Data Privacy Policy


Safeguarding Policy

Data Privacy Policy

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

Who are we?

The PCC of St James and All Saints and Christ Church, Gloucester is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.

How do we process your personal data?

The PCC of St James and All Saints and Christ Church, Gloucester complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for some or all of the following purposes: -

  • To enable us to meet all legal and statutory obligations (which include maintaining and publishing our electoral roll in accordance with the Church Representation Rules);
  • To carry out comprehensive safeguarding procedures (including due diligence and complaints handling) in accordance with best safeguarding practice from time to time with the aim of ensuring that all children and adults-at-risk are provided with safe environments;
  • To minister to you and provide you with pastoral and spiritual care (such as visiting you when you are gravely ill or bereaved) and to organise and perform ecclesiastical services for you, such as baptisms, confirmations, weddings and funerals.
  • To enable us to provide a church body voluntary service for the benefit of the public in a particular geographical area.
  • To administer membership records;
  • To fundraise and promote the interests of the charity;
  • To manage our employees and volunteers;
  • To maintain our own accounts and records (including the processing of gift aid applications);
  • To inform you of news, events, activities and services running at St James and All Saints and Christ Church, Gloucester
  • To process a donation that you have made (including Gift Aid information);
  • To seek your views or comments;
  • To notify you of changes to our services, events and role holders;
  • To send you communications which you have requested and that may be of interest to you. These may include information about campaigns, appeals and other fundraising activities;
  • To process a grant or application for a role;
  • Using CCTV systems for the prevention and prosecution of crime.

We collect personal data in some or all of the following ways;

  • Names, titles, and aliases, photographs;
  • Contact details such as telephone numbers, addresses, and email addresses;
  • Where they are relevant to our mission, or where you provide them to us, we may process demographic information such as gender, age, date of birth, marital status, nationality, education/work histories, academic/professional qualifications, hobbies, family composition, and dependants;
  • Where you make donations or pay for activities such as use of a church hall/other premises financial identifiers such as bank account numbers, payment card numbers, payment/transaction identifiers, policy numbers, and claim numbers.

The data we process is likely to constitute sensitive personal data because, as a church, the fact that we process your data at all may be suggestive of your religious beliefs. Where you provide this information, we may also process other categories of sensitive personal data: racial or ethnic origin. And, where this is relevant, mental and physical health, details of injuries, medication/treatment received, and criminal records, fines and other similar judicial records.

What is the legal basis for processing your personal data?

  • Most of our data is processed because it is necessary for our legitimate interests, or the legitimate interests of a third party (such as another organisation in the Church of England). An example of this would be our safeguarding work to protect children and adults at risk. We will always take into account your interests, rights and freedoms.
  • Some of our processing is necessary for compliance with a legal obligation. For example, we are required by the Church Representation Rules to administer and publish the electoral roll, and under Canon Law to announce forthcoming weddings by means of the publication of banns.
  • We will seek explicit consent to keep you informed about news, events, activities and services and keep you informed about local church and other diocesan events.
  • We may also process data if it is necessary for the performance of a contract with you, or to take steps to enter into a contract. An example of this would be processing your data in connection with the hire of church facilities.
  • Processing is necessary for carrying out legal obligations in relation to Gift Aid or under employment, social security or social protection law, HMRC and other statutory requirements.
  • Where we have PCC employees we may process information in line with payroll and pension, HMRC, safer recruitment including DBS checks, and other statutory requirements.
  • Religious organisations are also permitted to process information about your religious beliefs to administer membership or contact details.
  • Where your information is used other than in accordance with one of these legal bases, we will first obtain your consent to that use.

Sharing your personal data

Your personal data will be treated as strictly confidential. It will only be shared with third parties where it is necessary for the performance of our tasks, where you first give me your prior consent, or in respect of a legal/statutory obligation. It is likely that I will need to share your data with some or all of the following (but only where necessary):

  • The appropriate bodies of the Church of England including the other data controllers.
  • Other clergy or lay persons nominated or licensed by the bishops of the diocese to support the mission of the Church in our parish. For example, our clergy are supported by our area dean and archdeacon, who may provide confidential mentoring and pastoral support. Assistant or temporary ministers, including curates, deacons, licensed lay ministers, commissioned lay ministers or persons with Bishop’s Permissions may participate in our mission in support of our regular clergy;
  • Other persons or organisations operating within the diocese as appropriate.
  • On occasion, other churches with which we are carrying out joint events or activities.
  • External statutory bodies (police, social care etc) where this is legally required.
  • In the event of employee related tasks including payroll and pension provisions.

How long do we keep your personal data?

We keep data in accordance with the guidance set out in the guide “Keep or Bin: Care of Your Parish Records” which is available from the Church of England website.1 Specifically, we retain electoral roll data; gift aid declarations and associated paperwork for six years after the calendar year to which they relate; and parish registers (baptisms, marriages, funerals) permanently.

Details about retention periods can currently be found in the Record Management Guides located on the Church ofEnglandwebsiteat:

Your rights and your personal data

Unless subject to an exemption, or overruled by other obligations, under the GDPR, you have the following rights with respect to your personal data: -

  • The right to request a copy of any personal data which the PCC of St James and All Saints and Christ Church, Gloucester holds about you;
  • The right to request that the PCC of St James and All Saints and Christ Church, Gloucester corrects any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary for the PCC of St James and All Saints and Christ Church, Gloucester to retain such data;
  • The right to withdraw your consent to the processing at any time
  • The right to request that the data controller (the PCC) provides the data subject (you) with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable). [Only applies where the processing is based on consent or is necessary for the performance of a contract with the data subject and in either case the data controller processes the data by automated means].
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data, (where applicable)
  • This right only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics).
  • The right to lodge a complaint with the Information Commissioners Office.

Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

Marketing permissions and seeking consent

Whilst there may be an expectation that people involved in the life of the diocese in many ways would expect to receive information from the PCC through email, post, social media etc; the PCC is required through data regulations to ensure that it asks for your permission to do so in certain circumstances; and to ensure that it makes you aware of your rights in doing so.

Email and text
We will ask for your permission to contact you in this way.
Postal marketing
From time to time we may send you information about the diocese and its work unless you have told us you would prefer not to receive this information by post.
Bulletins and newsletters
The PCC will, in the main, require individuals to personally opt in and out of electronically sent information such as church newsletters. This ensures that individuals are able to manage the information they wish to receive.

Changes to this Privacy Notice

The PCC will review this Privacy Notice regularly and may update it at any time - for example in the event of legal changes, to improve how we manage data, where an issue or concern has come to light that needs appropriate response. If there are any significant changes in the way the PCC processes your personal information we will provide a prominent notice on our website or send you a notification.

Transfer of Data Abroad

Any electronic personal data transferred to countries or territories outside the EU will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union. Our website is also accessible from overseas so on occasion some personal data (for example in a newsletter) may be accessed from overseas.

Contact Details

To exercise all relevant rights, queries of complaints please in the first instance contact .


The church appoints Janet Sayers to represent the concerns and views of the vulnerable adults, children and young people at our meetings and to outside bodies. To contact her, please use the Contact page and select the appropriate person that you wish contact.


Safeguarding vulnerable adults

The following policy has been agreed and implemented by the PCC.

1)     We recognise that everyone has different levels of vulnerability and that each of us may be regarded as vulnerable at some time in our lives.

2)     As members of this parish we commit ourselves to respectful pastoral care for all adults to whom we minister.

3)     We commit ourselves to the safeguarding of people who may be vulnerable, ensuring their wellbeing in the life of this church.

4)     We commit ourselves to promoting safe practice by those in positions of trust.

5)     The parish commits itself to promoting the inclusion and empowerment of people who may be vulnerable.

6)     It is the responsibility of each of us to prevent physical, emotional, sexual, financial and spiritual abuse of vulnerable people and to report any suspected or confirmed abuse.

7)     We will supervise and support any member of our church community known to have offended against a vulnerable adult or child.

8)     We undertake to exercise proper care in the selection and appointment of those who will work with people who may be vulnerable.

9)     The policy will be reviewed annually.

10)     The parish adopts the guidelines of the Church of England and the Diocese of Gloucester.

11)     Each person who works with vulnerable people will agree to abide by these recommendations and the guidelines established by this church.

The PCC has identified the following activities involving vulnerable adults where this policy and appropriate guidance applies:

ActivityFrequencyLocationPerson Responsible
Sunday Services WeeklySt James and Christ ChurchClergy
Morning PrayerDailySt James and Christ ChurchClergy
Occasional ServicesVariedSt James and Christ ChurchClergy
Bible StudyWeeklySt James ChurchHazel Croly
Meeting PlaceBi-weeklySt James Church/ St James City FarmHazel Croly
Music GroupWeeklySt James ChurchRachel Williams
Charter Court ServiceMonthlyCharter Court, Victoria StreetPat Gifford
Craft Club2xMonthlySt James ChurchHazel Croly
Pastoral VisitingAd hocVariousClergy

Safeguarding children and young people

The following policy has been agreed and implemented by the PCC.

1)     We are aware of and will implement the House of Bishops’ Child Protection Policy ‘Protecting All God’s Children’ (2004) and the diocesan procedures. Copies of these can be accessed here

2)     We are committed to the safeguarding and care of children within our church community..

3)     We will carefully select and train ordained and lay ministers, volunteers and paid workers who work with children, using the Disclosure and Barring Service (DBS), amongst other tools, to check the background of each person as outlined in diocesan procedures.

4)     We will respond without delay to every complaint made that a child for whom we are responsible may have been harmed or is in significant danger.

5)     We will fully co-operate with statutory agencies during any investigation into allegations concerning a member of the church community. We will inform the statutory agency of any suspected criminal offences or concerns that we are made aware of in respect of our contact with children.

6)     We will offer pastoral care to any child or young person who has suffered abuse and provide them with the details of local and national support agencies.

7)     We will supervise and support any member of our church community known to have offended against a child.

8)     We will review our policy annually and as part of this check that all our procedures and activities involving children, including DBS processes and checks, are up to date.

9)     We will review our insurance policy for those working with children, ensuring we adopt the advice in the House of Bishops Policy.

10)     A copy of this policy will be displayed on the church notice board alongside a Child Line poster which can be downloaded from the NSPCC website free of charge.

11)     Each person who works with vulnerable people will agree to abide by these recommendations and the guidelines established by this church.

The PCC has identified the following activities involving children and young people to which the House of Bishop’s policy applies:

ActivityFrequencyLocationPerson Responsible
Sunday Services WeeklySt James and Christ ChurchClergy
Occasional ServicesVariedSt James and Christ ChurchClergy
Junior churchWeeklySt James ChurchTammy Newman
Church social eventsVariedSt James and Christ ChurchClergy
Open the BookWeeklySt James’ C of E Junior School hRobert Mackay
School AssemblyWeeklyHatherley Infants SchoolPat Gifford
Occasional Children’s ActivitiesVariedSt James and Christ ChurchClergy
Story BoxMonthlySt James ChurchViv Hall

This page has the Diocesan Safeguarding Advisor’s contact details and details of how anyone can report a concern.