Privacy Policy

1. Introduction to the Privacy Policy
This policy sets out how The Good Shepherd Mission (the GSM) processes your personal data.  This policy sets out the different types of personal data we process, why we process it and what you can do if you would like to remove your personal data or change any personal data we may hold.  It also outlines the legal rights you have in respect to your personal data.  This policy seeks to provide you with the information required by the General Data Protection Regulation (GDPR).

‘Personal data’ means information relating to a living individual who can be identified from that data. ‘Processing’ includes obtaining, recording or storing personal data and carrying out any tasks using the personal data. This notice also describes your data protection rights, including a right to object to some of the processing which we carry out.  We are the ‘data controller’ in relation to your personal data that we process, because we control the storage and use of that personal data. 

2. The basis and purposes for the GSM processing personal data
The purposes for us processing your personal data are:

  • For promoting the aims and objectives of the GSM
  • For employing staff and recruiting volunteers
  • For running activities in pursuit of the GSM’s charitable objects, including providing services to the wider community
  • For seeking financial support for the GSM and administering financial transactions and donations
  • For sending newsletters, and other information about the GSM and related events and activities
  • For communicating with staff, volunteers, church attendees and others who access our church ministries
  • For carrying out safeguarding procedures
  • For complying with a legal or regulatory obligation we may have
  • For providing pastoral care
  • For assessing your suitability for a position at the GSM that you may have applied for
  • For administrative tasks connected with the above purposes and maintaining our own accounts and records

The GSM will never use your personal data for automated ‘profiling’, i.e. to evaluate personal attributes such as economic situations or personal preferences.

The lawful bases for us processing your personal data are as follows:-

  • the processing is necessary for the performance of a contract with you, or to take steps to enter into a contract. Examples of this would be us processing your personal data in connection with your employment at the GSM, or processing your personal data with a view to offering you an employed role at the GSM
  • the processing is necessary for compliance with a legal obligation.  An example of this would be reporting Gift Aid donations to HMRC for the purpose of reclaiming tax on them. 
  • We have a legitimate interest in doing so.  The legitimate interests we rely upon are the following:- 
  • to provide a better service to you in accessing our ministries and events
  • ;to manage our relationship with you 
  • to comply with regulation or regulatory guidance, if relevant 
  • to seek to ensure network or information security 
  • ;to ensure that the candidates to whom we offer positions at the GSM are suitable for the role being offered, and to verify information provided by such candidates
  • you consent to the processing. We rely upon your consent where none of the other lawful bases are applicable, for instance to invite you to meetings and other events which we think may be of interest to you, and also to send you materials on a one-off or regular basis that you have requested.  Please note: you are able to remove your consent at any time. You can do this by clicking the unsubscribe button on any email or by contacting info@goodshepherdmission.org.uk . 

3. Categories of Personal Data processed by the GSM
We process personal data such as your name, home address, email address and phone number for the above purposes.  If you support the GSM financially, we will process personal data provided by you on donation, standing order or Gift Aid forms. Where it is relevant to our ministries, or where you provide it to us, we may process personal data such as gender, age, date of birth, marital status, nationality, languages spoken, education/work histories, academic/professional qualifications, hobbies, family composition, and dependants.  We may also hold photos of you.  Any other information you provide, such as feedback on activities/newsletters, are used to develop the work of the GSM.

3.1. Data stored by the GSM website
The GSM website uses ‘analytical’ cookies. They allow us to analyse how visitors use the site and improve the way it works. The GSM website does not store any information that would, on its own, allow us to identify individual users without your permission. Any cookies that may be used by the website are used either solely on a per session basis, or to maintain user preferences. Cookies are not shared with any third parties. If you do not wish to receive cookies you can easily modify your web browser to refuse cookies or to notify you when you receive a new cookie. However, you may not be able to use all the features of the GSM website if cookies are disabled. Our website will from time to time contain hyperlinks to other sites, both in the UK and abroad. The GSM cannot be responsible for data protection and privacy practices of these sites.

4. Who is my data shared with?
Personal data processed by the GSM is not shared with external parties unless required for:

  • Administrative processing of financial donations and transactions, when details will be shared with the GSM’s banks and HMRC as appropriate.
  • Donating through our website and Stewardship, when they will use cookies help to make the interaction between you and their website faster and easier. Cookies don't store any personal or confidential information about you.
  • Producing annual financial statements, when data will be shared with the GSM’s Independent Examiner and, if included in the final financial statements, with those who read such financial statements.
  • Complying with legal requirements, e.g. providing personal details of the GSM trustees annually to the Charity Commission.
  • Seeking advice from third parties on legal, regulatory or accounting matters
  • Ensuring the smooth running of the GSM, such as IT support contractors and third parties we might use to send out newsletters (such as MailChimp)
  • Safely storing your personal data.

 

5. How long do we hold your personal data for?
In general, we will endeavour to keep personal data only for as long as we need it or if we are legally required to do so. This may mean we have to keep some of your personal data for an extended period of time, or permanently in specific circumstances. For example, it is current best practice to keep financial records for a minimum period of seven years to support HMRC audits. Notwithstanding this, we will look to delete your personal data when it is no longer needed

6. Your rights and your personal data
You have the following rights with respect to your personal data:
When exercising any of the rights listed below, in order to process your request, we may need to verify your identity for your security. In such cases we will need you to respond with proof of your identity before you can exercise these rights.

(a) The right to access personal data we hold on you

  • At any point you can contact us to request the personal data we hold on you as well as why we have that personal data, who has access to the personal data and we obtained the information from. 


(b) The right to correct and update the personal data we hold on you

  • If the personal data we hold on you is out of date, incomplete or incorrect, you can inform us and your personal data will be updated.


(c) The right to have your personal data erased

  • If you feel that we should no longer be using your personal data or that we are illegally processing your personal data, you can request that we erase your personal data that we hold.

When we receive your request we will confirm whether the personal data has been deleted or the reason why it cannot be deleted.   For instance, there are some situations where we are legally required to hold information for a certain amount of time, for instance relating to Gift Aid donors.  

(d) The right to object to our processing of your personal data or restrict such processing

  • You have the right to request that we stop processing your personal data or that we restrict our processing of your personal data. Upon receiving the request we will contact you and let you know if we are able to comply or if we have legitimate grounds to continue to process your personal data, or to do so without applying your preferred restriction. Even after you exercise your right to object or restrict, we may continue to process your personal data to comply with your other rights or to bring or defend legal claims.   

(e) The right to data portability

  • You have the right to request that we transfer some of your personal data to another controller. We will comply with your request, where it is feasible to do so, within one month of receiving your request.   

(f) The right to withdraw your consent to the processing at any time for any processing of personal data where consent is the lawful basis for us processing such personal data.

  • You can withdraw your consent as noted above.

(g) The right to lodge a complaint with the Information Commissioner’s Office.

  • If you have concerns about the way we have processed your personal data, you can raise these with the Information Commissioner’s Office. Tel: 0303 123 1113, Website www.ico.org.uk

 

8. Contact Details
If you need to contact us to discuss any privacy matter our contact details are below. These can also be found on the contact page of our website  www.goodshepherdmission.org.uk

The Good Shepherd Mission
17 Three Colts Lane, London, E2 6JL

info@goodshepherdmission.org.uk

 

© 2023
Good Shepherd Mission
Privacy Policy