Data Protection Principles
The South East Leinster Circuit of the Methodist Church in Ireland complies with the General Data Protection Regulation (GDPR) as implemented in May 2018. We aim to ensure that, when processing information belonging to individuals, we will use that data lawfully, fairly and transparently; for limited purposes, and; we will request only the data that is relevant and necessary. We will endeavour to ensure such data is accurate; not kept forever, and; kept secure and confidential. Training in data protection is recommended for all our staff and volunteers who store and/or use people’s information. We will post this Privacy Notice in our buildings, official publications and on our websites. We will review this policy every three years.
You have data protection rights that you can exercise over the information you give us. These rights include: to be informed how your data is being used; to have access to the information we hold about you; to have inaccuracies corrected; to have your information erased; to object to or restrict the ways we process your information; to not be subject to decisions made by automated processing including profiling, and; data portability (to receive your digital information in a useful format). There may be some legal restrictions on these rights, which we will explain as appropriate. If you feel your rights haven’t been upheld please contact us in the first instance, or you can communicate with the Methodist Church in Ireland (Secretary of Conference) at 1 Fountainville Avenue, Belfast BT9 6AN; Phone: (028) 9032 4554; E-mail: firstname.lastname@example.org.
Our Contact Details
If you need to get in touch with us please
Rev Mark Forsyth
Address: 137 Wheatfield, Bray, Co. Wicklow, A98 XA43
Phone: (01) 5520043
We may record and process some or all of the following personal information about you:
- contact details (address, phone numbers, e-mail address)
- date of birth
- photographs/video recordings
- financial giving to the church through Envelopes or Standing Orders
- PPS number (for the purpose of reclaiming tax on financial giving only)
- religious beliefs
- health and medication
- records related to Garda Vetting and attendance at Child Protection Training sessions
- records relating to Baptisms, Weddings and Funerals
- pastoral notes (Minister only)
- insurance details (for Tenants and Third-Party service providers only)
We use this data so that we might:
- encourage you in your discipleship and provide pastoral care to you as part of the church family, e.g. by visiting at your home, calling your telephone, or sending a text message or e-mail
- keep you informed about life in the church family, e.g. by sending you occasional notices by post, e-mail or text message, including information about the Methodist Church in Ireland
- process your involvement in activities of the church family, including groups that meet regularly as well as residential and other special trips
- encourage you to give money to the church for our ongoing mission and property maintenance, in addition to funds of the Methodist Church in Ireland that support: mission in Ireland (Methodist Home Mission) and overseas (World Mission Partnership); children in poverty (Child Care Society); and overseas aid (World Development and Relief)
- facilitate the organisation of the church and circuit, e.g. by creating rotas or following Methodist Church in Ireland directives
- pray effectively for your concerns
- ensure that Tenants and Third-Party service providers are adequately insured to be on our premises
Legal Bases for Processing
Our legal bases for processing your data are usually ‘legitimate interests’ (for activities related to the everyday functioning of the church) [GDPR Article 6.1(f)] and ‘consent’ (for everything else) [Article 6.1(a)]. In a small number of instances we rely on ‘contract’ (for example, if we are your employer) and ‘legal obligation’ (for example, in relation to safeguarding issues).
When using ‘legitimate interests’ as the legal basis for using the information you have given us we will ensure it is for a genuine purpose, necessary for the smooth running of the church family, and not invasive to your privacy. For all other purposes we will ask for your positive consent before processing your details.
We are able to process ‘special categories of personal data’ (such as your health or religious beliefs) in the course of our legitimate activities because we are a not-for-profit body with a religious aim relating to you as a member, former member, or person with whom we have regular contact [Article 9.2(d)].
Sharing Your Data
Only people appointed to specific roles within the circuit (for example, ministers and lay staff, pastoral visitors, society/circuit stewards, preachers, membership secretaries) can access your details, and what they can see is limited to what they need in order to carry out their role.
If you are appointed to a specific role within the life of the church and/or circuit we may publish your details (e.g. in announcement sheets, annual reports or our web presence) or share them directly so members and other relevant individuals/organisations can contact you. This will cease when you step down from the role.
We occasionally post photographs/video recordings taken at church events on our websites and social media. We will never identify children in photographs/video recordings. Adults may only be identified with consent for each photograph/video. The current list of church websites and social media can be found on www.irishmethodist.org/district/dublin
If you donate money to us using the Irish Charities Donations Scheme, we will send details of those gifts to the Revenue Commissioners.
We will not share your information with any other third parties without your permission unless we have a legal obligation to do so. However, we may need to share your details within the Methodist Church in Ireland, as follows:
- to comply with our Safeguarding policy when you volunteer with children and vulnerable adults.
- if your role within the Circuit means you need to receive specific information related to that role.
Security and Retention
- We use Microsoft Office 365 cloud services for digital files, which have integrated appropriate security measures to keep your data safe, including instances where their servers are located outside of the EEA.
- To prevent unauthorised disclosure of your information, our paper-based records are kept in a locked cabinet when not in use. Electronic and portable memory devices are protected by passwords or equivalent security measures. Membership software and digital documents containing personal data are either encrypted or password-protected.
- Other than our permanent records (like Membership, Baptism and Marriage Registers, or Church Council/Circuit Executive minutes) or details that need to be kept for legal compliance (such as Safeguarding notes), we will remove your information from our systems no less than six years after your last personal contact with us (or after you turn eighteen years old if you are a minor).
- One-off consent forms (such as for annual group membership or booking for trips etc) will be destroyed/erased within two years after their use.
Subject Access Request
You have the right to ensure our use of your data is lawful, and that the data we hold is accurate. If you would like to access the data we process about you, please write to us at:
Rev Mark Forsyth
Address: 137 Wheatfield, Bray, Co. Wicklow, A98 XA43
In order to locate the information you are requesting and to ensure proof of your identity, please send us:
- Your name (including any names by which you used to be known) and Date of Birth
- Address (including Eircode), e-mail address(es), telephone number(s)
- Two pieces of identification that between them clearly show your name, date of birth and current address (eg passport, photocard driving license, birth certificate, recent bank statement/utility bill)
In response, and within one month at the latest, we will send to you:
- The personal data we hold on record for you
- The types of processing we do with your data
- The people/groups with whom your data has been shared (or will be in the future)
- Our intentions regarding how long we might store your data
- OR our reasons for not providing your data
We will not charge for this service unless you make multiple requests within a short space of time.
You can learn about Data Protection principles, your rights, and more – including making a complaint about our handling of your data – from the Data Protection Commissioner (DPC) in the Republic of Ireland. Visit www.dataprotection.ie, call (0761) 104 800 or write to The Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois R32 AP23. Guidance for Methodist churches is available at www.irishmethodist.org/data-protection-resources