GDPR
GDPR and your Church
Long Buckby United Reformed Church
The general data protection regulation (GDPR) is a law that came into
effect in 2018. It’s the biggest overhaul of data protection legislation for
over 25 years, and introduced new requirements for how organisations
process personal data.
Your Elders are looking at this now, here are some of the points to consider.
Arrange a Data Audit
Audit what personal data you hold, where it came from and who you share
it with.
Review how you ask for consent
Under GDPR, simply saying “click here to read our privacy policy” is no
longer enough. You need to explain clearly why you are collecting personal
data and how you intend to use it.
Ultimately, GDPR is very clear that an individual’s choice to say “no” is
paramount.
Provide User Access to Personal Data
People can make subject access requests at any time to check the data
you hold and what you do with it.
Manage Data
Charities should put a process in place, such as to include “Find out what
information we hold on you” and “Remove all information about me”
sections in your privacy policy to give people clear information.