GDPR

General Data Protection Regulations 2018

The General Data Protection Regulation (GDPR) became law in the UK in May 2018. It replaces the existing law on data protection (the Data Protection Act 1998) and gives individuals more rights and protection in how their personal data is used by organisations. Parishes must comply with its requirements, just like any other charity or organisation.

We need to obtain your consent to use your data and to keep in contact with you by letter and e-mail.

The law is complex, but there are several underlying principles, including that personal data:

1. will be processed lawfully, fairly, and transparently.

2. is only used for a specific processing purpose that the data subject has been made aware of and no other, without further consent.

3. collected on a data subject which should be “adequate, relevant and limited.” i.e. only the minimum amount of data should be kept for specific processing.

4. must be “accurate and where necessary kept up to date”

5. should not be stored for longer than is necessary, and that storage is safe and secure.

We have posted privacy notices in both churches, the parish centre and on our web site, we have copies of the consent form available in church and they will be handed out today and in the coming weeks.

Mark Hill is the PCC person responsible for GDPR and can provide you with further information and a simple guide to GDPR.

Norton Parish Data Privacy Notice

Norton Parish Consent Form 1

Norton Parish Consent Form 2