DATA AND PRIVACY POLICY

Who we are

Epsom Vineyard Church is a Christian Church affiliated to Vineyard Churches UK & Ireland and a Charitable Incorporated Organisation registered in England. Charity Registration No. 1178547 .

Registered Address: 23 Lansdowne Road, West Ewell, KT19 9QJ

Contact details: 01372 897 765 hello@epsomvineyard.org

Here at Epsom Vineyard Church we take your data and privacy seriously and are committed to protecting your personal information.

Data Protection Act 2018

The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).

The data legislation is designed to protect personal data about living individuals. This means that any person or organisation who handles personal data must comply with the requirements of the legislation.

This policy sets out the basis on how we collect, store and process and personal information and what that means for you.

Information is collected from you so that we can keep in contact with you and let you know of news and events happening in the church that we think may be of interest to you. You may be asked to provide information such as your name or email address in order to sign up to an event or to receive information from us on church-related activities. It is entirely your choice whether to give us information about yourself or not.

There are governing principles that must be followed in relation to the processing of data about individuals including that data be:

• processed lawfully
• collected for a specific purpose
• relevant and necessary
• correct and up to date
• kept no longer than needed
• processed in accordance with individual's rights
• kept securely
• not be shared outside of the United Kingdom ("UK") without verifying adequate level of protection

What information do we collect?

Information that you give us: We collect personal information from forms that you have filled in on our websites or on paper, through ChurchSuite, or at events we run, corresponding with us by phone, email or letter.

The information you give us may include personal data such as your name, date of birth, postal address, e- mail address, phone number, financial and credit card information, personal description and/or photographs.

If you consider yourself a member of Epsom Vineyard Church, you may have signed up for a ChurchSuite account and you will have therefore given us some of your personal information, such as name, address, date of birth, contact details and areas of the church and its events that you are interested in hearing more about.

Information we collect about you: We collect personal information when you interact with our website. We will automatically collect personal data such as IP address, details of pages visited and files downloaded. Website usage information is collected using cookies. The cookies section below provides greater detail.

Information we receive from other sources: We may also receive information about you from other Vineyard churches, other websites that we control, third parties who work closely with us including, for example, business partners, payment and delivery services and search information providers.

Sensitive data: Data Protection laws recognise that certain categories of personal information are more sensitive. This is known as sensitive personal data or special category data.
We may hold certain categories of sensitive information that you have told us about, such as your health and this will be used to ensure we provide the best care and support we can.

If you are an Epsom Vineyard Church employee, a sessional worker or a volunteer, we may also hold certain categories of sensitive information such as personal financial details, age, gender, marital status, date of birth, full employment and educational history, references, medical and criminal records.

Why do we hold personal data?

We collect personal data for the following:

General administration of the church, e.g. pastoral care, preparation of rotas, recording attendance, maintaining financial records of giving for audit and tax purposes;

Contacting you to keep you informed of church-related activities and events;

Statistical analysis; to monitor trends in attendance at services, small groups and courses to help us be more responsive to the needs of the church.

How will we use your information?

We may use information in the following ways:

To let you know of news and events, via email and text of what's going on at Epsom Vineyard Church, the wider Vineyard movement and other affiliated organisations, if you have consented for us to do so.

To provide you with information and resources you have requested about our activities To process event bookings that you have signed up to.

To contact you about and to process any donation(s) we may receive from you, to claim Gift Aid on these donations and to update you on how your donations are being used.

To maintain accurate and up to date records of our employees, volunteers and church members.
To run checks on employees and volunteers in accordance with our safeguarding and employment policies.

To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

To improve our website to ensure that content is presented in the most effective manner for you and for your device.

As part of our efforts to keep our site safe and secure.

Any special category or sensitive data you may provide to us are only shared on an absolute need to know basis.

Where do we store your personal data?

We are committed to holding your personal information securely. Only Epsom Vineyard Church staff and authorised volunteers that need to see the data can access it;

We may store your information on computers (on hard drives, or use cloud-based storage), in paper form, or both. All computers that store any personal data are password protected.

Any paper files that hold personal information (other than names and contact details) are kept on secure premises in locked cupboards and filing cabinets.

The data that we collect from you may be transferred to, and stored at, a destination outside the UK. By submitting your personal data, you agree to this transfer, storing or processing. We will take all reasonable steps to ensure that your data is treated securely and in accordance with this policy and in compliance with the General Data Protection Regulations (2018).

Information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our site or app (ChurchSuite), you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

The transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

What is our legal basis for processing your data?

Our legal basis for processing personal data is different depending upon the purpose it was collected for. The following list covers the main types of data that we hold.

Data collected to keep you informed about a specific area you expressed an interest in, is held to fulfil your legitimate interest and ours.

Data collected to keep you posted about Epsom Vineyard Church news and events is held via consent (unless otherwise stated).

Data collected through our booking systems for the events and courses that we run is held for our legitimate interests or because of a contractual obligation to do so.

Data collected about your children or young people when they are attending Epsom Vineyard Kids or Youth is held on parental consent and vital interests.

Employee, volunteer and church member data records are processed to comply with legal
and contractual obligations and to fulfil our legitimate interests as a church community. Some of your records may be held with your consent. Where we choose to hold such records on consent we will ask for you to agree to this when your data is collected. We will also inform you how you can withdraw your consent if you wish to do so.

How long do we hold your data?

The length of time that we will retain your data will vary depending upon the purpose for which it is processed.

Information will only be kept as long as is necessary for the purposes for which you provided it or we obtained it and will be minimised to ensure we only keep what is necessary.

Your rights

Under DPA legislation you have a number of rights about how your data is processed. Full details of your personal rights can be found on the Information Commissioner’s Office website.
Your rights include the right to:

  • be informed about our usage of personal data

  • request access to the data we hold about you

  • have inaccurate and incomplete data updated or amended

  • have the personal data we hold on you deleted (except where we are required to hold the data by law)

  • restrict the processing of your personal data in certain circumstances

  • obtain a portable copy of certain personal information where this is processed automatically

  • object to processing of your information in certain circumstances

We don’t carry out automated processing or profiling.

Data that is held on consent will only be processed as long as we have your consent.

To withdraw your consent or to exercise any of these rights you can contact us by emailing hello@epsomvineyard.org

Other websites

Our site may contain links to and from other websites, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own data and privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Specifically, you can access the data privacy policy and cookies policy for ChurchSuite here:

churchsuite.com/privacy-policy

churchsuite.com/cookies

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the website owners.

You can accept or decline cookies by modifying the settings in your browser. Please note that if you disable all cookies then you may not be able to access some parts of our websites.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, please visit www.allaboutcookies.org

Our websites use cookies for the following reasons:

  • To allow you to carry information across pages of our websites and avoid having to re-enter information when you return to one of our sites;

  • To measure our website traffic and analyse how our websites work. This will allow us to make changes to our websites in the future and make them easier to use;

Acceptance of our cookies policy

If you do not change your browser settings and you continue to use our websites, we will conclude that you have consented to us using cookies as detailed in the policy. If you select any option we offer for us to store your cookie preferences for our websites, we will use a cookie on your device to remember this for future visits.

Changes to Our Privacy Policy

Any changes we make to our data and privacy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our data and privacy policy.

This policy was last updated November 2024

For more information regarding data protection legislation please go to ico.org.uk