The PCC is governed by the Church Representation Rules 2020 (“the Rules”). It is charged with carrying forward the whole mission of the church in the Parish.

 

This policy conforms to the General Data Protection Regulation 2018.  GDPR covers personal data only.

 

The Incumbent, the Safeguarding Officer, the Parish Administrator, licensed and authorised Ministers and members of the Pastoral Team approved by the PCC hold personal data beyond contact details. Such data is held under lock and key or on computers where the machine and/or the files are password protected. 

 

1a. Pastoral records, where made, will be made with the consent of those receiving pastoral visits or phone calls, or exceptionally without consent in order to help detect or prevent a crime or for safeguarding reasons to protect vulnerable people. Records are kept centrally in the Parish Office and should be deleted from local records within 6 months. 

 

Except where there is a safeguarding concern, such data kept in the Parish Office should be held for 6 months after it is no longer needed, such as after a particular activity has ended, and then deleted.  Where there is a safeguarding concern, data should be kept indefinitely, or until  6 months after the concern has been resolved and the data is held elsewhere, such as with the Diocesan Safeguarding team. 

 

1b. Cash donations.  The Treasurer and Assistant Treasurer have access to the amount of cash contribution that attracts Gift Aid paid by each individual (“data subject”). This data is protected as detailed above.

 

1c. Online banking. All bank details are stored by NatWest. Both the Treasurer and Assistant Treasurer have separate log in details for security.

 

2a. Electoral Roll

This document lists those eligible to vote at general meetings of the church, and is available for inspection. The Rules do not require entry of any data other than names, and the inspection copy shows names only.

 

2b. Membership Lists

As an extension to the Roll, the Electoral Roll Officer also maintains membership details which add extra data for each entry:

Address;

Telephone Number; and

Email address.

This is for the purpose of communication about church business, including pastoral care..

 

Only names are now published on the official Electoral Roll. Members will be asked to provide address and telephone data; they will be asked for express consent to retention of email address.

 

All details will be available to:

• The Vicar and licensed ministers on the staff of the parish

• The Officers of the PCC, including Parish Safeguarding Officer

• The Electoral Roll Officer

• The Parish Administrator

• Leaders of groups to which the member belongs (e.g. Servers, Ringers)

• Other members of those groups for operational purposes, e.g. rota swaps.

 

Leaders of groups must ensure that they keep all personal details secure, up to date and relevant.

 

Similar data about members of the congregation who are not on the Electoral Roll, either because they are unable to enrol (e.g. Retired clergy) or because they have chosen not to appear on the Electoral Roll, are kept after the provision of written consent, renewable with the Electoral Roll every 6 years.

 

2c. Messy Church

Those attending Messy Church are asked to provide contact details including email addresses each time they attend. Details not found on a register in the previous 18 months will be deleted, starting from 1 April 2020.

 

2d. Occasional Offices

Marriage couples, baptism families and funeral families will be asked for express consent to the retention of data to allow them to be sent cards or invitations.  Such details will be kept separately from the relevant Registers. 

 

Documentation required for legal identification purposes will be retained securely for the minimum time required by law or regulations and will then be destroyed or returned to the subject.

 

2e. Church Hall. Contact details of hirers will be retained securely by the Hall Manager for the purposes of invoicing and marketing. Details of hirers with whom no business has been done after 18 months will be deleted.

The data controller for parish administration is the Parochial Church Council. 

The data controller for data processed in relation to pastoral care is the Incumbent.

 

As Chair of the PCC, in practice the Incumbent fulfils both roles.

 

This policy will be reviewed every two years.

 

 

 

 

 

Signed:

 

 

…………  [ Rev. Robin Lodge  ]  ………………………………………………………………………..

Vicar

 

 

 

…………22 July 2025 …………………………………………………………

Date

 

Date Policy adopted by PCC: 20.11.2018

Date of latest review by PCC: 22.07.25

Date next review due: July 2027