Our Privacy Policy

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”)

Your privacy is important

This policy (together with our terms of website use and any other documents referred to therein) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the Data Protection Act 2018 (the Act), and “GDPR”, the data controller is The PCC of the Parish Holy Sepulchre with St Andrew and St Lawrence, Northampton (or “The Church Of The Holy Sepulchre, Northampton”) This means it decides how your personal data is processed and for what purposes. The data controller is Sarah Newton and can be reached at sarah@holysepulchre.co.uk. 

Information we may collect from you

The The Church Of The Holy Sepulchre Northampton complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for the following purposes: –

To enable us to provide a voluntary service for the benefit of the public in a particular geographical area as specified in our constitution;

To administer membership records;

To fundraise and promote the interests of the PCC;

To manage our employees and volunteers;

To maintain our own accounts and records (including the processing of Gift Aid applications);

To inform you of news, events, activities and services running at The Church Of The Holy Sepulchre;

To share your contact details with the Diocesan Office so they can keep you informed about news in the Diocese and events, activities and services that will be occurring in the Diocese and in which you may be interested.

We may collect and process the following data about you: –

Information that you provide by filling in forms on our website. This includes information provided whilst requesting further information about us or requesting that we contact you about your enquiries;

If you contact us, we may keep a record of that correspondence;

Details of transactions you carry out through our site and of the fulfilment of your orders and / or purchases;

Personal identification information (name, email address, phone number, address).

You will directly provide us with most of the data we collect. We collect data and process data when you:

Register online or place an online order or make an online purchase;

Voluntarily complete a survey or provide feedback via our website or email;

Use or view our website via your web browser software.

We collect your data so that we can: –

Process your orders and / or purchases, and to manage your online account;

Email you with information we think you might like;

To ensure that content from our site is presented in the most effective manner for you and for your computer;

To provide you with information that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;

To carry out our obligations arising from any contracts entered into between you and us;

To allow you to participate in interactive features of our web service, when you choose to do so;

To notify you about changes to our web service.

What is the legal basis for processing your personal data?

Explicit consent of the data subject (yourself) so that we can keep you informed about news, events, activities and services and keep you informed about Diocesan events;

Processing is necessary for carrying out legal obligations in relation to Gift Aid or under employment, social security or social protection law, or a collective agreement;

There is no disclosure to a third party without your consent.

Sharing your personal data

Your personal data will be treated as strictly confidential and will only be shared with other members of the church in order to carry out a service to other church members or for purposes connected with the church. We will only share your data with third parties outside of the Parish with your consent.

We may receive data about you from third party companies or organisations you give us permission to deal with directly. If you agree, we may also share your data with our partner companies or organisations so that they may offer you their products and services.

When we process your order, we may send your data to, and also use the resulting information from, credit reference agencies to prevent fraudulent purchases.

Where we store your personal data

The data that we collect from you is primarily stored within the UK. It also may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

How long do we keep your personal data? 1

We keep data in accordance with the guidance set out in the guide “Keep or Bin: Care of Your Parish Records” which is available from the Church of England website [see footnote for link]

Specifically, we retain electoral roll data while it is still current; Gift Aid declarations and associated paperwork for up to 6 years after the calendar year to which they relate; and Parish registers (baptisms, marriages, funerals) permanently.

Transferring data over the Internet

The transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data using 256-bit SSL (Secure Socket Layer), we cannot guarantee the security of your data transmitted to our site. Any data transmitted is sent from your Internet connection at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

IP addresses

We may collect information about your computer, including where available, your IP address, operating system and browser type, for system administration. This is anonymous statistical data about our users’ browsing actions and patterns, and does not contain any personal information that enables us to identify any individual.

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.

Disclosure of your information

We may disclose your personal information to third parties:

In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;

If Church Of The Holy Sepulchre or substantially all of its assets are acquired by a third party, in which case personal data held by it about our parishioners, visitors or customers will be one of the transferred assets;

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or terms of service and other agreements; or to protect the rights, property, or safety of the Church Of The Holy Sepulchre, our parishioners, visitors or customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Your rights and your personal data

You have the right at any time to ask us not to process your personal data for marketing purposes. If you no longer wish to be contacted for marketing purposes, please send your request via email. You can also exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.

Our site may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following rights with respect to your personal data unless subject to an exemption under the GDPR: –

The right to access – You have the right to request copies of the personal data we hold;

The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete;

The right to erasure – You have the right to request that we erase your personal data, under certain conditions;

The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions;

The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions;

The right to data portability – You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you have any questions about our Privacy Policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Should you wish to report a complaint or if you feel that Holy Sepulchre Church has not addressed your concern in a satisfactory manner, you may contact the ICO (Information Commissioner’s Office)

Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

Contact Details

To exercise all relevant rights, queries of complaints please in the first instance contact the PCC Secretary at Holy Sepulchre Church on hello@holysepulchre.co.uk. You can contact the Information Commissioner’s Office on 0303 123 1113 or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

Changes to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.


1 Details about retention periods can currently be found in the Record Management Guides located on the Church of England website at: – www.churchofengland.org/more/libraries-and-archives/records-management-guides

Historic Round Church Welcoming worshippers and Visitors since 1100 ad