If a church holds personal data either on a computer or in a paper-based filing system it must follow the rules set out in the Data Protection Act 2018. This leaflet, which has been revised to take the new GDPR regulations into account, explains what this means for churches. It should however only be taken as general guidance. If churches have questions that fall outside the scope of this leaflet then we would advise that you contact the Information Commissioner’s Office for their advice.
Please note that we now have web-page dedicated to Data Protection which includes a template policy for churches. This can be found at www.baptist.org.uk/gdpr