DATA PRIVACY NOTICE
THE CHURCH COUNCIL OF ST. FRANCIS, SOUTH TENERIFE
1. Your Personal Data - what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone, or in conjunction with any other information in the data controller’s posesión, or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the GDPR)
2. Who are we?
The Church Council of St. Francis, South Tenerife is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.
3. How do we process your personal data?
The Church Council of St. Francis, South Tenerife comply with it’s obligations under the GDPR, by keeping personal data up to date; by storing and destroying it securely, by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorized access and disclosure, and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes:
4. What is the legal basis for processing your personal data?·
o the processing relates only to members, or former members, (or those who have regular contact with it in connection with those purposes); and
o there is no disclosure to a third party without consent.
5. Sharing your personal data.Your personal data will be treated
Your personal data will be treated as strictly confidential and will only be shared with other members of the church, in order to carry out a service to other church members, or for purposes connected with the church. We will only share your data with third parties, outside of the chaplaincy, with your consent.
6. How long do we keep your personal data?
We keep data in accordance with a guidance set out in the guide ‘Keep or Bin: Care Of Your Parish Records, which is available from the Church of England website.
Specifically, we retain Electoral Roll data while it is still current; gift aid declarations, and associated paperwork, for up to six years after the calendar year to which they
relate; and chaplaincy registers (baptisms, marriages, funerals) permanently.
7. Your rights and your personal data.
Unless subject to an exemption under the GDPR, you have the following rights, with respect to your personal data:-
[Only applies where the processing is based on consent, or is necessary for the performance of a contract with the data subject, and either case the data controller processes the data by automated means]
[Only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority; direct marketing and processing for the purposes of scientific/historical research and statistics].
• The right to lodge a complaint with the Information Commissioners Office.
8. Further processing.
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use, prior to commencing the processing and setting out the relevant purposes and processing conditions. Where, and whenever, necessary, we will seek your prior
consent to the new processing.
9. Contact details.
To exercise all relevant rights, queries or complaints, please, in the first instance, contact the Church Council Secretary, Marisha Carter, on 922.857990.
You can connect the Information Commissioners Office for Spain on www.agpd.es/
1. ABOUT THIS PRIVACY AND COOKIES NOTICE
The website Web address for the business's website: https://www.anglicanchurchtenerife.com/ is operated by Business name: (“we”, “us”, “our”).
1.1 We are committed to protecting your privacy and complying with our data protection obligations under the Data Protection Act 2018 (the DPA 2018),
the General Data Protection Regulation 2016/679 (the GDPR) and any other applicable UK legislation (together, Data Protection Law).
1.2 When you interact with us or use the Site, we act as the data controller of your personal data. This means that we are responsible for processing your personal data and deciding how to use it. This privacy and cookies notice explains the types of personal data we may collect about you when you interact with us, why we collect it, what we use it for and what rights you have over that data. Personal data is any information about an identifiable person. Processing is anything we do with your personal data, including using, storing, sharing and deleting it.
1.3 This notice was last updated on the date shown at the top. We may change this notice at any time by posting an updated version on the Site and will make reasonable efforts to bring any material changes to your attention. You may wish to check it before using the Site as any changes will be effective from the date that they are made.
2. CONTACT INFORMATION
2.1 If you have any concerns or would like further information about our use of data or this notice in general, you can contact Marisha Carter at email@example.com with any queries regarding the business's use of data or the notice.
3. WHAT INFORMATION DO WE COLLECT?
3.1 We collect, store and use the types of personal data set out in the table at the end of this notice.
4. HOW WILL WE USE YOUR PERSONAL DATA?
4.1 We will use your personal data for the purposes set out in the table at the end of this notice.
Give details of any automated decision-making or profiling activities that personal data might be used in:.
5. HOW DO WE SHARE YOUR PERSONAL DATA?
5.1 When we share personal data, we do so in accordance with Data Protection law. We may share certain personal data, where necessary, with employees, contractors, consultants or advisers, to facilitate sales and for general commercial purposes
In addition, where necessary, your personal data may be shared with:
5.1.1 group, associated or affiliated companies including Ist The Companies Within The Company Group With Which Personal Data Is Shared, for internal administrative purposes.
5.1.2 parties who provide products or services to us, such as software development, user analytics, email services, payment processing, advertising, user notification and feedback functionality, marketing companies who help us manage our communications with you etc.
5.1.3 if the company or business is sold, transferred or integrated with another business, with our advisers, a prospective purchaser, a prospective purchaser’s advisers or the new owner of the company or business to facilitate the process.
5.1.4 Detail any other instances of data sharing, giving a brief explanation of why the business does it:.
5.2 We may also provide third parties with aggregated but anonymised information and analytics about our customers. Before we do so we will make sure that it does not identify you.
6.2 We use the following categories of cookies and similar technologies on this Site:
6.2.1 Strictly necessary cookies: These cookies are essential to enable you to move around the Site and use its features. Without these cookies, services you have asked for (such as remembering your login details or the items you placed in your basket) cannot be provided.
6.2.2 Analytics cookies: These cookies collect information about how you use the Site, for instance which pages you go to most often, what searches you perform and if you get error messages from web pages. Information these cookies collect can be used to improve how the Site works.
6.2.3 Customization cookies: These cookies allow the Site to remember choices you make (such as your user name) and provide enhanced, more personal features. These cookies cannot track your browsing activity on other Sites.
