Privacy Policy

1. Purpose of this Privacy Notice
   
   The Church recognises the importance of your privacy and this Notice sets out the way in which we will use, disclose and protect your personal information.
    

2. Your personal data – what is it?
   
   Personal data is any information relating to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
    

3. Who are we?
   
   Helen's Bay Presbyterian Church is the data controller (contact details at the end of this notice).  This means that we decide how your personal data is processed and for what purposes.  HBPC may change this policy from time to time and any such changes will be published on our website.  Notwithstanding any change to this policy, we will continue to process your personal data in accordance with your rights and our obligations in law.
    

4. How do we process your personal data?
   
   We collect data necessary for the Church to pursue its stated charitable objective of the advancement of religion.
   
   In furtherance of this we will use your personal data for one or more of the following purposes depending on the way in which you are connected to, engage with, or avail of services provided by the Church:
    

   • To run the central administration of the Church including its Councils, Committees, Panels, Task Groups etc.;

   • To liaise with and support Presbyterian Church in Ireland congregations and Presbyteries; including maintaining records of ministers, clerks of session, treasurers and other officials and the publication of the annual Directory;

   • To maintain contact details for officials in groups that are part of the Presbyterian Church in Ireland, other denominations and partner churches ;

   • To provide social care services;

   • To provide pastoral care;

   • To provide loan and grant funding for congregational projects;

   • To provide and administer housing for retired ministers and their widows and widowers;

   • To provide information about news, events, prayer request and activities within the Church including the distribution of publications, mailings and newsletters, etc.;

   • To provide safeguarding services to the Church and its congregation;

   • For the purpose of conference/events management;

   • To enable people to participate in campaigns/allowing the administration of campaigns;

   • For the administration and support for users of IT resources;

   • For the fulfilment of contractual, regulatory compliance and legal obligations

   • To respond to general enquiries;

   
   Data collected and processed may include, but not be limited to:
    

   • name and title;

   • contact information including email address;

   • demographic information such as postcode

   • Sensitive data* may be collected where necessary for safeguarding purposes, or upon application to become a minister or to hold an office in the Presbyterian Church, or for employment purposes, or where required by law.

   
   * Article 9 GDPR defines sensitive data as information about an individual’s race, ethnic origin, politics, religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life, or sexual orientation.
    

5. What is the legal basis for processing your personal data?
   
   Organisations are permitted to process data if they have a legal basis for doing so. Helen's Bay Presbyterian Church processes data on the basis that:
    

   • Processing is necessary for the purposes of the legitimate interests pursued by the Church or a third party except where such interests are overridden by the interests, rights or freedoms of the data subject; and/or

   • Express and informed consent has been given by the person whose data is being processed; and/or

   • It is necessary in relation to a contract or agreement which the person has entered into or because the person has asked for something to be done so they can enter into a contract or agreement; and/or

   • There is a legal obligation on the Church to process data; and/or

   • Processing is necessary to protect the vital interests of a data subject or another person.

   
   Where we process special category sensitive data (under Article 9 of the GDPR) we process data on the basis that:
    

   • Explicit consent has been given by the person whose data is being processed; and/or

   • It is necessary for Helen's Bay Presbyterian Church  to carrying out its obligations under employment, social security or social protection law, or a collective agreement; and/or

   • Processing is necessary to protect the vital interests of a data subject or another individual where the data subject is physically or legally incapable of giving consent; and/or

   • Helen's Bay Presbyterian Church is a not-for-profit membership organisation with a religious aim and the processing relates only to members or former members or those who have regular contact with it in connection with its purposes, and no disclosure is made to a third party without consent of the person whose data is being processed; and/or

   • Processing is necessary for archiving purposes in the public interest, or scientific and historical research purposes or statistical purposes.
      

6. Data Integrity and Security
   
   We comply with our obligations under data protection regulations by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
    

7. Sharing your personal data
   
   Your data will not be shared outside of Helen's Bay Presbyterian Church, except where required to do so by law, or with trusted third parties (mailing, cloud storage, printing etc.), and only once satisfied that any such use of data will accord with this policy. Explicit, informed consent will be sought from individuals whenever and wherever required in accordance with data protection legislation.

8. How long do we keep your personal data?
   
   We will only retain your personal data for as long as it is legitimately required to fulfil the purpose or purposes for which it is required.  This will include compliance with statutory retention periods.
   
   We will regularly review the data we hold and securely delete or destroy any personal data that is no longer necessary for processing.
    

9. Your rights and your personal data
   
   Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
   ​

   • The right to request a copy of your personal data which PCI hold about you;

   • The right to request that we correct any personal data if it is found to be inaccurate or out of date; 

   • The right to request your personal data is erased where it is no longer necessary to retain such data;

   • The right to withdraw your consent to the processing at any time

   • The right to request that we provide you with your personal data and, where possible, to transmit that data directly to another data controller

   • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;

   • The right to object to the processing of personal data.

   • The right to lodge a complaint with the Information Commissioner’s Office.
      

10. Further processing
    
    If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
     

11. Contact Details
    
    To exercise all relevant rights, queries or complaints please in the first instance contact the Data Protection Lead at:

    Helen's Bay Presbyterian Church
    10 Church Road
    Helen's Bay
    BT19 1TP
    office@helensbaypc.co.uk
    +44 (0)28 9185 3780

​

About cookies


Cookies are small packets of information stored by a web browser on your computer. There are two main types of cookies: session cookies and persistent cookies. 

Session cookies are removed from your computer when you close your browser and are mainly used, for example, to store information about the items in your shopping basket.

Persistent cookies remain stored on your computer until they are deleted or when they reach their expiry date. This type of cookie is often used to anonymously track your activity on a website so the website owner can analyse the data to see if there are ways they can improve their website.

There are many reasons why a website may use cookies, however, the important thing to know about them is they are harmless. Like every other website on the Internet, we use cookies to help us understand how our website is performing. We certainly do not store any personal information, like your name or address.

Refusing cookies

Most browsers allow you to refuse to accept cookies, however, blocking cookies will have a negative impact upon the usability of some websites.

Managing cookies for each browser differs, so we have provided links to more detailed information for some the more popular browsers:

• Chrome

• Firefox

• Internet Explorer

• Safari

• Opera for MacIntosh