Privacy Notice

The Parochial Church Council (PCC) & Vicar of Woolley with West Bretton


1. Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the PCC or vicar’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”) which takes effect from 25 May 2018.

2. Who are we?
The PCC of Woolley with West Bretton is a data controller (contact details below). The vicar of Woolley with West Bretton is a separate data controller. This means they each decide how your personal data is processed and for what purposes.

3. What data do the PCC and/or vicar (the data controllers) process now or in the future?
Some or all of the following will be processed where necessary to perform their tasks:

  • Names, titles, (and aliases if applicable) as provided by you
  • Photographs (we will seek additional permission on each occasion before any photographs are taken);
  • Contact details such as telephone numbers, addresses, and email addresses;
  • Where they are relevant to our mission now or in the future, or where you provide them to us, we may process demographic information such as gender, age, date of birth, marital status, nationality,
  • Where you make donations or pay for activities, financial identifiers such as bank account numbers sort codes and amounts donated,
  • Some of the data we process is likely to constitute sensitive personal data because, as a church, it may reveal your religious beliefs (Baptisms, confirmations, Church Electoral roll).

4. How and why do we process your personal data?
The vicar & PCC of Woolley with West Bretton complies with their obligations under the “GDPR” by:
keeping personal data up to date;

  • by storing and destroying it securely;
  • by not collecting or retaining excessive amounts of data;
  • by protecting personal data from loss, misuse, unauthorised access and disclosure and
  • by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for the following purposes: –

  • To enable us to provide a voluntary service for the benefit of the public within the parish of Woolley with West Bretton
  • To minister to you and provide you with pastoral and spiritual care (such as visiting you when you are seriously ill or bereaved) and to organise and perform ecclesiastical services for you, such as home communion, thanksgivings, baptisms, confirmations, weddings and funerals;
  • To enable us to meet all legal and statutory obligations (which include maintaining and publishing our church electoral roll in accordance with the Church Representation Rules, keeping financial records for gift aid and/or HMRC purposes, );
  • To administer membership records – electoral roll members, other regular members, PCC officers, Deanery Synod reps ;
  • To fundraise and promote the interests of St Peter’s Church ;
  • To manage our volunteers by compiling rotas;
  • To maintain our own accounts and records (including the processing of gift aid applications and the retention of consent forms);
  • To carry out from time to time surveys and seek your views or comments;
  • To inform you of news, events, activities and services running at or for St Peter’s Church and the Diocese of Leeds

5. What is the legal basis for processing your personal data?
a) Some personal data is processed because it is necessary for our legitimate interests, or the legitimate interests of a third party (such as another organisation in the Church of England). Legitimate interest is appropriate where we use your data in ways you would reasonably expect and which have a minimal privacy impact, We will always take into account your interests, rights and freedoms and you can let us know at any time if you do not wish us to contact you.

Our legitimate purposes include-

  • Membership lists for specific church groups and administration lists – we use personal data to compile lists which ensure that members are kept informed of church meeting dates and times and any other church related issues. The lists also provide contact numbers in the event of an emergency. The administration lists ensure that our church services/activities are supervised appropriately particularly with regard to DBS/safeguarding issues
  • Rotas – our various rotas enable us to function as a religious organisation and to provide our services for the benefit of the public and to other church members
  • Fundraising/giving reviews – the personal data of regular church members, those on the church electoral roll and other regular donors is used to contact them about fundraising initiatives or giving reviews. We will not make contact by electronic means (email and/or text message) unless additional explicit consent has been given to this method

b) Some of our processing is necessary for compliance with a legal obligation. Current examples are:

