DATA PROTECTION AND PRIVACY POLICY

Victory Church uses personal data about individuals for the purpose of general church administration, pastoral care, and communication.

Victory Church recognises the importance of the correct and lawful treatment of personal data. All personal data, whether held on paper, on computer, or other media, will be subject to the appropriate legal safeguards as specified in the General Data Protection Regulation (GDPR) and subsequent legislation.

Victory Church fully endorses and adheres to the principles of the GDPR. These principles specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transporting, and storing personal data. Employees and any other individuals who handle, process, transport, and store personal data for Victory Church must adhere to these principles.

Lawfulness, Fairness, and Transparency
Personal data shall be processed lawfully, fairly, and in a transparent manner in relation to the data subject.

Purpose Limitation
Personal data shall be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

Data Minimisation
Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

Accuracy
Personal data shall be accurate and, where necessary, kept up to date.

Storage Limitation
Personal data shall be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

INTEGRITY AND CONFIDENTIALITY

Personal data shall be processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.

ACCOUNTABILITY

The controller shall be responsible for, and be able to demonstrate, compliance with the GDPR.

HOW WE COLLECT YOUR PERSONAL DATA

We collect personal information each time you are in contact with us. For example, when you:

Visit our website;

Sign up to serve within the church;

Make a donation when completing an offering envelope;

Register for one of our church events;

Provide your details online, in writing, or orally to church staff or volunteers.

MAINTAINING CONFIDENTIALITY

Victory Church will treat all of your personal information as private and confidential. Your personal information will only be disclosed to those within the church responsible for facilitating the day-to-day administration and ministry of the church and who have a need to access your information.

All Victory Church staff and volunteers who have access to personal information will be required to agree and sign a Confidentiality Policy and Data Protection Policy.

There are four exceptional circumstances where we may be permitted by law to disclose personal data:

Where we are legally compelled to do so;

Where there is a duty to the public to disclose;

Where disclosure is required to protect your interest;

Where disclosure is made at your request or with your consent.

USE OF PERSONAL DATA

Victory Church will use your data for four main purposes:

The day-to-day administration of the church, including pastoral care and oversight (such as calls and visits), preparation of ministry rotas, and maintaining financial records of giving for audit and tax purposes.

Contacting you to keep you informed of church activities and events.

Statistical analysis, including attendance and gaining a better understanding of church demographics (NB: Collated data may be disclosed to third parties, e.g. general home group attendance, but personal information will always be removed).

Employment