Privacy & GDPR Policy
Last Updated: [01 September 2023]
At Elim Fountain of Hope, we are committed to protecting the privacy and personal data of our congregation members, staff, volunteers, contractors, and all individuals who engage with our church activities. This policy outlines how we collect, process, and handle personal data in compliance with the General Data Protection Regulation (GDPR) and relevant UK data protection laws.
This policy applies to all personal data collected, processed, and stored by Elim Fountain of Hope in the course of our church activities, including but not limited to congregational records, events, communications, live streaming, and online platforms.
Data Protection Principles
Lawfulness, Fairness, and Transparency: We will collect and process personal data lawfully, fairly, and transparently, ensuring individuals are informed about how their data will be used.
Purpose Limitation: Personal data will be collected only for specific and legitimate purposes and will not be processed in ways incompatible with those purposes.
Data Minimization: We will collect and process only the minimum amount of personal data required for the intended purpose.
Accuracy: We will strive to keep personal data accurate and up-to-date and will rectify inaccurate information without delay.
Storage Limitation: Personal data will be retained only for as long as necessary for the specified purpose.
Integrity and Confidentiality: We will implement appropriate security measures to protect personal data from unauthorized access, loss, or disclosure.
Data Collection and Use
Elim Fountain of Hope collects and securely store personal information when you and/or your family register or attend church events and conferences in-person or online.
Live Streaming: If we live stream events or services, recordings may be made available on our website and social media platforms. These recordings will be kept for as long as they are needed, depending on the content, after which they will be securely deleted.
Website Data: When individuals visit our website, we may collect information such as IP addresses, and user interactions. This data is used for website analytics and improving our online services.
CCTV Data Collection: We may collect and use data from Closed-Circuit Television (CCTV) systems within our church premises for the purposes of security and safety. This data may include video footage and images. Any data collected from CCTV will be handled with the same level of confidentiality and in accordance with applicable laws and regulations.
Data collected will be used for specific purposes, such as providing pastoral care, including calls and visits, coordinating team rotas, keeping financial records for audit and tax purposes support, maintaining membership records, communicating church-related information, organizing events, and managing our website. Please note that any aggregated church data may be shared with third parties for statistical purposes.
Confidentiality
At Elim Fountain of Hope, we treat all your personal information with the utmost respect for your privacy. Your personal data will be regarded as strictly confidential, and access will be limited to church leadership and ministry overseers/coordinators for the sole purpose of facilitating church administration and day-to-day ministry.
However, there are specific circumstances where disclosure may be necessary:
Legal Compulsion: We may be legally compelled to disclose your information.
Public Duty: In cases where there is a duty to the public, we may disclose information.
Protection of Interests: We may disclose information when it is necessary to protect your interests.
Consent or Request: Disclosure may occur if it aligns with your request or is done with your explicit consent.
Rest assured that your personal information will not be shared with any third parties outside the church environment and associated organizations without your explicit consent. The only exception is that, by providing us with your details, you grant the Church permission to transfer your data to service providers, including mailing houses for fulfilling the intended purpose of data collection.
Lawful Basis for Processing
Under the UK GDPR, the lawful basis we rely on for processing information is legitimate interests. It is in our legitimate interests to keep records of meetings, decisions, live streaming, and website interactions for church-related purposes.
Data Subjects Rights
Individuals have the following rights regarding their personal data:
Right of access to their personal data
Right to be informed
Right to rectification, erasure, or restriction
Right to data portability
Right to object
Right not to be subject to a decision based solely on automated processing.
Data Security
Appropriate technical and organizational measures will be in place to safeguard personal data from unauthorized access, loss, or disclosure.
Data breaches will be promptly assessed and reported to the relevant authorities and affected individuals if necessary.
Data Transfer
All data is processed and stored in the United Kingdom.
Complaints and Contact
Any concerns or complaints about the handling of personal data should be directed to the
Rev. Wilfred Achumba;
Snr. Pastor
This policy will be reviewed periodically to ensure its compliance with GDPR and evolving data protection regulations.