Trinity West Church is committed to safeguarding the privacy of your information. This privacy notice details how and why we collect, process, and protect your personal data, as well as your rights with regards to your data.
Data Protection and the GDPR
Our legal obligations in relation to your personal data are governed by the EU General Data Protection Regulation (GDPR) (2016/679) and the Data Protection Act, which came into effect on 25 May 2018.
In particular, we will comply with our legal obligations to keep personal data up to date, to not collect or retain excessive amounts of personal data, and to securely store and protect personal data from loss, misuse, unauthorised access and disclosure.
The data we collect
The categories of personal data we collect include:
- Personal identifiers such as names, addresses, contact information, and photos for our membership directory
Characteristics such as gender, date of birth, marital status, family members, medical conditions, and dietary requirements
- Financial information such as bank account details and donations to be able to process Gift Aid declarations or expense reimbursements
- Other information such as DBS certifications, church membership status, anniversaries, and service team and community group membership
How we collect your data
- We receive your data through a number of channels, including:
- Membership interviews
- Gift Aid declarations
- Consent forms
- DBS application forms
- Donations to the church
- Event sign-ups
- Contact forms submitted through the website
- Applications for internships and employment
How we process your data
When we process your data, we do so in accordance with one or more of the lawful bases set out in Article 6 of the GDPR:
- Consent: the individual has given clear consent for you to process their personal data for a specific purpose
- Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract
- Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations)
- Vital interests: the processing is necessary to protect someone’s life
- Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law
- Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party
We use your personal data primarily to communicate information and events relevant to the life of the church, to provide pastoral care, to meet our legal and statutory obligations, and to carry out comprehensive safeguarding procedures.
Your personal data is treated as strictly confidential. We will only share your information with third parties where it is necessary for the performance of our services or where prior consent is given. Your information may be transferred to third party service providers who store and process information on our behalf, including but not limited to: ChurchSuite, Dropbox, Google, MailChimp, Microsoft, Thirtyone:eight, and UDFØRE. Before engaging third party organisations to process personal data, we will ensure that they have the necessary technical and organisational measures in place to keep your data safe.
- Under data protection legislation, you have the right to:
- Request access the information we hold about you
- Amend and update the information we hold about you
- Request that your information be erased in certain circumstances
- Object to the processing of your personal data in certain circumstances
- Submit a complaint to the Information Commissioner’s Office:
Helpline number: 0303 123 1113
If you have questions regarding this privacy notice or would like to receive a copy of our Data Protection Policy, please contact our Data Protection Compliance Manager: