If you continue to browse and use this website, you are agreeing to comply with and be bound by the following terms and conditions of use, which, govern the Church’s relationship with you. If you disagree with any part of this policy please do not provide personal information and do not use our website.
This policy explains how the Church and the website comply with the DPA (Data Protection Act), the General Data Protection Regulation (GDPR) which came into effect on 28 May 2018, and the Privacy and Electronic Communications Regulations. We may update this policy when the UK exits the European Union.
By providing your personal details you agree to allow the Church to contact you by post, email, telephone or telephonic and electronic text messages (and other messaging tools including Facebook, WhatsApp etc) in connection with its charitable purposes. either on the basis of the consents you have given us or for our legitimate interests in accordance with current data protection regulations.
We collect personal information each time you are in contact with us. For example, when you:
The Church does not hold any debit or credit card details for donations/payments made via our websites. All card payments are handled by service providers who encrypt card information sent from this website.
The information you provide to us will be held on our Church database, ChurchSuite. The ChurchSuite data centre is in Manchester (UK Fast) and also AWS, in London.
This information may be accessed by or given to our team at the Church, and our service providers who act for us for the purposes set out in this policy or for other purposes approved by you. Those parties may process information, fulfil and deliver orders, process credit card payments and provide support services on our behalf.
We do not sell or pass any of your personal information to any other organisations and/or individuals without your express consent, with the following exceptions:
Sensitive Personal Information: The Church may collect and store sensitive personal information such as health information (for pastoral support). Your personal information will be kept strictly confidential. It is never sold, given away, or otherwise shared with anyone, unless required, by law.
Please tell us as soon as any of your contact details change so that we can keep our records up to date. You can change the way we contact you, or the kind of material we send you, at any time by contacting us by mail or email using the contact details above. You can unsubscribe from our regular emails or texts at any time by using the ‘unsubscribe’ or ‘change preferences’ links on the email or texts you have received.
If you register with MyChurchSuite you can personally log-on and update your contact details.
You can request access to the personal information that the Church holds about you by contacting the Church’s Privacy Officer as set out below. We will provide you with access to your personal information within one month, unless we are legally authorised to refuse your request or if your request is deemed manifestly unfounded or excessive. In the rare event that we do refuse a request, we will inform you why and let know that you have the right to complain to our Privacy Officer and the statutory supervisory bodies.
If you wish to change personal information that is out of date or inaccurate at any time please contact us. The Church will take reasonable steps to correct any of your information which is inaccurate, incomplete or out of date. If you wish to have your personal information deleted please let us know and we will delete that information wherever practicable.
We may refuse your request to access, amend or delete your personal information in certain circumstances. If we do refuse your request, we will provide you with a reason for our decision and, in the case of an amendment, we will note with your personal information that you have disputed its accuracy.
The Church will take reasonable steps to keep secure any personal information, which we hold and to keep this information accurate and up to date. Personal information, held electronically, is stored in a secure server or secure files.
The Internet is not a secure method of transmitting information. Accordingly, the Church cannot accept responsibility for the security of information you send to or receive from us over the Internet or for any unauthorised access or use of that information. We take security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. Your information will be held for a reasonable period or as long as the law requires or permits.
In the event that a Data Breach has been discovered the Church Privacy Officer will be notified immediately. A Data Breach, confirmed or suspected, is any incident that may compromise the confidentiality, integrity or availability of systems or data either accidentally or deliberately. Such incidents could include:
The Church Privacy Officer will investigate the breach and determine any corrective measures that need to be implemented, with appropriate levels of urgency. The Church Privacy Officer will notify the Information Commissioner’s Office if it is likely to result in a risk to the rights and freedoms of individuals e.g. if it could result in discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage. The Church Privacy Officer would also notify those directly concerned if the breach is likely to result in a high risk to the rights and freedoms of individuals.
The Church Privacy Officer will maintain a record of all Data Breaches.
Cookies are small amounts of information that we store on your computer. Unless you have indicated your objection when disclosing your details to us, our system will issue cookies to your computer when you log on to the site. Cookies make it easier for you to log on to and use the site during future visits. They also help to monitor website traffic and to personalise the content of the site for you but will not store save or collect personal information. You may set up your computer to reject cookies although, in that case, you may not be able to use certain features on our site.
This website may also include links to other websites. Links provided by the Church are for your convenience to provide further information.
We use websites such as Vimeo and YouTube to embed videos on our website, service providers such as MailChimp and Google Analytics and you may be sent cookies from them via our site. Please look at the cookie and privacy policies on these third-party sites if you want more information about this.
The Church uses social media such as Facebook, Twitter and Instagram. Users must verify authenticity of sites before posting or providing personal information on such sites.
Our website may provide social media buttons, permitting sharing our web content directly to a social media, platform. Use of such buttons is at your own risk. Unless it is material supplied or officially posted by the Church we do not endorse social media website(s) and have no responsibility for the content nor for the cookies they may contain.
The Church does not ask for passwords nor personal details on social media.
The GDPR provides the following rights for individuals:
For more information about your information rights visit www.ico.org.uk.
Any documents or files made available to download from our website are provided at users own risk.
The Privacy Officer
Garden City Vineyard
c/o 42 Sheep Street
Garden City Vineyard, Milton Keynes is a registered charity (No: 1194753).