Newtownbreda Gospel Hall – Data Protection Policy

This policy describes how personal data must be collected, handled and stored to comply with the law and meet the requirements of the Data Protection Act 1998 and the EU’s General Data Protection Regulation (GDPR) which became law on 25th May 2018.  GDPR strengthens the need for organisations to be transparent in their data processing.
Why this policy exists:
  • This data protection policy ensures Newtownbreda Gospel Hall:
  • Complies with GDPR and the data protection law and follows good practice
  • Protects the rights of users, volunteers, supporters and partners
  • Is open about how it stores and processes individuals’ data
  • Protects itself from the risks of a data breach
Data Protection Law:
The GDPR 2018, and Data Protection Act 1998 describes how organisations, including Newtownbreda Gospel Hall must collect, handle and store personal information.  These rules apply regardless of whether data is stored electronically, on paper or on other materials.  To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.
The GDPR and DPA are underpinned by eight important principles.
These principles have been applied to Newtownbreda Gospel Hall as follows:
  1. Data will be processed fairly and lawfully – ensuring data is not stored about a child unless the consent of a parent or guardian has been obtained.
  2. Data will only be obtained for specific, lawful purposes – we will inform people what we are doing with their data and who it will be shared with.
  3. Data collected will be adequate, relevant and not excessive.
  4. Information will be accurate and kept up to date.
  5. Data will not be held for any longer than necessary; we have ensured that established periods are in place for deleting personal information once it is no longer required.
  6. Data will be processed in accordance with the rights of data subjects; we will ensure leaders are adequately trained and that data protection training is received to ensure they know how to store and handle personal information.
  7. Data will be protected in appropriate ways – using strong passwords and encryption on electronic devices.
  8. Personal Information will not be transferred outside the UK.

What Personal Data We Collect and When:

 

Bible Explorers and Sunday School
The following information may be collected about pupils who attend activities in Newtownbreda Gospel Hall:
  • Name
  • Date of birth – required for class organisation
  • Contact details
  • Address – required for transport of children to/from the event
  • Emergency contact number, email address – used for emergency contact only, for example if a child takes ill while in our care or for unexpected event cancelation.
  • Medical Information, eg asthma, diabetes, epilepsy – to comply with our child protection policy and health and safety requirements, parents may notify us of any medical condition that they deem important for first aiders or leaders to be aware of.
The above personal data is collected directly via consent forms which the parents of the pupils must complete and sign for each activity at the start of each year (September for Sunday School, October for Bible Explorers).
All paperwork (bus list, consent forms) is kept in a secure locked cupboard.  Data held electronically is stored on a secure password protected PC with access restricted to a designated person.  All paperwork containing pupil’s names and addresses is shredded within 6 months after the period for which it is valid.  No data is subject to automatic electronic processing.
Supporters of the church and people supported by the church
The following information is collected and stored for people to whom Newtownbreda Gospel Hall provides support or who support activities coordinated by Newtownbreda Gospel Hall.
  • Name
  • Address
  • Contact details (email address/telephone number)
The above data is collected directly with explicit consent from the data subject.  Data held electronically is stored on a secure password protected OC with access restricted to a designated person.
Protecting Personal Data:
  • It is important that we are informed of any change in personal circumstances which may affect the way we communicate with pupils – for example, change of postal address or email.
  • All pupil’s records are processed and held on a secure password protected PC with access restricted to a designated person.
  • Data is only stored on the designated PCs and is not uploaded to any internet based storage service.
  • Paper and printouts containing personal data are kept in a secure cabinet.
  • Records of individual pupils are not in any way passed to any other party.
  • If for any reason parents require their child’s name and address to be removed from our records, contact Newtownbreda Gospel Hall via mail or email.
Contact Information / Rights of Users:
  • The right to ask what personal data that we hold at any time.
  • The right to ask us to update and correct any out-of-date or incorrect personal data that we hold free of charge;
  • The right to opt out of any communications that we may send
  • The right to lodge a complaint with the Information Commissioner’s Office.  Further information, including contact details, is available at https://ico.org.uk.
If a person has any questions about how Newtownbreda Gospel Hall uses personal data that are not answered here, or wish to exercise their rights under GDPR regarding personal data, they are free to contact us by any of the following means:
  • Email: bj.wilkinson@btinternet.com, themurdocks82@gmail.com
  • Write: Newtownbreda Gospel Hall, 96a Newtownbreda Road, Belfast, BT8 7BP
Updates: – This policy was last updated in September 2020.