Protecting your data is something we take seriously. This policy outlines how we collect, store and process your personal information.
This policy applies to Lighthouse Christian Church Jersey Limited, its employees, volunteers, leaders and trustees – referred to throughout this document as simply ‘Lighthouse Church’.
If you use our website and/or submit data to us, and you do not have regular contact with Lighthouse Church in connection with its purposes, then you give your consent that personal data may be processed by us in the manner described in this policy.
If you do have regular contact with Lighthouse Church in connection with its purposes, then by submitting data to us and/or using our website, we will process your personal data on the legal basis of legitimate interest, as permitted under the GDPR Article 9 Para 2(d):
Churches (not for profit bodies with a religious aim) are permitted to process sensitive data when it is carried out in the course of its legitimate interests with appropriate safeguards and on condition that the processing relates solely to…
Lighthouse Church uses personal data about living individuals for the purpose of general church administration and communication. We recognise the importance of the correct and lawful treatment of personal data. All personal data, whether it is held on paper, on computer or other media, will be subject to the appropriate legal safeguards as specified in the General Data Protection Regulation (GDPR) which is applicable to all European organisations as of 25th May 2018.
We fully endorse and adhere to the seven key principles of GDPR, which specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transportation and storage of personal data. Employees and any others who obtain, handle, process, transport and store personal data for Lighthouse Church must adhere to these principles.
The principles are summarised as follows:
We will treat all your personal information as private and confidential and not disclose any data outside of Lighthouse Church – internally it may be shared where necessary to facilitate the administration and day-to-day operations of Lighthouse Church.
There are four exceptional circumstances to the above permitted by law:
We will use your data for three main purposes:
Information contained in our database will not be used for any other purposes than set out in this policy. The database is accessed online and therefore available through any computer or smart device with internet access.
Access to the database is only available to a limited number of staff and volunteers within Lighthouse Church, who need it for church operations. Access is strictly controlled through individual usernames and complex passwords, which are selected by the individual. These credentials are not shared.
A subset of data is further available to team leaders and members for the purposes of small group and rota management. Each church member is able to control what personal information is visible to others with the use of the ‘My ChurchSuite’ tool online or via an app on a tablet or smartphone.
Those authorised to use the database only have access to their specific area of use within the database. This is controlled by the system administrators, who are the only people who can access and set these security parameters.
The database will not be accessed by any authorised users outside of the EU, in accordance with GDPR, unless prior consent has been obtained from the individual whose data is to be viewed.
All access and activity on the database is logged and can be viewed by the system administrators.
Personal information will not be passed onto any third parties outside of Lighthouse Church.
All individuals who are the subject of personal data held by Lighthouse Church are entitled to:
Ask what information the church holds about them and why.
Ask how to gain access to it.
Be informed how to keep it up to date.
Be informed what Lighthouse Church is doing to comply with its obligations under the GDPR.
Personal data subjects for data held by Lighthouse Church have the right to access any personal data that is being held in manual filing systems. This right is subject to certain exemptions: Personal Information may be withheld if the information relates to another individual.
Any person who wishes to exercise this right should make the request in writing to the Data Protection Officer of Lighthouse Church. A sample ‘Subject Access Request Letter’ is available on the Office of the Information Commissioner website.
If personal details are inaccurate, they can be amended upon request.
The Data Protection Officer is:
Lighthouse Church Jersey
La Grande Route de St Jean, St John,Jersey, JE3 4FL
Any data subject may, at any time, contact our Data Protection Officer directly with any questions concerning data protection.
Any data subject may invoke the ‘right to be forgotten’ by Lighthouse Church by contacting any employee of the controller. An employee of Lighthouse Church will promptly ensure that the erasure request is complied with.
There may be a legal basis that prohibits Lighthouse Church from actioning a data subject’s ‘right to be forgotten’ – e.g. if records must be maintained for financial auditing or child safeguarding purposes. In this instance, the request will be acknowledged but declined, and our actions and timescales will be clearly explained.
Some content on this website is drawn from third parties.
Video content embedded on this website is hosted on YouTube. YouTube Terms of Service.
Calendar events are drawn from data we host at ChurchSuite, in line with the ChurchSuite Terms of Service.
Embedded maps are provided by the Google Maps Platform via their API, in line with the Google Maps Platform Acceptable Use Policy.
©2021 Lighthouse Church Jersey