DATA PROTECTION PRIVACY POLICY




Your Privacy


What is the purpose of this Privacy Policy?

Food+ Bromley is a charitable service, which is an initiative of Citygate Church, that provides food/other practical help to low income individuals and families. Food+ Bromley and Citygate Church are joint “data controllers” which means we have to tell you certain information when processing your personal information. We may input personal information into ChurchSuite or may ask you to do so yourself. We may collect information from you in person or we may ask you to fill in paper forms or input information into other systems that the charity uses. We have also included in this policy information about other forms of processing that we may carry out. Registered Company No. 5400985, Registered Charity No. 1111470.


What is ChurchSuite?

ChurchSuite Software (“the Services”) is designed to help us administer our services and provide all elements of support to our staff and volunteers. Our staff/volunteers may be provided with access to a user account, which they can use to provide us with information (including personal information), update preferences and access options to allow the booking of events and recording attendance. If we set up an account on behalf of staff or volunteers, then we will input personal information from you that we collected from you in person, on paper forms and from contact forms on our website. We will also collect information from you when you update your user account on ChurchSuite.

The Services should bring benefits to everyone as we can stay in touch with you much more easily and you can provide us with information in a quick and efficient way.

If you have any queries about this Privacy Policy or how we use your personal information, please contact;

Citygate Church, 22 Rectory Road, Beckenham, BR3 1JA.

Our Data Protection Lead is Mellissa Whittle who can be contacted at the above address or email at info@citygatechurch.co.uk.

This Privacy Policy relates to your use of Food+ Services and tells you:

We last updated this Privacy Policy on 22/05/2018.


What information do we process about you?

We process information about you when you enquire about using Food+ Bromley services, when we provide you with our services or when you are interested in supporting us. We will also process information about you when you contact us to apply for a role as member of staff or volunteer.


Referral Agencies

We may collect the following information about you;

We will use the information we collect from you including name, address, email and telephone number to contact you in relation to clients you refer to us. We may also contact you with information about other free services that we may be able to offer to clients or invite you to give us feedback regarding our Food+ Bromley services. We will use your information to remain in contact with you for support, and information on client progress and fundraising events.


Food+ Bromley Clients

We may collect the following information about you;

We will use information we collect about you from yourself, charities and local organisations (with your permission) such as your name, address, email and telephone number to make initial contact with you to provide information on our Food+ Bromley services.

We will then use your information to provide you with access to our foodbank and use your information to remain in contact with you to support and to record your progress. We may also contact you with information about other free services that we may be able to offer or invite you to give us feedback regarding our services.


Supporters

We may collect the following information about you;

We will use the information we collect from you, including your level of support for Food+ Bromley and location to inform you of the work we do. We will also thank you and invite you to continue to support us. We might also use your information to invite you to fundraising events or to ask if you would consider increasing your support.


Staff / Volunteers

We may collect the following information about you;

We will use the information we collect from you to process and consider your interest /application for a role at Food+ Bromley. Your information will only be shared with our Human Resources department and Food+ staff who will be involved in the selection process.



HOW WE USE SENSITIVE PERSONAL INFORMATION

“Special categories” of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We may process special categories of personal information in the following circumstances:

  1. In limited circumstances, with your explicit consent recorded in writing (e.g. where you tell us information in order to obtain support and pastoral care from us – for example this could relate to physical or mental health).
  2. Where we need to carry out our legal obligations (e.g. ensure DBS checking is done where appropriate)
  3. Where it is needed in the public interest and in line with our data protection policy.
  4. Where It Is needed in connection with our children and vulnerable adults protection policy

Less commonly, we may process this type of information where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.


What this means in practice

We may use your sensitive personal information in the following ways:

In all cases where we require consent, we will seek your written consent or record your consent in writing to allow us to process certain sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.



The below information is applicable to everyone that has access to Food+ Bromley services


Sensitive Personal Information

We may also collect, store and use the following “special categories” of sensitive personal information (if you give us this information)


Personal Information we collect automatically

When you use the Services, we may collect certain information automatically such as:


Cookies

We use cookies to collect information automatically. A cookie is a small file of data which our website places on your computer’s hard drive. The cookies give us information such as details of your visits to our website and information about other websites that you visit.

Cookies allow websites to respond to you as an individual and let us tailor our website to your needs, likes and dislikes by gathering and remembering information about you. We use cookies to help us to provide you with a better website.


