How we use your information 

1. Your personal data what is it? 

Personal data relates to a living individual who can be identified from that data. Data for example can be a name, photograph, email address, bank details, posts on social networking websites, medical information, or a computer IP address. Identification can be by the data alone or in conjunction with any other information in the data controllers possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (GDPR). 

2. Who are we? 

Liverpool Diocesan Board of Finance is a registered charity and the financial and administrative body for the Church of England in the Diocese of Liverpool. 

3. How do we process your personal data? 

Liverpool Diocesan Board of Finance complies with its obligations as a data controller under the GDPR by: 

  • keeping personal data up to date;
  • storing and destroying it securely; 
  • not collecting or retaining excessive amounts of data; 
  • protecting personal data from loss, misuse, unauthorised access and disclosure; and
  • ensuring that appropriate technical measures are in place to protect personal data. 

4. Why do we process your personal data? 

We use your personal data for the following purposes: 

  • To deliver our charitable aims which are to promote, facilitate and assist the work and purposes of the Church of England for the advancement of the Christian faith in the Diocese of Liverpool and elsewhere and to provide a voluntary service for the benefit of the public; 
  • To administer records of clergy, laity, parish, deanery, archdeaconry, diocesan, cathedral and synod members, officers, employees, volunteers and committees; 
  • To fundraise and promote the interests of the Church of England and our charity; 
  • To manage our employees and volunteers; 
  • To maintain our own accounts and records (including the processing of gift aid applications); 
  • To carry out comprehensive safeguarding procedures and checks in accordance with best safeguarding practice from time to time; 
  • To inform you of news, events, activities, training and services running either within the Diocese of Liverpool or further afield that are relevant to your role through mailings (by email and/or hard copy), and The Bulletin (a subscription email service from which you can unsubscribe at any time). 

5. What is the legal basis for processing your personal data? 

  • Most processing is necessary for our legitimate interests or the legitimate interests of a third party (such as the Church Commissioners or another Church of England organisation) 
  • We also process data to enable us to meet our legal, contractual and statutory obligations. Examples would be to operate our payroll function or to undertake disclosure and barring checks or to process your gift aid donations; 
  • We can process information about your religious beliefs where that processing relates to members or former members (or those who have regular contact with it in connection with those purposes)and there is no disclosure to a third party without consent In all other instances your explicit consent will be obtained. 

6. Sharing your personal data 

Your personal data will be treated as confidential. We sometimes need to share the data we process with you and also with others. It will only be shared with third parties where it is necessary for the performance of our work or with your prior consent. We will need to share your data with some or all of the following: 

  • The appropriate bodies of the Church of England including other data controllers such as the Bishop of Liverpool or the National Church Institutions; 
  • Our agents, servants and contractors. 
  • Diocesan officers, bishops, archdeacons, officeholders and other clergy or lay persons nominated or licensed to support the mission of the Church of England in the Diocese. 
  • Other persons or organisations operating within the Diocese of Liverpool including, where relevant, the Liverpool Diocesan Board of Education, the Dean and Chapter of Liverpool Cathedral, the Diocesan Registry and the Chancellor of the Consistory Court for the Diocese of Liverpool; 
  • Educators and examining boards such as the All Saints Centre for Mission and Ministry 
  • Statutory consultees such as Historic England 
  • Crockfords Clerical Directory 
  • Local and central government and statutory undertakers such as utility companies in respect of supplies of energy to a property. 

7. How long do we keep your personal data? 

We will keep some records permanently (such as minutes of our trustee meetings) or for an extended period of time if we are legally required to do so. For example HMRC require us to retain financial records for a minimum of seven years. We aim to keep data only for as long as is necessary and we may delete it when it is no longer needed. 

8. Your rights and your personal data 

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: 

  • The right to request a copy of your personal data which we hold about you; 
  • The right to request that we correct any personal data if it is found to be inaccurate or out of date; 
  • The right to request your personal data is erased where it is no longer necessary for us to retain such data; 
  • The right to withdraw your consent to the processing at any time, which you can easily do by email, in writing or by telephone using the contact details below; 
  • The right to data portability which is to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller; 
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing; 
  • The right to object to the processing of personal data (where applicable); 
  • The right to lodge a complaint with the Information Commissioners Office. 

9. Further processing 

If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing. 

10. Contact Details 

To exercise all relevant rights and make queries or complaints please in the first instance contact the Data Protection Officer at:

St James House, 20 St James Road, Liverpool L1 7BY
Telephone: 0151 709 9722
By Email: GDPR@dioceseofliverpool.kinsta.cloud

Alternatively, you can contact the Information Commissioners Office:

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
By Email: https://ico.org.uk/global/contact-us/email/