Eagle's Nest Church and its affiliated companies takes the protection of any personal information shared with us seriously. Accordingly, we collect store and process all personal information in line with this policy.
This policy is applicable to Eagle's Nest Church, along with its employees, volunteers, Leaders and Trustees and any other associated personnel. For simplicity, we refer to the afforementioned as “Eagle's Nest Church”, “we”, “us” or “our” within this document.
Please note that by submitting data to us and/or using our website you give your consent that personal data may be processed by us in the manner described in this policy.
Our use of Personal Data
Eagle's Nest Church uses personal data about living individuals for the purpose of general church administration and communication. We recognise the importance of the correct and lawful treatment of personal data. All personal data, whether it is held on paper, on computer or other media, will be subject to the appropriate legal safeguards as specified in the General Data Protection Regulation (GDPR) which is applicable to all European organisations as of 25th May 2018.
We fully endorse and adhere to the eight principles of GDPR, which specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transportation and storage of personal data. Employees and any others who obtain, handle, process, transport and store personal data for Eagle's Nest Church must adhere to these principles.
The principles are as follows:
Principle 1: Personal Data shall be processed lawfully, fairly and in a transparent manner in relation to individuals.
Principle 2: Personal Data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Principle 3: Personal Data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
Principle 4: Personal Data shall be accurate and, where necessary, kept up to date.
Principle 5: Personal Data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purpose(s) for which the data are processed
Principle 6: Personal Data shall be processed in a manner that ensures appropriate security of the personal data, using appropriate technical and organizational measures
We will treat all your personal information as private and confidential and not disclose any data outside of Eagle's Nest Church – internally it may be shared as where absolutely necessary to facilitate the administration and day-to-day operations of Eagle's Nest Church.
There are four exceptional circumstances to the above permitted by law:
1.Where we are legally compelled to do so.
2.Where there is a duty to the public to disclose.
3.Where disclosure is required to protect your interest.
4.Where disclosure is made at your request or with your consent.
Use of Personal Information
We will use your data for three main purposes:
1.The day-to-day administration of the church; e.g. pastoral care and oversight, preparation of ministry rotas, maintaining financial records of giving for audit and tax purposes.
2.Contacting you to keep you informed of church activities and events.
3.Statistical analysis; gaining a better understanding of church demographics.
Our Database of Personal Information
Information contained in our database will not be used for any other purposes than set out in this policy. The database is accessed online and therefore available through any computer or smart device with internet access.
Access to the database is only available to a limited number of people within Eagle's Nest Church, who need it for church operations. Access is strictly controlled through individual usernames and complex passwords, which are selected by the individual. These credentials are not shared.
Those authorised to use the database only have access to their specific area of use within the database. This is controlled by the system administrators, who are the only people who can access and set these security parameters.
The database will not be accessed by any authorised users outside of the EU, in accordance with GDPR, unless prior consent has been obtained from the individual whose data is to be viewed.
All access and activity on the database is logged and can be viewed by the system administrations.
Personal information will not be passed onto any third parties outside of Eagle's Nest Church.
Rights to Access Information
All individuals who are the subject of personal data held by Eagle's Nest Church are entitled to:
Ask what information the church holds about them and why.
Ask how to gain access to it.
Be informed how to keep it up to date.
Be informed what Eagle's Nest Church is doing to comply with its obligations under the GDPR
Personal data subjects for data held by Eagle's Nest Church have the right to access any personal data that is being held in manual filing systems. This right is subject to certain exemptions: Personal Information may be withheld if the information relates to another individual.
Any person who wishes to exercise this right should make the request in writing to the Eagle's Nest Church Trustees, using the standard letter which is available on line from www.ico.gov.uk. Eagle's Nest Church reserves the right to charge the maximum fee payable for each subject request. If personal details are inaccurate, they can be amended upon request.
Eagle's Nest Church aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 40 days of receipt of a completed form unless there is good reason for delay. In such cases, the reason for delay will be explained in writing to the individual making the request.