Cookies that we use

Google Analytics


How to delete and control cookies

Most computers automatically accept cookies, but you can change your settings so that you will not receive cookies and you can also delete existing cookies from your computer.

If you do change your settings, you may find that some parts of our website will not function properly. If you do not adjust your settings, you will accept cookies provided by the website.

To find out how to delete cookies or adjust their settings please visit http://www.allaboutcookies.org/.


Photographs/Videos

We may use your image or likeness (photographs or videos) for use in our information packs and marketing materials, but we will never disclose your name or other personal details.

How we use your Personal Information

Our legal basis for using your information

The law only allows us to use your personal information in certain limited circumstances. We have listed these below and what information they allow us to process.


  1. Where it is necessary for our legitimate interests

    Your data is processed under the conditions of Article 6, 1 (f) whereby processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. We consider that this is the most appropriate condition for us to manage our services to you as you would reasonably expect that we would have to process your personal information in order to provide you with access to our services and so you can take full advantage of all our services. We have put safeguards into place to ensure that your personal information is protected and that your fundamental rights and freedoms are not overridden.

    Examples of how we may use your information for administration purposes:


  2. Where you have consented to us using your personal information

    Examples of how we may use your information with consent


  3. Where we need to perform the contract we have entered into with you

    Examples of how we may use your information in order to comply with a contract that we have entered into with you:


  4. Where we need to comply with a legal obligation

    Examples of how we may use your information to fulfil a legal obligation



Sharing your Personal Information


Other third parties

We may share your information with certain third parties including:

We work with the following organisations:


Legal Requirements and Law Enforcement

We may also disclose your personal information to third parties:


Third Party Privacy Policies

The Services may contain links to websites owned by other organisations. If you follow a link to another website, these websites they will have their own privacy policies. We suggest that you check the policies of any other websites before giving them your personal information as we cannot accept responsibility for any other website.


Keeping your Personal Information

How we store your personal information

The security of your personal information is important to us.

We use appropriate technical and organisational measures to safeguard personal information and encryption technology where appropriate to enhance privacy and help prevent information security breaches.

Any personal information that we provide to you will be held within the EEA.

All third parties who provide services to us or our software provider are required to sign a contract requiring them to have appropriate technical, administrative and physical procedures in place to ensure that your information is protected against loss or misuse.

All information you provide to us is stored on our secure servers or on secure servers operated by a third party. Information on our third-party providers can be found above.


Retention of information

We only hold your personal information for as long as necessary for the purposes for which we collected your information.

We have internal processes to periodically review the data we hold and delete data that is no longer relevant to our purpose for processing.

We have set these timescales in accordance with any applicable legislation and where none exists then we will keep your information for the duration of any contract that you have entered into with us and then for a period of 7 years after which time it will be deleted.



Emails

If you chose to send us information via email, we cannot guarantee the security of this information until it is delivered to us.


Your rights

Access to information

You have the right to access information that we hold about you. If you wish to receive a copy of the information that we hold, please contact us at info@citygatechurch.co.uk or write to us at the address above.


Changing or deleting your information

You can ask us at any time to change, amend or delete the information that we hold about you or ask us not to contact you with any further marketing information. You can also ask us to restrict the information that we process about you.

You can request that we change, amend, delete your information or restrict our processing by emailing us at info@citygatechurch.co.uk.


Right to prevent Automated decision making

You have a right to ask us to stop any automated decision making. We do not intentionally carry out such activities, but if you do have any questions or concerns we would be happy to discuss them with you and you can contact us at info@citygatechurch.co.uk.


Transferring Personal Information

You have the right to request that your personal information is transferred by us to another organisation (this is called “data portability”). Please contact us at info@citygatechurch.co.uk with the details of what you would like us to do and we will try our best to comply with your request. It may not be technically feasible, but we will work with you to try and find a solution.


Complaints

If you make a request to us under this Privacy Policy and you are unhappy with the response, you can ask for the request to be reviewed under our internal complaints procedure.

If you have been through the internal complaints procedure and are still not happy with the result, then you have the right to complain to the Information Commissioner’s Office. They can be contacted as follows:

Website: www.ico.org.uk

Telephone: +443031231113

Address:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF


Changes to our Privacy Policy

We review our Privacy Policy on a frequent basis to check that it accurately reflects how we deal with your information and may amend it if necessary. You should check this page regularly to see the most up to date information.



How to Contact us

We welcome questions, comments and requests regarding this Privacy Policy which can be sent to info@citygatechurch.co.uk.