  • Church Electoral roll – we are required by the Church Representation Rules to administer and publish the electoral roll,
  • PCC/churchwarden/deanery synod nominations – we are required by the Charities Act to process the forms to evidence that officers are eligible to serve.
  • Gift aid records (declarations and envelopes) – we are required by HMRC to process your data to evidence taxpayer status and amounts paid in support of our gift aid claims.
  • Attendance records for children and youth activities – we are required under church law to keep a list of children or youth who attend a church service or activity unaccompanied by an adult
  • Financial records – purchase invoices, expense receipts, bank statements, non gift aid income receipts are processed in accordance with HMRC requirements.
  • Complaints/correspondence relating to Pastoral Care, Safeguarding and Health and Safety – we are required by law to retain correspondence of this nature and to note the action taken
  • Recruitment of volunteers and/or employees – we are required by law to process personal data to meet our obligations under employment, social security or social protection law. Data is also processed to meet safeguarding requirements.
  • Publication of banns – we are required under Canon Law to announce forthcoming weddings
  • Baptism, confirmation, weddings – we are required by law to process data to enable the necessary registers, to be completed and certificates/licences to be issued.

c) Some of our processing requires explicit consent of you (the data subject) so that we can keep you informed about news, events, activities and services in the parish and keep you informed about diocesan events.

If you do not regularly attend church in the parish and/or are not on the church electoral roll, we will seek your consent to keep in touch with you regarding events and initiatives in the life of the church.

d) Special category data – Additional legal basis is required for processing data carried out by a not-for-profit body with a religious aim.

Applications for baptisms, confirmations and Church Electoral roll enrolment reveal your religious belief. We process the data for the purpose intended and where it is within our legitimate interests and/or we have other legal reasons to do so. The application forms for baptisms, confirmations and church electoral roll enrolment need your consent.

Where your religious beliefs need to be processed but no consent is requested the legal basis for processing is based on the following-

  • the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and
  • there is no disclosure to a third party without your consent.

6. Sharing your personal data
Your personal data will be treated as strictly confidential and will only be shared with other members of the church in order to carry out a service to other church members or for purposes connected with the church.
We will only share your data with third parties outside of the parish such as the Leeds Diocese, other Church of England bodies, HMRC re gift aid, weddings, insurance and safeguarding purposes) where there is a legal requirement to do so. We will seek your consent in other instances.

From time to time we provide links in our website and/or church Facebook page to other organisations which we are not connected to but may be of interest to you. We do not share your information with them and would advise you to check the privacy notice of the 3rd party website that you choose to visit.

7. How long do we keep your personal data[1]?
We keep data in accordance with the guidance set out in the guide “Keep or Bin: Care of Your Parish Records” which is available from the Church of England website [see footnote for link].
Specifically, we retain electoral roll data while it is still current; gift aid declarations and associated paperwork for 6 years after the calendar year to which they relate; and parish registers (baptisms, confirmations, marriages, funerals) permanently.

8. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –

  • The right to request a copy of your personal data which the vicar and/or the PCC of Woolley with West Bretton holds about you;
  • The right to request that the vicar and/or PCC of Woolley with West Bretton corrects any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary for the vicar and/or PCC of Woolley with West Bretton to retain such data;
  • The right to withdraw your consent at any time to the future processing of your personal data but not the prior use.
  • The right to request that the PCC or vicar provide you with your personal data
  • The right to object to the processing of personal data (where applicable)
  • Where there is a dispute in relation to the accuracy or processing of your personal data, you have the right to request that a restriction is placed on further processing;
  • The right to lodge a complaint with the Information Commissioners Office.

9. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use and setting out the relevant purposes and processing conditions. Where and whenever necessary we will seek your consent prior to commencing the new processing

10. Transfer of Data Abroad
Any electronic personal data transferred to countries or territories outside the EU will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union.
Some personal data is processed and stored in the cloud using either Google Drive and/or Microsoft Onedrive.

11. Contact Details
To exercise all relevant rights, queries of complaints please in the first instance contact the PCC Secretary / vicar [email – or phone 01226 382550 or write to The Vicarage, Church St, Woolley Wakefield WF4 2JU].

You can contact the Information Commissioners Office on 0303 123 1113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

[1] Details about retention periods can currently be found in the Record Management Guides located on the Church of England website at: –

Privacy notice date: 21/05/2018