Data Protection Policy – Ballinamallard & Trillick Circuit The Methodist Church in Ireland Data Protection Policy – Ballinamallard & Trillick Circuit PRIVACY NOTICE Data Protection Principles The Ballinamallard & Trillick Circuit of the Methodist Church in Ireland complies with the General Data Protection Regulation (GDPR) as implemented in May 2018. We aim to ensure that, when processing information belonging to individuals, we will use that data lawfully, fairly and transparently; for limited purposes, and we will request only the data that is relevant and necessary. We will endeavour to ensure such data is accurate; not kept forever and kept secure and confidential. Training in data protection is recommended for all our staff and volunteers who store and/or use people’s information. We will post this Privacy Notice in our buildings, official publications and on our website. We will review this policy every three years. Your Rights You have data protection rights that you can exercise over the information you give us. These rights include: to be informed how your data is being used; to have access to the information we hold about you; to have inaccuracies corrected; to have your information erased; to object to or restrict the ways we process your information; to not be subject to decisions made by automated processing including profiling, and data portability (to receive your digital information in a useful format). There may be some legal restrictions on these rights, which we will explain as appropriate. If you feel your rights haven’t been upheld please contact us in the first instance, or you can communicate with the Methodist Church in Ireland (Secretary of Conference) at 1 Fountainville Avenue, Belfast BT9 6AN; Phone: (028) 9032 4554; E-mail: secretary@irishmethodist.org. Our Contact Details If you need to get in touch with us please contact:
Phone: 028 6638 8200 E-mail: john.beacom@irishmethodist.org Your Data We may record and process some or all of the following personal information about you:
We use this data so that we might:
Legal Bases for Processing Our legal bases for processing your data are usually ‘legitimate interests’ (for activities related to the everyday functioning of the church) [GDPR Article 6.1(f)] and ‘consent’ (for everything else) [Article 6.1(a)]. In a small number of instances, we rely on ‘contract’ (for example, if we are your employer) and ‘legal obligation’ (for example, in relation to safeguarding issues). When using ‘legitimate interests’ as the legal basis for using the information you have given us, we will ensure it is for a genuine purpose, necessary for the smooth running of the church family, and not invasive to your privacy. For all other purposes we will ask for your positive consent before processing your details. We are able to process ‘special categories of personal data’ (such as your health or religious beliefs) in the course of our legitimate activities because we are a not-for-profit body with a religious aim relating to you as a member, former member, or person with whom we have regular contact [Article 9.2(d)]. Sharing Your Data Only people appointed to specific roles within the circuit (for example, ministers and lay staff, pastoral visitors, society/circuit stewards, preachers, membership secretaries) can access your details, and what they can see is limited to what they need in order to carry out their role. If you are appointed to a specific role within the life of the church and/or circuit we may publish your details (e.g., in announcement sheets, annual reports or our web presence) or share them directly so members and other relevant individuals/organisations can contact you. This will cease when you step down from the role. We post photographs and/or videos taken at church events on our website (www.ballinamallardmethodist.org) and other online platforms (facebook, WhatsApp, Instagram) If you donate money to us using the UK Gift Aid Scheme, we will send details of those gifts to HMRC. We will not share your information with any other third parties without your permission unless we have a legal obligation to do so. However, we may need to share your details within the Methodist Church in Ireland, as follows:
Security and Retention
Subject Access Request You have the right to ensure our use of your data is lawful, and that the data we hold is accurate. If you would like to access the data, we process about you, please write to us at: Rev John Beacom, Methodist Manse, Main Street, Ballinamallard, Co Fermamagh. Or email: john.beacom@irishmethodist.org In order to locate the information you are requesting and to ensure proof of your identity, please send us:
In response, and within one month at the latest, we will send to you:
We will not charge for this service unless you make multiple requests within a short space of time. Further Information You can learn about Data Protection principles, your rights, and more – including making a complaint about our handling of your data – from the Information Commissioner’s Office (ICO) in Northern Ireland [visit www.ico.org.uk, call 0303 123 1113 or write to the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF] and the Data Protection Commissioner (DPC) in the Republic of Ireland [visit www.dataprotection.ie, call (0761) 104 800 or write to The Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois R32 AP23]. Guidance for Methodist churches is available at www.irishmethodist.org/data-protection-resources [short link: http://bit.ly/DPresources].
|