Sevenoaks Church Data Privacy Policy

Sevenoaks Church Data Privacy Policy
Last updated: November 2025

1. Introduction
Sevenoaks Church is a Christian church based in Otford, Kent. Our vision is to build a welcoming community
where people can encounter Jesus and grow together in faith. We care deeply about our members, visitors,
and wider community — and that includes protecting your privacy.
This policy explains how we collect, use, and store your personal data, and what this means for you.
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are
Sevenoaks Church is the data controller. This means we decide how and why your personal data is used.
Contact details:
Sevenoaks Church
49 Pilgrim Way West, Otford, Sevenoaks, Kent TN14 5JQ
📧 hello@sevenoakschurch.co.uk   📞 07470 735455
Sevenoaks Church is a charitable organisation that provides Christian worship, pastoral care, community events, and related activities.

3. What Information We Collect
We comply with UK data-protection law by keeping data up to date, storing and destroying it securely,
and collecting only what we need.

3.1 Directly from You
We collect information when you:
- Fill in a form, register for an event, or contact us by email or phone
- Make a donation or sign a Gift Aid declaration
- Join a group, volunteer, or use our Sunday children’s check-in system
- Request information or pastoral support

3.2 From Third Parties
We may receive information from third-party platforms such as ChurchSuite, Stripe, or other donation services
when you interact with us through them. You should also check their privacy policies for details of how they process your data.

3.3 Publicly Available Information
We may use publicly available information (for example, from social-media platforms) if you interact with our official pages.

3.4 Sensitive Data
We may collect sensitive information such as:
- Religious beliefs
- Health information (e.g., allergies for children’s work)
- Pastoral or prayer needs
This information is handled with particular care and only with your consent.

4. What We Do With Your Information
We use your personal data to:
- Provide pastoral care and prayer support
- Manage membership and attendance records
- Process donations and claim Gift Aid
- Communicate news, events, and services
- Manage volunteers, rotas, and safeguarding records
- Maintain our accounts and records
We do not sell your data or share it for marketing.

4.1 Basis for Processing
We rely on the following lawful bases:
- Consent – when you sign up for updates or share personal information
- Legal obligation – to meet HMRC and safeguarding requirements
- Legitimate interest – to manage the church community
- Vital interests – to protect someone’s life or safety

4.2 Employment and Volunteering
If you apply for a role or volunteer with us, we may process personal and sensitive data (such as references, DBS checks, and qualifications)
to support recruitment and safeguarding.

5. How and Where We Store Your Information
5.1 Retention
We only keep personal information for as long as necessary for the activity or as required by law (e.g. six years for Gift Aid and financial records).

5.2 Security
We use secure, password-protected, and encrypted systems. Access is limited to authorised staff and volunteers, all of whom receive data-protection training.

5.3 Payment Security
If you make donations online or by card, transactions are handled securely through trusted providers that meet Payment Card Industry Data Security Standards (PCI-DSS).
We do not store card details.

5.4 Cloud Storage
We use ChurchSuite (UK-based and GDPR-compliant) and other reputable cloud-based systems to store and process data.
Data may occasionally be processed outside the UK using approved international safeguards.

6. When We Share Your Personal Information
Your data is treated as confidential. We only share information when necessary:
- With staff or volunteers to carry out church activities
- With HMRC (for Gift Aid)
- With safeguarding or legal authorities if required by law
- With trusted service providers (e.g. Mailchimp, ChurchSuite) under written data-processing agreements
We remain responsible for your data and ensure that all partners handle it securely.

7. Cookies
7.1 What Are Cookies?
Cookies are small text files placed on your device that help websites work properly and collect analytics information.

7.2 How We Use Cookies
Our website uses cookies (including Google Analytics) to improve usability and understand how visitors use our site.

7.3 Managing Cookies
You can manage or disable cookies through your browser settings. Some features of our website may not work correctly if cookies are disabled.

8. Children
When families use our children’s or youth activities, we collect personal data (such as names, contact details, and medical information)
with the consent of a parent or guardian. This information is securely stored and only used for safeguarding and communication.

9. Your Choices and Keeping Details Up to Date
9.1 Preferences
You can update how we contact you or withdraw consent at any time by emailing hello@sevenoakschurch.co.uk.

9.2 Updating Your Details
Please let us know if your contact information changes so we can keep our records accurate.

9.3 Stopping Processing
You have the right to request that we stop processing your data, delete it, or restrict how we use it.

10. Access to Your Information
You have the right to access the personal information we hold about you. To make a request, contact us at hello@sevenoakschurch.co.uk.
For more details about your rights, visit the Information Commissioner’s Office (ICO) at www.ico.org.uk.

11. Changes to This Policy
This policy was last reviewed in November 2025. We may update it occasionally to reflect changes in legislation or church processes.
The most recent version will always be available on our website.

12. Further Processing
If we need to use your data for a new purpose not covered by this notice, we will notify you and explain the new purpose before any processing begins.

13. Governing Law
This Privacy Policy is governed by the laws of England and Wales. Any disputes will fall under the non-exclusive jurisdiction of the English courts.

Contact:
📧 hello@sevenoakschurch.co.uk   📞 07470 735455
📍 Sevenoaks Church, 49 Pilgrim Way West, Otford, Sevenoaks, Kent TN14 5JQ