Salem Baptist Church will adhere to the data protection principles set out by the General Data Protection Regulation (GDPR);
This sets out how Salem will handle personal data from May 2018.
In particular, the importance of keeping accurate information that is up to date, safeguarding both electronic and paper based data, only sharing information with others where it is appropriate to do so, disposing of it safely in a timely manner and ensuring all staff and volunteers understand the importance attached to this subject and receive appropriate training.
Salem processes personal data under the “legitimate interests” provision for our community.
In particular:
Keeping sensitive data – Salem will only hold data, both by electronic and paper based, that is necessary to fulfil our role. Electronic data will be retained in encrypted format. Paper based records will be stored in locked filing cabinets at Salem.
A review of data will be conducted every 3 months and details no longer needed to fulfil the role will be securely deleted/destroyed.
Communication sensitive data – Salem will exchange sensitive data only with those that have a right to have this information.
Communication via electronic means, including emails, will be encrypted where possible. In particular, where secure systems are provided these will be utilised.
Transparency - Salem will provide all members of our community with a brief guide on how we hold and use data.
Salem is not registered with the Information Commissioners Officer (ICO), but will comply with the legislation and become registered if required
We benchmark Salem against the advice on “get safe online” as recommended by the ICO.
All new contacts will be made aware of this subject and new employees and volunteers will be made aware as part of their induction. Practical considerations are addressed as below.
Subject access requests should be made to the Data Protection Officer
Breaches of information will be reported in accordance with guidelines.