GDPR Privacy Notice








From the nominees of the  Rector


The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”). As the officers STOW, CONDICOTE AND THE SWELLS the PCC’s of those parishes have delegated to us their powers and functions as data controllers. This means we have responsibility for how your personal data is processed and for what purposes. We comply with the obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.



We may use your personal data for some or all of the following purposes: -


  • To enable the PCCs to meet all legal and statutory obligations (which include maintaining and publishing their electoral rolls in accordance with the Church Representation Rules);
  • To carry out comprehensive safeguarding procedures (including due diligence and complaints handling) in accordance with best safeguarding practice from time to time with the aim of ensuring that all children and adults-at-risk are provided with safe environments;
  • To minister to you and provide you with pastoral and spiritual care (such as visiting you when you are gravely ill or bereaved) and to organise and perform ecclesiastical services for you, such as baptisms, confirmations, weddings and funerals.
  • To provide a church body voluntary service for the benefit of the public in a particular geographical area.
  • To administer membership records;
  • To fundraise and promote the interests of the charity;
  • To manage employees and volunteers;
  • To maintain accounts and records (including the processing of gift aid applications);
  • To inform you of news, events, activities and services happening in the Benefice
  • To process any donation that you have made (including Gift Aid information);
  • To seek your views or comments;
  • To notify you of changes to our services, events and role holders;
  • To send you communications which you have requested and that may be of interest to you.These may include information about campaigns, appeals and other fundraising activities;
  • To process a grant or application for a role;
  • Using CCTV systems for the prevention and prosecution of crime.



We may collect personal data in some or all of the following ways:-


  • Names, titles, and aliases, photographs;
  • Contact details such as telephone numbers, addresses, and email addresses;
  • Where you make donations or pay for activities such as use of a church hall/other premises financial identifiers such as bank account numbers, payment card numbers, payment/transaction identifiers, policy numbers, and claim numbers.


The data we process is likely to constitute sensitive personal data because, as a church, the fact that we process your data at all may be suggestive of your religious beliefs. 



The legal basis on which we act


  • Most of the data for which we are controller is processed because it is necessary for the legitimate interests of the church or the legitimate interests of a third party (such as another organisation in the Church of England). An example of this would be safeguarding work in order to protect children and adults at risk. We will always take into account your interests, rights and freedoms.
  • Some processing is necessary for compliance with a legal obligation.For example, we are required by the Church Representation Rules to administer and publish the electoral roll, and under Canon Law to announce forthcoming weddings by means of the publication of banns.
  • We will seek explicit consent to keep you informed about news, events, activities and services and keep you informed about local church and other diocesan events.
  • We may also process data if it is necessary for the performance of a contract with you, or to take steps to enter into a contract. An example of this would be processing your data in connection with the hire of church facilities.
  • Processing is necessary for carrying out legal obligations in relation to Gift Aid or under employment, social security or social protection law, HMRC and other statutory requirements.
  • Religious organisations are also permitted to process information about your religious beliefs to administer membership or contact details.
  • Where your information is used other than in accordance with one of these legal bases, we will first obtain your consent to that use.
  • If we wish to use your personal data for a new purpose, not covered by this Data Protection Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.



Sharing your personal data

Your personal data will be treated as strictly confidential.  It will not be shared with third parties except where it is necessary for the performance of our tasks and only where you first give me your prior consent.

It will only be shared otherwise in respect of a legal/statutory obligation.  It is possible that we will seek permission to share your data, but only where necessary, with some or all of the following:


  • The appropriate bodies of the Church of England including the other data controllers.
  • Other clergy or lay persons nominated or licensed by the bishops of the diocese to support the mission of the Church in our parish.For example, clergy are supported by our area dean and archdeacon, who may provide confidential mentoring and pastoral support.Assistant or temporary ministers, including curates, deacons, licensed lay ministers, commissioned lay ministers or persons with Bishop’s Permissions may participate in the church’s mission in support of our regular clergy;
  • Other persons or organisations operating within the diocese as appropriate.
  • On occasion, with other diocesan clergy where we are carrying out joint events or activities
  • External statutory bodies (police, social care etc) where this is legally required.



Keeping your personal data


We keep data in accordance with the guidance set out in the guide “Keep or Bin: Care of Your Parish Records” which is available from the Church of England website.1


Specifically, we retain electoral roll data; gift aid declarations and associated paperwork for six years after the calendar year to which they relate; and parish registers (baptisms, marriages, funerals) permanently.


Your rights and your personal data 


Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -

  • The right to request a copy of your personal data which we hold about you;
  • The right to request that we correct any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary for me to retain such data;
  • The right to withdraw your consent to the processing at any time
  • The right to request that we (the data controller) provide you, (the data subject) with your personal data and where possible, transmit that data directly to another data controller, (known as the right to data portability), (where applicable). [Only applies where the processing is based on consent or is necessary for the performance of a contract with the data subject and in either case the data controller processes the data by automated means].
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;





  • The right to object to the processing of personal data, (where applicable)
    • This right only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics).
  • The right to lodge a complaint with the Information Commissioners Office.



Permissions and seeking consent


While there may be an expectation that people involved in the life of the diocese would expect to receive information from the PCC through email, post, etc; we are required through data regulations to ensure that we ask for your permission to do so in certain circumstances; and to ensure that it makes you aware of your rights in doing so.


Email and text

  • We will ask for your permission to contact you in this way.


Postal marketing;

  • From time to time we may send you information about the diocese and its work unless you have told us you would prefer not to receive this information by post.


Bulletins and newsletters

  • In the main we will require individuals to personally opt in and out of electronically sent information such as church newsletters.This ensures that individuals are able to manage the information they wish to receive.



Changes to this Privacy Notice

We will review this Privacy Notice regularly and may update it from time to time  - for example in the event of legal changes, to improve how we manage data, where an issue or concern has come to light that needs appropriate response.  If there are any significant changes in the way we process your personal information we will provide a prominent notice on our website or send you a notification.



Contact Details

To exercise all relevant rights, queries of complaints please in the first instance contact one of the following officers on:

Churchwarden Robert Barnett   01451 870349

Churchwarden Desmond Watson   01451 831489

PCC Secretary Susan Lipthorpe  01608 654150


You can contact the Information Commissioners Office on 0303 123 1113 or via email or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.



Page last updated: Saturday 6th November 2021 8:32 AM
Powered by Church Edit