Keeping your information safe

You have right to know what happens to your data so we have put together some information to make it clear on what happens to any data that is collected on this website or collected from church members.

Who we are

Details on who Croydon Seventh-day Adventist Church are can be found on our About Us page.


What personal data we collect and why we collect it

Comments and Contact forms

When visitors leave comments on the site we collect the data shown in the comments form, the visitor’s IP address, and browser user agent string to help with spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see how you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy. After approval of your comment, your profile picture, if applicable, is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

For details on cookies click on our cookie section.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We are using google analytics to understand how our visitors use our site so we can provide appropriate content.  Google’s privacy policy can be found on their site https://policies.google.com/privacy?hl=en

Who we share your data with

We do not share your details with any organisations.

How long we retain your data

If you leave a comment on a post or a blog, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue. We may also keep this information to help solve bugs.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

If you have filled in any forms on our site with the exception of the pray request,  the data is removed from our site once the input has been processed.

What rights you have over your data

If you have an account on this site, or have left comments, or filled out an online form you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

You can make a request for your contact information to be removed at anytime. Just contact the web administration team at any time.

Additional information

How we protect your data

We use reputable security software that will ensure that data on our site is protected.

Dear Members,

The GDPR is a recently published EU Regulation, with some similarities to the existing Data Protection Act (DPA), but with particular emphasis on the processing of personal data by organisations such as our Church.

We would like to increase awareness that the GDPR is already in force alongside the DPA, and compliance with the GDPR by the 25th May 2018 is mandatory.

What is personal data?

Personal data can be defined as any information relating to a natural person, the data subject, who can be directly or indirectly identified by the use of that data; for example, by their name, ID number, or online identifier such as an email address.

As a registered Charity Croydon SDA church is required by law to comply with the new GDPR that became effective May 2018.

Croydon Seventh-day Adventist Church is committed to protecting personal data and respecting the rights of the people whose personal data we collect and use. We value the personal information entrusted to us and we respect that trust, by complying with all relevant laws, and adopting good practice.

Some of the reasons we process personal data are to:

a) Maintain our list of church members and regular attenders/visitors

b) Provide pastoral support for members and others connected with our church

c) Provide services to the community

d) Safeguard children, young people and adults at risk

e) Recruit, support and manage officers and volunteers

f) Undertake research

g) Maintain the security of property and premises

j) Respond effectively to enquirers and handle any complaints

k) To make a payment or refund due to members

l) To keep records of tithes and offering collected

We are committed to protecting personal data from being misused, getting into the wrong hands as a result of poor security or being shared carelessly, or being inaccurate, as we are aware that people can be upset or harmed if any of these things happen.

We will use appropriate measures to keep personal data secure at all points of the processing. Keeping data secure includes protecting it from unauthorised or unlawful processing, or from accidental loss, destruction or damage.

As an officer, member of Pastoral team trustee or volunteer processing personal information on behalf of the church, we are required to comply with this policy.

Anyone who breaches the Data Protection Policy may be subject to disciplinary action, and where that individual has breached the policy intentionally, recklessly, or for personal benefit they may also be liable to prosecution or to regulatory action.

How long will we hold your information for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data. In addition to this we consider the potential risk of harm from unauthoriseduse or disclosure of your personal data, the purposes for which we process yourpersonal data and whether we can achieve those purposes through other means, and theapplicable legal requirements.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. All personal data will be kept in line with our Data Retention and Disposal Policy.

What is your duty? Do you have to inform us of changes?

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

What are your rights in connection with personal information?

Under certain circumstances, by law you have the right to:

  1. Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  2. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  3. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  4. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation, which makes you want to object to processing on this ground.

You also have the right to object where we are processing your personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which overrides your rights and freedoms.

  1. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about in the following circumstances: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer required it as you need it to establish, or exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  2. Request the transfer of your personal information to another party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note this right only applies to automate information, which you initially provided consent for us to use or where we used the information to perform a contract with you.
  3. Withdraw consent at any time where we are relying on consent to process your personal data. However this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw consent.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, withdraw consent to processing or request that we transfer a copy of your personal information to another party, please contact the Church Clerk in writing.

Further information and explanation regarding the GDPR can be found on the BUC website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.