1. Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be made by the information alone or in conjunction with any other information in the data controller’s possession, of that which is likely to come into the data controller’s possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
2. Who is the data controller?
Chester Diocesan Board of Finance (CDBF) is the data controller. Contact details can be found below. This means it decides how your personal data is processed and for what purposes.
3. How does it process your personal data?
CDBF complies with its obligations under the “GDPR” by:
- keeping personal data up to date;
- by storing and destroying it securely;
- by not collecting or retaining excessive amounts of data;
- by protecting personal data from loss, misuse, unauthorised access, and disclosure; and
- by ensuring that appropriate technical measures are in place to protect personal data.
It uses your personal data for the following purposes:
- To enable it to provide a voluntary service for the benefit of the public within the Diocese of Chester.
- To administer records of:
- Pastoral Workers;
- Youth, Family and Children’s Workers;
- DCC and PCC Officers;
- Authorised Lay Ministers, Diocesan and Deanery Synod members; and
- Cathedral, CDBF and DBE Committees
- Others with a role related to the work of the Diocese of Chester
- To fundraise and promote the interests of the Diocese;
- To manage its employees and volunteers;
- To maintain its own accounts and records (including the processing of gift aid applications); and
- To inform you of news, events, activities, and services running either within the Diocese of Chester or further afield through:
- Digital and hard copy communications
- Synodical election processes
4. What is the legal basis for processing your personal data?
- The processing is in accordance with the legitimate interest of CDBF in supporting and promoting the work of the Church of England in the Diocese of Chester; and
- Processing is carried out by a not-for-profit body with a political, philosophical, religious or trade union aim provided:
- the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and
- there is no disclosure to a third party without consent except as set out in 5 below.
- Consent of the data subject so that it can keep you informed about news, events, activities and services and process your gift aid donations and keep you informed about diocesan events;
- Processing is necessary for carrying out obligations under employment, social security or social protection law, or other contractual matters;
- The processing is necessary to protect the individual’s “vital interests”;
- Processing is necessary for carrying out obligations under Ecclesiastical law or other similar legal obligations;
5. Sharing your personal data
As has been the case for many years, contact details for certain official roles within parishes and the diocese may be shared widely including with the general public. Where this is the case and as found in the description of the Privacy Levels for CMS we will expect people to set the level to Public. This will be clearly indicated on CMS and people will be given the opportunity to provide alternative contact details if needed.
Please see Annexe B for the Privacy Levels on CMS explained.
For all privacy levels it is important to note that:
- Some data will be shared when your consent has been obtained.
- Some data will be shared if legitimate interest necessitates us to do so.
- Some data will be shared when we are legally required to do so.
When we hold your data it may be shared within the Church of England and certain third parties as set out in Annex A, in order to carry out a service to other church members or for purposes connected with the Diocese.
Otherwise, your personal data will be treated as confidential.
6. How long do we keep your personal data?
We keep data in accordance with the guidance set out in the guide “Save or Delete: the Care of Diocesan Records” which is available from the Church of England website at https://www.churchofengland.org/more/libraries-and-archives/records-management-guides
7. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
- The right to request a copy of your personal data which CDBF holds about you;
- The right to request that CDBF corrects any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for the CDBF to retain such data;
- The right to withdraw your consent to the processing at any time;
- The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability).
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data, (where applicable);
- The right to lodge a complaint with the Information Commissioners Office.
8. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
9. Contact Details
To exercise all relevant rights, queries of complaints please in the first instance contact the Diocesan Secretary at Church House, 5500 Daresbury Park, Daresbury, WARRINGTON WA4 4GE, telephone number: 01928 718834 or firstname.lastname@example.org
Alternatively, you can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Parties with whom some data may be shared: -
- The Bishops of Chester, Birkenhead and Stockport
- The Archdeacon of Chester
- The Archdeacon of Macclesfield
- Chester Diocesan Board of Finance
- Chester Diocesan Board of Education
- Chester Diocesan Academies Trust
- Transforming Lives Together
- The Chancellor for the Diocese of Chester
- The Diocesan Registrar
- Chester Cathedral
- Diocesan Clergy and Licensed lay ministers
- Parochial Church Councils and Bishop’s Mission Orders within the Diocese
- Diocesan Deanery Synods
- Other Diocesan bodies under Diocesan Synod that may be established from time to time and will be added to this list.
- Other Dioceses in the Church of England
- The National Church of England Institutions
- Other official Church of England organisations
- Employees, office holders, volunteers, other recognised roles and contractors of the above offices and organisations.
The contact details of Petitioners and/or applicants on individual applications may be shared, through the Online Faculty System (OFS): -
- The Archdeacon of Chester
- The Archdeacon of Macclesfield
- The Chancellor for the Diocese of Chester
- The office of the Diocesan Registrar
- Statutory Consultees (The Church Buildings Council, Historic England, national Amenity Societies and local authorities)
- to facilitate the consideration of applications for either a Faculty or a Matter not requiring a Faculty under the Faculty Jurisdiction Rules
In addition to the above Clergy details will also be provided: -
- Periodically to Crockford’s Clerical Directory
- When necessary, by the Diocesan Surveyors department to its representatives for the purpose of undertaking works of repair Diocesan clergy housing and the letting of Diocesan properties
- To the relevant local authority (in respect of Council Tax) and utility companies (in respect of supplies of energy to the property
- To the relevant Church of England National Institutions in processing stipends, pensions and other national services.
- In compliance with our legal responsibilities
Annexe B – Privacy Levels on CMS explained
Any individuals holding certain roles, which we consider as public offices, are strongly encouraged to set the access settings to “Public” on the CMS. This means that their details will be made available to the General Public, such as the Diocesan Website.
Roles considered as such public offices:
As an organisation, we are encouraging all those with roles in the parish to continue to grant access to others within the Diocese and wider Church of England in connection with the work of the Diocese, as this will help with the efficient function of the Diocese of Chester. Much as we have done previously by agreeing to the inclusion of personal data in the publicly available diocesan Yearbook.
We will not however make details available on public websites.
This means that their data will be available to staff and office holders in Church House and Bishop’s House and be shared as per Privacy Notice.
Please do consider whether this is needed as others outside Church House and Bishop’s House will not be able to contact you and this will make your role in the Diocese harder to undertake.
To make this site work properly, we sometimes place small data files called cookies on your device. Most big websites do this too.
What are cookies?
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
How to control cookies
You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.