Data Protection Documents
From this page you can access the following documents which are intended to help our churches comply with current Data Protection legislation (including GDPR)
The Guideline Leaflet L13: Data Protection
should be read by at least one person in your church. Among other things this includes a Checklist and Action Points which churches will find helpful to work through as well as some ideas for training within your church.
Revised on 25 October 2018 to remove all references to previous legislation. We have also added an index to make it easier to navigate.
A Template Policy for churches
to adapt as appropriate and adopt. This is available as a Word Document
and in pdf form.
Please note that this should be read alongside our Guideline Leaflet (L13)
. Not every part of this policy will be relevant to all churches.
for use in a Church Meeting or other similar gathering.
We have a PowerPoint Presentation
(also available in PDF format
Feel free to adapt these for your own use.
A Frequently Asked Questions document [Updated 25 October 2018]
Sample Privacy Statements
as a Word Document and a sample Contact and Consent Form
[Available as a Word Document
and in pdf form
] for collecting information from Church Members (and regular attenders). Please note that all of these are samples and must be adapted to suit your own church's practices and procedures. When producing a form to collect information please remember to only collect the information you actually need.
Guidance for churches on handling Data Subject Access Requests
(DSARs). [Added June 2019]
A basic Information Audit Template
to help churches to identify and compile a list of the information they process. This will help with Sections 13 and 16 of the Template Policy and is available as a Word Document
and in pdf form. [NOTE: Revised version added 01 March 2018. This has an additional column to record where consent records are kept]
A suggested Data Retention Schedule
for churches to adapt for their own use. This is available as a Word Document
and in pdf form. [Updated 25 October 2018]
Some of the time periods given relate to legal requirements and other are 'Good Practice' and we have indicated this in the document. Data Protection Guidance is that personal information should not be kept for any longer than you need it. Individual churches will need to decide what that means in their own context.