6.2.5 Social media cookies: These cookies allow you to share your activity on the Site on social media such as Facebook and Twitter. These cookies are not within our control. Please refer to the privacy policies of the social networks in question for information regarding how their cookies work.
6.2.6 Targeting or advertising cookies: These cookies record your visit to the Site, the pages you have visited and the links you have followed. We use this information to make our Site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
6.3 When you visit the Site for the first time (and periodically after that), we will request your consent to the setting of all cookies other than strictly necessary cookies.
6.4 You can delete existing cookies and disable some or all types of cookies in future if you wish. To disable some or all types of cookies, you will have to either change the settings on your browser or use the cookie manager tool on the Site. See https://www.allaboutcookies.org/manage-cookies/ for information on how to change your browser settings. If you change your mind, you can enable cookies again at any time. Disabling cookies on your browser may stop the Site from working properly.
6.5 To find out more about cookies please visit www.allaboutcookies.org.
7. THIRD PARTY LINKS
7.1 This Site contains links to other websites over which we have no control. We are not responsible for and do not review or endorse the privacy policies or practices of other Sites which you choose to access from this Site. We encourage you to review the privacy policies of those other Sites, so you can understand how they collect, use and share your personal information.
8. YOUR RIGHTS
8.1 We respect your rights to privacy and will respond to requests for access or control over information about you in accordance with Data Protection Law. We may require you to verify your identity before we take any action.
8.2 Depending on the reason we have your personal data, you have a right to:
8.2.1 access the personal information we hold about you (commonly known as subject access);
8.2.2 request that we correct or complete personal information we hold about you that is inaccurate or incomplete;
8.2.3 request that we erase your personal information in some circumstances, or object to our processing it as detailed at paragraph 8.5;
8.2.4 restrict how we use your personal information, in certain circumstances;
8.2.5 request that we provide you with copies of your personal information in a machine-readable format or transfer it across different services; and
8.2.6 where we have asked for your consent to process your data, to withdraw this consent.
8.3 These rights are limited in some situations under Data Protection Law – for example, where we can demonstrate that we are under a legal obligation to process your data.
8.4 If you wish to exercise any of these rights, please contact us using the details in paragraph 2 above.
8.5 Your right to object
You have a right to object to our processing of your personal data and ask us to stop doing so. If we are processing your personal data or direct marketing purposes (which includes profiling to the extent that it is related to such direct marketing) and you object to this, we will stop processing your personal data immediately.
If our processing of your personal data including any profiling activities is in the public interest or pursuant to our legitimate interests and you object to this, we will stop processing your personal data unless we have compelling reasons which override your interests, or our use of your personal data is for the establishment, exercise or defence of legal claims.
8.6 We hope that we can satisfy any queries you may have about the way we process your data. However, if you have unresolved concerns you also have the right to complain to data protection authorities (in the UK, the Information Commissioner’s Office). You can call the ICO on 0303 123 1113 or go to their website: https://ico.org.uk/make-a-complaint/).
9. DATA RETENTION
9.1 Your personal data will only be kept for as long as necessary for our purposes. Specific periods are set out in the table at the end of this notice.
10. DATA PROTECTION PRINCIPLES
10.1 We process your personal data in accordance with the following principles:
10.1.1 we process your personal data lawfully, fairly and in a transparent way;
10.1.2 we collect your personal data for specified, explicit and legitimate purposes; any further processing we do is compatible with the original purposes for which for which we collected it;
10.1.3 we only process personal data which is adequate, relevant and limited to what is necessary to achieve the purpose for which it is processed;
10.1.4 we take reasonable steps to ensure that all personal data is accurate and kept up to date where necessary;
10.1.5 we do not store personal data in a form which identifies you for any longer than is necessary for the purposes of processing; and
10.1.6 we process personal data securely and in a way that protects against unauthorised or unlawful processing, accidental loss, destruction or damage.
10.2 When we ask for your personal data we will tell you whether you are required by law or contract to provide it, and what will happen if you do not provide the data.
10.3 Any request for consent to the processing of your personal data will be made directly to you and will include information about why we require the personal data and what will be done with it.
11. WHAT IS OUR LAWFUL BASIS FOR PROCESSING?
11.1 We will only process personal data when we have a lawful basis for doing that processing. The table at the end of this notice sets out the lawful basis we rely on for each type of data we process.
11.2 We will choose one of the lawful bases in the GDPR to justify how we use your personal data. These are:
11.2.1 Consent: You have given consent to the processing of your personal data for one or more specific purposes.
11.2.2 Contract: The processing is necessary for the performance of a contract with you or in order to take steps at your request before entering into a contract.
11.2.3 Legal obligation: We need to process your personal data to comply with a legal obligation.
11.2.4 Vital interests: The processing is necessary to protect the vital interests of you or another person.
11.2.5 Public interest: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of some official authority.
11.2.6 Legitimate interests: Processing is necessary for the purposes of legitimate interests pursued by us or someone else, except where such interests are overridden by your interests or fundamental rights and freedoms requiring the protection of your personal data.
TABLE OF PERSONAL INFORMATION WE USE
We also use third-party cookies that help us analyze and understand how you use this website, to store user preferences and provide them with content and advertisements that are relevant to you. These cookies will only be stored on your browser with your consent to do so. You also have the option to opt-out of these cookies.But opting out of some of these cookies may have an effect on your browsing experience.
Please also check our Cookie consent banner and save your preferences.
The table below sets out detailed information about our purposes for processing, the basis for processing and the retention period for the personal data.