The Parochial Church Council (PCC) of Christ Church, Ward End, Birmingham
(including St. Margaret’s)
This notice governs the handling of personal data by The Parochial Church Council (PCC) of Christ Church, Ward End, Birmingham,(including St. Margaret’s), both where the information has been supplied by the data subject and where it has been provided to us by a third party for the purposes of undertaking diocesan duties. We are committed to respecting the privacy of all individuals for whom we hold personal data.
01. Personal data
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
02. Data Controller
The PCC is the data controller. This means it decides how your personal data is processed and for what purposes.
03. The legal basis for processing your personal data
The legal bases on which the PCC will process personal information are:
- Legitimate Interest
- Compliance with a legal obligation
- To fulfil contractual obligations
- Vital interest
- Public task
04. When we will process your data
- Most of the processing of your personal data will be for the PCC’s legitimate interests (or the legitimate interest of a third party, such as another organisation within the Church of England)
- Some processing will be carried out because of a legal obligation to do so. This includes the legal processes of the Church of England and Canon Law and also secular statutory requirements
- We will process data if it is necessary to fulfil a contract with you
- We will process your data to respond to requests from you to receive particular information.
- We will process data to assist you in fulfilling your role in the Benefice, including pastoral and administrative support
- Religious organisations are also permitted to process information about your religious beliefs to administer membership or contact details
- We will process your data if you have given your explicit consent, for example so that we can keep you informed about news, events and activities.
05. How we process your personal data
The PCC complies with its obligations under the “GDPR” by:
- keeping personal data up to date
- storing and destroying it securely
- not collecting or retaining excessive amounts of data
- protecting personal data from loss, misuse, unauthorised access and disclosure
- ensuring that appropriate technical measures are in place to protect personal data.
06. How we use your personal data
We use your personal data for the following purposes:
- For the purposes of sending you/keeping you informed of the Benefice news/information which you have requested and that may be of interest to you including diocesan campaigns, activities, fundraising activities
- For the purposes of administering meetings and other such arrangements as fall within the Synodical governance framework of the Church and which ensure we are able to meet all legal and statutory obligations including the Church Representation Rules
- To seek your views or comments
- To manage PCC employees and volunteers (including HR records and payroll and pension requirements and records)
- To process a grant or application for a role
- To maintain PCC accounts and records (including the processing of gift aid applications)
- To maintain PCC required records of mandatory training with regard to safeguarding, and other safeguarding and personnel records as set out in law and the Church of England’s national requirements
- To manage safeguarding including DBS and safer recruitment, working with individuals within a safeguarding context within the church; and within statutory and legislative requirements
- To carry out comprehensive safeguarding procedures (including due diligence and complaints handling) in accordance with best safeguarding practice from time to time with the aim of ensuring that all children and adults-at-risk are provided with safe environments
- To fundraise and promote the interests of the charity
- To notify you of changes to our services and offices
The data we process is likely to constitute sensitive personal data because, as central diocesan offices the fact that we process your data at all may be suggestive of your religious beliefs. We may also, if you provide the information, process other categories of sensitive personal data such as racial or ethnic origin; and , where relevant, mental and physical health, details of injuries, medication/treatment received, and criminal records, fines and other similar judicial records.
07. Marketing permissions and seeking consent
Whilst there may be an expectation that people involved in the life of Church of England Birmingham would expect to receive information from us, for example about activities and events; the BDBF is required through data regulations to ensure that we ask for your permission to do so in certain marketing-related circumstances; and to ensure that we make you aware of your rights in doing so.
- Email and text : We will ask for your permission to contact you in this way -
- Postal marketing: From time to time we may send you information about the diocese and its work unless you have told us you would prefer not to receive this information by post
- Bulletins and newsletters: We will normally require you personally to opt into electronically sent information such as newsletters (always with the option to opt out if you change your mind). This ensures that you are able to manage the information you wish to receive
08. Sharing your personal data
Personal data will be treated confidentially and will only be shared for lawful purposes. See Annex A for examples of those with whom we will share data where it is appropriate to do so.
09. Retention of personal data
The PCC keeps data in accordance with the requirements set out in law, statutory guidance and the national church. The national church guidance on retention periods can be found
10. Your rights and your personal data
Unless subject to a GDPR exemption, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which the PCC holds about you
- The right to request that the PCC corrects any personal data if it is found to be inaccurate or out of date
- The right to request your personal data is erased where it is no longer necessary for the BDBF to retain such data
- The right to withdraw your consent to the processing at any time
- The right to request that the PCC provide the data subject with his/her personal data and, where possible, to transmit that data directly to another data controller, (known as the right to data portability) The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
- The right to object to the processing of personal data, (where applicable)
- The right to lodge a complaint with the Information Commissioners Office.
11. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, we will provide a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. If necessary, we will seek your prior consent to the new processing.
12. Data Processors
A number of organisations may process data for PCC. These include:
- PC Support (for IT help and support to PCC employees)
- CCPAS (for DBS processes)
- Church Commissioners (for Clergy stipend and payroll)
- electronic networking for newsletters and bulletins; where individuals directly manage their own consent and what information they wish to receive from the PCC..
13. Contact Details and Reporting Concerns
To exercise all relevant rights, queries of complaints please in the first instance contact the Parish Administrator via email firstname.lastname@example.org or ring 0121 783 6999.
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
Reviewed May 2021