New Data Protection Regulations

In common with most organisations, Christ Church has held data about church members for many years. In days gone by, these records – mostly names, addresses and telephone numbers – were kept in books or written lists. More recently, it has become common practice to store this data on computers. Those who administer the various church organisations (choir, bellringers, PCC, Weavers etc.) hold contact information; the vicar of any church will hold other confidential information relating to baptisms, weddings and funerals, for instance. In the UK, the holding of such data has been covered by the Data Protection Act since the 1980s.

However, the law on Data Protection changes in the UK from May 2018. Christ Church’s policy is to conform to the new legislation – the General Data Protection Regulations (GDPR). What this means is that we can hold and process data about individuals either where necessary and provided for by church law (for instance our Electoral Roll), or having obtained explicit consent from the data subject. In other words, the GDPR requires us to be more open than before about the data we store. If storing such data is not covered by specific legislation (which covers the Electoral Roll, and church registers of baptisms, confirmations, funerals, burials) then we need to obtain specific consent from you in order to store your data. So, to take an example, many of you help the church by volunteering on one of the rotas (reader, flower arranger, welcomer, coffee server and several others). In order to produce and publish rotas for these activities, we need to store your contact information and details of which rotas you are on. We can do this legally from May ONLY if you have given your consent, either in writing (forms available in church) or more conveniently for us, if you sign up online via our website (you need to have your own email address to be able to use the online option). The new GDPR also specifies greater security – we have to keep your data secure against theft or visibility to others, and at the same time we have to be transparent to you about what data we hold.

So during the next few weeks, we are asking church members to give us this consent, please. If you inspect the form, there are boxes to tick to allow us to hold data for specific purposes. It would help if you tick as many boxes as possible – you can always opt out later if you wish. The GDPR insists that you can always access and control what data we hold about you.

More detail is given in our Data Privacy Notice, which you can find, together with a consent form, here, and there are also copies available in church.