June 2018

Our Commitment to You

Online Privacy Policy



Introduction

Trinity Life Church respects your right to privacy. The Online Privacy Policy explains how we collect, share and use personal information about you, and how you can exercise your privacy rights. The Online Privacy Policy only applies to personal information that we collect through our website “Service” and does not relate to information we gather through other means. Please refer to our Privacy Policy for detailed information on how we collect and process data across our organisation.

If you use our Service, you agree to this Online Privacy Policy and processing of your personal information in accordance with this policy. If you do not agree to this Online Privacy Policy, please do not use the Service.

If you have any questions or concerns about our use of your personal information, please contact us using the contact details provided at the bottom of this Online Privacy Policy.


Personal information we collect

We collect the following categories of personal information about you through the Service:


Information that you provide voluntarily

Certain parts of our Service may ask you to provide personal information voluntarily: for example, we may ask you to provide your contact details in order to register an account with us, to subscribe to communications from us, and/or to submit enquiries or prayer requests to us. The personal information that you are asked to provide, and the reasons why you are asked to provide it, is explained in this policy.

Specifically, the information we collect directly from you may include information like (1) your name; (2) your email address and other contact information; (3) your user name or any other name you use to identify yourself in any Service.


Information that we collect automatically

When you use our Service, we may collect certain information automatically from your device.

Specifically, the information we collect automatically may include your IP address, device type, unique device identification numbers, operating system, browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how you use the Service and how your device has interacted with our Service, including the pages of our Website accessed.

Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content interests them. We use this information to serve interest-based updates to the website, for our internal analytics purposes, to prevent fraudulent behaviour in our Service and to improve the quality and relevance of our Service.

Some of this information may be collected using cookies or similar tracking technology, as explained further under the heading “Cookies”.

Comments and Contact Forms

When visitors leave comments and send details through a form on the website we collect the data shown in the form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our website you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this website, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website. Please refer to the privacy policy of the third-party website to understand how they process your data.


Why we process your online personal information and on what legal basis

We collect and use your personal information for the following purposes. Our legal basis for collecting and using the personal information is also described below.


To provide you with an optimal Service

To customize and provide you with an optimal online Service we have a legitimate interest to collect and process necessary personal information to:

  • update and develop user profiles;
  • use cookies and track the content you access when you use your device;
  • operate our Service;
  • analyse, develop and improve the Service and user experience;
  • manage our relationship with you;
  • respond to your comments, questions and prayer requests, resolve problems and provide other kinds of support;
  • analyse, profile and customize your use of the Service;
  • send you related information, including technical notices, updates, security alerts, support and administrative messages;
  • enable you to communicate with other users who have consented to being contacted.

Who do we share your personal information with?

We will not disclose your personal information directly to any third-party recipients. However, visitor comments may be checked through an automated spam detection service.


How do we secure your personal information?

We use appropriate technical and organisational measures designed to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.

Specific measures we use include that only those of our staff (both volunteers and employees), who on behalf of their work are entitled to process personal information, are entitled to use a system containing personal information. Each user has a personal username and password to the system. The information is collected into databases that are protected by firewalls, passwords and other technical measures. We also aim to minimize the personal information that we process, and as such certain information is not permitted to be entered into our systems.


Data retention

We retain personal information we collect from you where we have an ongoing legitimate organisational need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. A user can request to see or change their personal information at any time (except they cannot change their username). Website administrators can see and edit that information.

Unnecessary and outdated personal information will be erased or anonymized in connection with the periodical reviews and also at other times when deemed necessary.


International data transfers

Personal data, such as name and email, is collected with your permission to contact you in regard to a query sent through our website. This data, along with any data held as a result of online registration, is stored in secure data centres across Europe and the United States. No other personal or sensitive data is transferred outside the EEA (European Economic Area).


Automated decision making and/or profiling

We do not use any form of automated decision making or profiling in our organisation.


Your data protection rights

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

  • The right to request a copy of the personal data which we hold about you;
  • The right to request that we correct any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary to retain such data;
  • The right to withdraw your consent to the processing at any time, where consent was your lawful basis for processing the data;
  • The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable i.e. where the processing is based on consent or is necessary for the performance of a contract with the data subject and where the data controller processes the data by automated means);
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data, (where applicable i.e. where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics).

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.


Updates to this Online Privacy Policy

We may update this Online Privacy Policy from time to time in response to changing legal, technical or organisational developments. When we update our policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material policy changes if and where this is required by applicable data protection laws.

Any changes we may make to our Online Privacy Policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy. You can see when this Online Privacy Policy was last updated by checking the “last updated” date displayed at the top of this policy.


How to contact us

To exercise all relevant rights, queries or complaints; or should you have any questions regarding this Online Privacy Policy or the processing of your personal information, please contact the TLC Data Protection Officer on 01763 230350 or use the online form here.