The DPA & GDPR May 2018
We and this website complies with the DPA (Data Protection Act 1998) and already complies with the GDPR (General Data Protection Regulation) which comes into effect from May 2018. We will update this policy accordingly after the completion of the UK’s exit from the European Union.
What are cookies? Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system is available upon their first visit.
Website Visitor Tracking
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Downloads & Media Files
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti-virus software or similar applications.
Contact & Communication With us
Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.
Email Mailing List & Marketing Messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all Mailchimp lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
External Website Links & Third Parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner/image links to other websites.
Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should, therefore, note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Policy & Usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify the authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
DATA PRIVACY NOTICE The Vine Church (Registered office: Dunfermline, Fife)
Who are we?
The Vine Church is a Christian Church based in Dunfermline, Fife. Your personal data is important to us and we take great care in how we look after it and how we use it. In the language of the GDPR, The Vine Church is the “Data Controller” (contact details below).
Your personal data – what is it?
Personal data relates to a living individual (the “Data Subject”) who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into their possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).
How do we process your personal data?
The Vine Church complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes: –
- To keep you informed about news, events, activities and church life at The Vine Church;
- To administer our records of people connected with our church;
- To run and coordinate our Life groups, ministry teams and church events;
- To run our Children and Youth ministries including compliance with safeguarding laws;
- to enable the church to provide community services for the benefit of the public in our local area;
- To fundraise and promote the interests of The Vine Church;
- To maintain our own financial accounts and records (including the processing of gift aid applications);
- To comply with our legal and statutory obligations;
- To administer contractual agreements.
What is the legal basis we use for processing your personal data?
- We believe that as part of church community, we have a legitimate interest in keeping you informed about news, events, activities and church life.
- We consider some other processing is necessary to meet the legitimate interests of The Vine Church to function as a church community according to our vision and values, for example: organising teams, Life groups, administering financial records;
- Processing is necessary for carrying out our legal obligations, for example: in relation to Gift Aid, safeguarding, social protection law;
- Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract, for example: room hire, maintenance agreements;
- Processing is carried out by us as a not-for-profit body with a religious aim and on condition that the processing relates solely to individuals who have, or have had regular contact with The Vine Church in connection with its purposes and that the personal data are not disclosed to third parties without the consent of data subjects.
Sharing your personal data
Your personal data will be treated as strictly confidential and will only be shared with other church people in line with the permissions you have given us. We will only share your data with third parties if required by our legal or statutory obligations.
How long do we keep your personal data ?
We will keep your personal data for up to 12 months after our last contact with you, but will erase it sooner if you requested it. We will also keep information, for the stipulated retention period, that we are required to keep by law, for example Gift Aid Declarations, safeguarding information.
We will keep Storehouse data for up to 3 years after last referral expiry date, but will erase this sooner if requested.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which The Vine Church holds about you;
- The right to request that The Vine Church corrects any personal data if it is found to be inaccurate or out of date;
- The right to have your personal data erased, unless it is required for legal and statutory reasons;
- The right to withdraw your consent to the processing of your data at any time;
- The right to request that The Vine Church provides you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability);
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data, (where applicable)
- The right to lodge a complaint with the Information Commissioner’s Office.
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
To exercise all relevant rights, queries or complaints please in the first instance contact the Administrator on 01383 631001 or via email at firstname.lastname@example.org or at The Vine Church, 131 Garvock Hill, Dunfermline, Fife, KY11 4JU.
You can contact the Information Commissioner’s Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.