Elim Oasis Church is committed to protecting the privacy of people’s information and takes its responsibility very seriously. We will be clear and transparent about the information we are collecting and what we will do with that information.

This Privacy Policy sets out the following:

  • What personal data we collect and process about you in connection with your relationship with us and through your use of our website, mobile applications and online services.
  • Where we obtain the data from.
  • What we do with that data.
  • How we store the data.
  • Who we transfer/disclose that data to.
  • How we deal with your data protection rights.
  • The choices we offer, including how to access and update information.
  • And how we comply with the data protection rules.
  • All personal data is collected and processed in accordance with EU data protection laws.

What information is being collected?

  • Personal data is data which by itself can be used to identify a person. This includes: full name and personal details including contact information e.g. email, address home and/or business phone etc.
  • Child dedication records, Baptism records, Marriage records, records of those deceased, Church partnership records, Church partner contact details, Children’s records including contact details, Parents contact details and medical information e.g. allergies, Children’s attendance registers, Complaint letters, Correspondence about/to/from individuals, DBS information including self declaration forms, ID documents and DBS certificates, Emails including archived e-mails, Employees and ministers’ contact details, Employees and ministers’ employment records including nationality, medical, ID documents, next of kin, photographs, training records, pay roll, etc., Missionary contact details, Pastoral notes about partners or attendees, Personal financial details e.g. for gift aid and/or employees pay, Safeguarding allegations/cases and Safeguarding officer applications along with lead recruiter.

Who is collecting it?

  • The data is collected as part of Elm Oasis Church in St. Peter’s, Broadstairs, Kent, England and as part of Inter-Church events with other churches of  St. Peter’s area including Impact England, Limitless Youth and others.

How is it collected and stored?

  • We collect adult attendance records through event sign in sheets and Stay Connected cards during “Activities” including church services and community events.
  • We collect church partnership records including personal contact details.
  • Data is either stored in paper form in a locked cabinet or stored securely electronically.

What are my rights in relation to the personal information collected?

  • Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.       
  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Object to automated decision-making including profiling that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
  • Withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

How can I have my information removed or changed?

  • On event sign in sheets you have the option to control how you are contacted and change information.
  • Please email admin@elimoasischurch.com or telephone the church and leave a message with your name, phone and email address if you wish to have your data permanently removed or to make adjustments in how you are contacted.
  • We will remove or make the adjustment to the information within 20 business days of your request.
  • We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
  • Only children aged 16 or over can provide their own consent. For children under this age, consent of the children’s’ parents or legal guardians is required.

How will it be used?

  • Data will be used for notification of future events and/or emergency contact of children during an event.
  • Data will be used for roles for which where a Disclosure and Barring Service (DBS) check is required by law, for example roles involving work with vulnerable adults or children.  In these cases the person applying for that role will have the opportunity to authorise the check or choose not to apply for the role.
  • If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws.  The legal bases depend on the Activities you participate in. This means we collect and use your information only where:
    • We need it to provide you the Activities, including to operate the Activities, and to protect the safety and security of the Activities;
    • It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for safeguarding compliance, to market and promote the Activities and to protect our legal rights and interests;
    • You give us consent to do so for a specific purpose;
    • We need to process your data to comply with a legal obligation e.g. DBS checks.
  • We will not retain your data for longer than is necessary to fulfill the purpose it is being processed for. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means.
  • If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.

Who will it be shared with?

  • Data will only be used internally and will not be shared to parties outside the church, except in circumstances where we work with other local churches for joint events.
  • We restrict access to personal information to only church partners who need to know the information in order to keep track of attendance and to contact the individuals.

Our Privacy Policy may change from time to time and any changes to the statement will be communicated to you by way of an email or a notice on our website.