GDPR

The General Data Protection Regulation (GDPR) came into effect in the UK in May 2018. It replaced the existing law on data protection (the Data Protection Act 1998) and gives individuals more rights and protections with regard to how their personal data is used by organisations.
Congregations must comply with its requirements, as there are no relevant exemptions for charities or small organisations.

Houston & Killellan Kirk is bound by three key policies in relation to GDPR (Privacy Policy, Data Protection Policy and Data Retention Policy).

Copies of all three policies are displayed on our Church notice boards and are also available on request from our Data Protection Officer, Helen Dunn, at hkkdpo@gmail.com

Photographs & Video

It is likely that photographs/video will be taken at our services or events, some of which may appear on our website, Facebook page, the Kirk Record, or local newspapers to publicise our activities.

If you do not wish to be included in any photograph/video, or do not wish any photograph/video in which you might appear to be published, please email Helen Dunn hkkdpo@gmail.com within 24 hours of the service or event to register your request or have sight of the photographs/video before publication.

Privacy Policy

This Privacy Notice outlines the way in which the Congregation will use personal information provided to us. Personal information includes any information that identifies you personally, such as your name, address, email address or telephone number.

The Congregation recognises the importance of your privacy and personal information and we have therefore outlined below how we use, disclose and protect this information. The Congregation, jointly with the Presbytery of Greenock and Paisley is the data controller, because we decide how your data are processed and for what purpose. Contact details for us are provided below.

How we use information

We use the information you give to us:

  • to administer membership records, including a Communion and Supplementary Roll;
  • for pastoral care purposes;
  • in relation to participation in Congregational activities ;
  • to provide you with information about news, events, and activities within the Congregation or the wider Church of Scotland;
  • to provide the services of a parish church to the local community;
  • to fulfill contractual or other legal obligations;
  • to manage our employees;
  • to further our charitable aims, for example through fundraising activities;
  • to maintain our accounts and records (including the processing of Gift Aid applications);

Disclosure of information

The Congregation will only share your personal information where this is necessary for the purposes set out above. Information will not be shared with any third party out with the Church of Scotland without your consent unless we are obliged or permitted to do so by law.

Basis for processing personal information

The Congregation processes your information in the course of its legitimate activities, with appropriate safeguards in place, as a not-for-profit body with a religious aim and on the basis that our processing relates solely to members, former members or people who have regular contact with us, and that this information is not disclosed to any third party without your consent.

We also process information where this is necessary for compliance with our legal obligations; where processing is necessary for the purposes of our legitimate interests and such interests are not overridden by your interests or fundamental rights and freedoms; and where you have given consent to the processing of your information for a particular purpose.

Storage and security of personal information

The Congregation will strive to ensure that personal information is accurate and held in a secure and confidential environment. We will keep your personal information for as long as you are a member or adherent or have regular contact with us or so long as we are obliged to keep it by law or may need it in order to respond to any questions or complaints or to show that we treated you fairly. We may also keep it for statistical purposes but if so we will only use it for that purpose. When the information is no longer needed it will be securely destroyed or permanently rendered anonymous.

Getting a copy of your personal information

You can request details of the personal information which the Congregation holds about you by contacting us using the contact details given below.

If you believe that any information the Congregation holds about you is incorrect or incomplete or if you do not wish your personal information to be held or used by us please let us know. Any information found to be incorrect will be corrected as quickly as possible.

Information you have given us about other people

If you have provided us with anyone else’s details please make sure that you have told them that you have given us this information. We will only use it as outlined above.

Inaccuracies and Objections

You have the right to object to our use of your personal information, or to ask us to remove or stop using your personal information if there is no need for us to keep it. There may be legal or other reasons why we need to keep or use your data, but please tell us if you think that we should not be using it.

If we are processing your data on the basis of your explicit consent, you can withdraw your consent at any time. Please contact us if you want to do so.

Use of cookies

A cookie is a small text file on your internet browser and hard drive that uniquely identifies your browser. We only use cookies on our website for technical reasons and not to collect users’ personal information. You have the right to choose whether or not to accept cookies and to set your own cookie preferences on your computer. However by opting not to accept cookies certain features of the website cannot be provided to you and you may not be able to enjoy the website to its fullest.

Security

We are committed to protecting the security of your data. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. For example, we store the personal information you provide in computer servers with limited access that are located in controlled facilities. Our website is hosted using industry-approved, secure operating systems. As well as physical security, firewalls and intrusion detection systems are in place to provide a quick response if an attack takes place.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We may amend this policy from time to time. We will state clearly on our website any substantial changes to the way in which we use your personal information.

Contact us

You can contact us by getting in touch with Helen Dunn at hkkdpo@gmail.com

How to complain

You have the right to complain to the Information Commissioner’s Office about anything relating to the processing of your personal information by the Congregation. You can contact the ICO via its website at www.ico.org.uk or at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.