How privacy notices can ensure GDPR compliance
Data protection for charities, churches and other Christian organisations is crucial.
All need to comply with the UK GDPR’s principles. And in fact, when you look at those principles, they square well with the gospel-centred values such organisations have.
Let’s focus on three of those GDPR principles:
- fair processing
- transparency
- accountability
A key way to show compliance with these three principles is by producing and displaying a privacy notice. A privacy notice lets those who use your services, or others whose data you process (such as staff or volunteers) know how you’ll use their data.
Data subjects (someone identifiable from the data you hold about them) have a right to be informed. And displaying a privacy notice – for example on your website – is an appropriate way for your charity or church to ensure you share the correct information.
ICO privacy notice generator
The Information Commissioner’s Office (ICO) has a free privacy notice generator to help small and medium-sized charities and businesses create a bespoke privacy notice. This may be a useful free resource, particularly for churches and Christian organisations with simpler needs and limited resources.
Create your own privacy notice | ICO
The tool provides options to create:
- a privacy notice for customers and suppliers, and
- a privacy notice for staff and volunteers.
Why are there different privacy notices? The purpose for collecting and using data, and the lawful bases for processing, will differ for each data subject. So it’s important to have different privacy notices for each category of data subjects.
GDPR pack for churches and Christian organisations
If the free ICO tool doesn’t meet your needs, Edward Connor Solicitors’ GDPR Pack may be more helpful. We’ve made this pack specifically for churches and Christian organisations.
Our GDPR Pack includes a template privacy notice that you can adapt for your church or organisation’s needs. It also includes a wealth of other data protection documents such as:
- a data protection policy
- data retention policy
- data security policy
- template review forms
- template consent forms.
Need help with GDPR compliance? Contact us for more information.