has been received the Church (Data Controller) will ensure that all necessary procedures are carried out by the Data Processors.
  • Those who have a copy of the Church Directory will need to be informed about a request to change, update, alter, amend or delete data. (When data needs to be deleted the Directory will need to be deleted from each individual computer and an updated version will be issued. Printed copies should be shredded and a new copy will be printed.)

You can contact us by writing to us at WHBC, Hassall Road, Winterley, Cheshire CW11 4RJ or via the website 'Contact us' page   whbc.co.uk  .

This Privacy Policy was created in May 2018, and revised in April 2023.

If we make any further changes or updates we will inform our contacts by email and place a notice in the Weekly Church Bulletin.


Specific Information and guidelines for people involved in the church.

Your responsibilities regarding Privacy and Data Handling

Church Directory 

The Church Directory currently lies on lots of computers, other devices and on printed lists.

Previously Church people have willingly given their information with the understanding that it would be widely shared.

From 25th May 2018 onwards, this consent to share contact details will be given in writing and will be dated.

The reasons for the Directory are-

  • Contact details – to allow people to get in touch with each other
  • Names – to encourage people to get to know each other and pray for one another
  • Names of children will only be included if the parents have given their consent.
  • All those aged 18 and over must give their own consent for their data to be held.

Your responsibility as a holder of the data of other people -

  • Keep that information private and secure (password on computer and other devices, printed list not left lying around) – you are responsible for the security of this data.
  • Do not pass information on to others
  • Delete old electronic copies / shred old paper copies
  • You must delete any contact details when you are requested to do so.
  • If you realise that the information has been lost or passed to someone in error (a data breach), in the first instance the person who has received the information by accident should be asked to delete it immediately.  You must inform the Data Controller (Church) of this breach of security. If this is not immediately contained it will trigger a security investigation and requires reporting to ICO.

Your right to have your information amended or erased -

Once you or someone else has formally requested amendment or erasure of their information the Data Controller (church) must inform all those on the directory of the changes.

They must request that the current list is deleted from your computer and a new version, if required, will be emailed to you. Each individual is responsible for complying with this request. Paper copy holders must amend their copies.

Once an entry has been deleted, others on the directory should no longer contact that person on church business.


All emails being sent out should be blind copied (bcc).

However for general church business some distribution lists are used for ‘reply all’ responses. Extra care should be taken not to forward these emails to anyone who is not in the group.

When forwarding an email, take care to remove data that may still show from previous emails in the chain.   Do not print emails unless they are needed.

Store papers which show email addresses (and/or other data) securely.

All emails to groups, on church business, must contain a statement saying that if the recipient no longer wishes to receive emails they can reply to the email just received and request to be removed from the list. At that point the person in question must be removed from the distribution list.

Computer security

Your computer or other device should be protected with a secure log in or password, which is changed regularly. You should not let other people know or use your password.

You should not leave your computer or device unattended but still active; always select ‘sleep’, ‘hibernate’ or shut it down completely.

You should have anti-virus software running on your computer or device.

Beware of using ‘auto-fil’; always check that the email you are sending is going to the person you intend.

Remember that contacts on your computer and other devices are the personal data of other people and you must keep the information secure.

Never ignore a data breach!

  • If data linked to church activities has been affected you must inform the Data Controller (church) who will follow correct procedure.
  • You must also make every attempt to contain the breach, where the data has been passed to someone in error, by requesting that they delete it immediately.

Personal Information

All personal data that is held should be kept securely and not shared with anyone, unless you are legally required to do so.

Data should not be stored for any longer than it is needed. It must be deleted from any computer, or other device, and paper copies should be shredded, when no longer needed.

Children’s activities have paper forms that require parental consent, personal data and some sensitive data. This data must be stored securely on a password-protected computer and/or in a file kept in a locked cupboard. This information must be kept up-to-date and each alteration needs to be dated. If there is a request to delete the information, this must be done promptly and completely.

The Church Treasurer holds personal data for legitimate reasons. This data is kept securely and only for as long as is necessary, or the law dictates.

You have the right to access information held about you by making a formal request to the Data Controller (church).

Data Controller                   Church

Data Subject                        Anyone who has data stored about them

Data Processors                Those who collect personal data and store it

Data Protection Officer    Appointed by church to oversee all matters related to Data Protection

ICO                                         Information Commissioner’s Office


Privacy Notice | Powered by Church Edit