Your security is important to us. As part of our due care and diligence as a church, Abundant Life has an obligation to comply with our responsibilities under the new General Data Protection Regulation in respect of the data we hold and how same is handled.
The new General Data Protection Regulations (hereafter referred to as “GDPR”) came into force on 25 May 2018, and is immediately applicable in Ireland and the UK. It marks a significant change in the European Union’s Data Protection regime, with an increased emphasis on transparency and accountability in the way in which organisations (including charities) gather, store and use people’s personal information.
Abundant Life Christian Church (CHY number 19986) is a Company Limited by Guarantee, without a share capital, having is registered office at HDS Partnership, 2nd Floor, RiverPoint, Lower Mallow Street, Limerick. Abundant Life is the Data Controller, and as such holds information on its partners and congregants for the purposes of pastoral care, partnership status, any relevant information pertaining to events, courses and data pertaining to monetary gifts/donations. We also hold what is known as “sensitive data” pertaining to personal religious beliefs and affiliations. As Data Controller, we decide how your Personal Data is processed and for what purposes.
This policy provides details on the information and data we collect from our partners, volunteers and congregants in relation to our core activities: namely helping you and others to CONNECT – GROW – SERVE.
Why does GDPR Matter
GDPR is not only about safeguarding rights and compliance. it is also about meeting individual’s expectations in our increasingly digital age.
• Additional rights for individuals on how their personal data is being used
• Additional rights on erasure and portability of data
• Tighter rules on transferring data on EU citizens outside the EU
• Ability for individuals to make compensation claims
• Data processors can now be directly held accountable and responsible for data protection
“Personal Data” relates to a living individual who can be identified from that data. A living individual can also be referred to as a “Data Subject”. Identification of the Data Subject can be by the information alone or in conjunction with any other information in the Data Controller’s possession or likely to come into such possession. The processing of Personal Data is governed by General Data Protection Regulations (“GDPR”). Personal data can include names, addresses, date of birth, PPS numbers, email addresses, income/financial data and other factors specific to the identity of a person (“Data Subject”) and online identifiers such as an IP address and location data
Churches can often hold what is classified as “Sensitive Data” - specific categories of personal data related to a person’s profile, to include race or ethnicity, political, religious or philosophical beliefs, sexual orientation, health, genetic or biometric data, criminal record or trade union membership.