Data Protection: Parishes and the 'GDPR'
The General Data Protection Regulation (GDPR) has now replaced the previous law on data protection (the Data Protection Act 1998) and gives individuals more rights and protection in how their personal data is used by organisations. Parishes must comply with its requirements, just like any other charity or organisation.
All parishes use personal information to carry out their many functions supporting the mission and ministry of the Church of England. Legislation requires and sometimes empowers individual parishes to provide goods and services to the wider Church.
They collect a wide range of personal data required for or incidental to the discharge of its functions, involving employees, clergy, pensions, housing, public consultations, recruitment and appointment etc. The Diocese of Liverpool will endeavour to ensure that each parish uses personal information in line with the expectations and interests of those with whom they come into contact, including their employees, officeholders and customers, for the benefit of the Church and wider community and in compliance with data protection legislation.
In this section, we will aid parishes in good Data Protection practices and record-keeping.