What is personal data?
Personal data means any information about a human which makes this particular human identifiable, including (but not limited to):
- Contact information (like address, email, phone numbers, fax numbers)
- Insurance details
- Employment history and details
- Financial, Tax & Accounting information
What is sensitive personal data?
Sensitive personal data means personal data which relates to information such as:
- Medical history
- Racial or ethnic origin
- Religious or philosophical beliefs
- Political opinion
- Trade union activities
- Criminal history
- Biometric data
What is a Data Controller? Who is the Data Protection Officer?
For the general data protection regulation (GDPR), the term “data controller” means the person or organisation deciding how and for what purpose any personal data is processed.
The data controller is EASTGATE CHRISTIAN COMMUNITY, INC, PO Box 37, Byron Bay Nsw 2481, Australia.
The data protection officer is currently being nominated. In the meantime please contact the Church for any privacy related requests in writing via PO Box 37, Byron Bay Nsw 2481, Australia.
What is a Data Processor?
A data processor is a person or organisation which processes personal data and/or sensitive personal data for the data controller.
What is Data Processing?
Data processing describes any manual or automated operation or set of operations performed on personal data or sets of it. Examples include collection, recording, organising, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction of data.
Collection of Information
From time to time the Church will collect personal information from you from the Church's dealings with you, for example, when you email the Church, sign up to the Church newsletter, call the Church, fax the Church, obtain goods and/or services from the church, such as your registration for camps, events, training and/or conferences; the purchase of resource material; or other dealings that may require your completion of a form that releases your information to us. This type of information may contain sensitive information and may include:
- Full name and title
- Any address, email addresses, phone numbers, fax numbers and online contact details such as Skype ID
- Birth date
- Marital status and dependents
- How the person heard of us
- Bank Details
- Email preferences
- Spiritual Beliefs
- Philosophical Views
- Health Status
- Any information you disclose to the Church via mail, email, phone conversations and/or online communication systems such as Skype
The information the Church collects is necessary in order for the Church to contact you and provide you with adequate pastoral care. All information collected is done so at the willingness of the provider of the information.
At the time of collection the Church will provide you with information on how to contact the church and the purpose for which the information is required, where practical. If you choose not provide the Church with requested personal information, the Church may be unable to provide you with some of the Church's services and/or access to assistance you require.
Where reasonable and practical to do so, the Church will collect an individual’s personal information from that person directly and not a third party. Where this is not the case the case the Church will take reasonable steps to ensure the first person is aware of the information the Church has collected.
The Use & Disclosure of Your Personal Information
Information is generally collected to maintain the Church's link with you by ensuring you are informed and involved within the active life of the Church. Information collected is used:
- In order for the Church to contact you and to provide you with adequate pastoral care.
- Inform you of events and or services provided by the Church.
- To answer and resolve your enquiry and or complaint.
- To register you for Camps, Seminars, Conferences, Programs, Lincs Groups, Youth, promotions and the like.
- For the promotion of events, products, services and the like, the Church believes may be of interest to you and the community.
- To undertake market research to assist with the identification of the Church’s needs.
- Personal Information may be released to the third party such as promotions companies; IT and other Web providers and associated companies; catering, accommodation, conference and transport providers; professional advisors such as government departments, medical officers, lawyers and the like; along with different departments within the church and associated entities to the church which fall under theEASTGATE banner. The release of personal information to these companies, professionals and service providers will take place to enhance and/or assist the products and/or services provided by the Church, such as promotional mail outs, Events, Conferences and the like. Should you wish to cease receiving promotional information, a written request should be made to the Privacy Officer.
- To enable people to join a Lincs Group and/or Youth or other Small Group or the like. The name and phone number of the Group Leader and the location of the Group will be supplied to interested parties.
Personal information provided that leads to the revealing of unlawful activity will be released to the appropriate authorities without the provider’s permission.
What legal basis does the church have for processing your personal data?
As a Data Controller the Church is bound by the requirements of the General Data Protection Regulations (GDPR). The legal ground for processing your personal data is formed by the consent you give to the Church when registering with the Church (newsletter) or when contacting the Church via the website forms. You can withdraw or manage your consent any time by contacting the Church data protection officer. You can also update your newsletter preferences or unsubscribe from the Church newsletters by clicking on the corresponding links in the newsletter footer (bottom).
Where does the church store and process personal data?
The Church stores and processes data across the globe. Where this is the case the Church will take steps to ensure suitable security measures are in place to protect your privacy rights as outlined in this policy. By providing the Church with your personal information and/or sensitive personal information you agree to this transfer, storing and/or processing. The Church's third-party suppliers in the USA are part of the “Privacy Shield” where participating companies are considered to have suitable data protection.
How long does the church keep your personal data for?
The Church stores and processes data to provide free services and information on an ongoing basis. The necessary data is stored until the owner requests its deletion or until the Church is permanently unable to contact the information owner.
The Church takes reasonable steps to ensure that all personal information provided is protected from misuse, loss, unauthorised access, modification or disclosure. All information provided to the Church through this website is secured through SSL encryption. To check whether the Church website is currently secure simply look for a lock icon in or near the address bar of your web browser. If the icon is present the Church website is secure. If you can’t see the icon you can also open the Church website on a different browser to see if you can see it there.
At the conclusion of processing personal information provided, the Church will take all reasonable steps to destroy or permanently de-identify that information.
The Church will not take any responsibility for the security of any information provided over the internet, or for any unauthorised access and use of that information.
EU Citizens: Your rights in relation to personal data
If you are a citizen of the European Union you have the following rights under the GDPR:
Right of access to personal information
You have the right to request a copy of the information the Church holds about you. If you would like a copy of some or of all your personal information, please contact the Church's data protection officer in writing (contact details are available at the bottom of this page). The Church will respond to your request within one month of receipt of the request.
Right of correction and deletion
It is important to the Church that your personal information is accurate and current. If you would like the Church to correct or remove information, please contact the Church's data protection officer in writing (contact details are available at the bottom of this page).
Right of withdrawal of consent
You can withdraw your consent for storing and processing your information any time. If you would like to do so, please contact outhe Church'sr data protection officer in writing (contact details are available at the bottom of this page).
Right of data portability
You have the right to receive all personal data which the Church holds of you, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another data controller without delay from the current data controller (the Church) if:
(a) The processing is based on consent or on a contract, and
(b) The processing is carried out by automated means.
If you would like to request a copy of your data, please contact the Church's data protection officer in writing (contact details are available at the bottom of this page).
Right to be Forgotten
You have the right to have all information that the Church holds about you deleted. If you would like to do so, please contact the Church's data protection officer in writing (contact details are available at the bottom of this page).
Right to lodge a complaint
If you think that your personal data has not been processed in accordance with the GDPR, you have the right to lodge a complaint with the relevant supervisory authority. This authority in Australia is the Office of the Australian Information Commissioner.
NON-EU Citizens: Your rights in relation to personal data
If you are not a citizen of the EU, the following applies to you:
Individuals wishing to gain access to their private information or make corrections to it will be granted access only when a request has been made in writing to the Data Protection Officer and sufficient proof of identification is given.
Where the Church is not legally required to provide an individual with access to their personal information, such as frivolous or vexatious requests (as outlined in the Privacy Act), access may be denied. A request for access to personal information that may be deemed unlawful (according to the Privacy Act) may be denied.
The Church will take reasonable steps to ensure that the providers of information have the opportunity to update their personal information as needed. The Church will take reasonable steps to ensure all personal information collected is accurate and up-to-date, however, the quality of the information retained by the Church depends largely on the provider’s ability and willingness to ensure their information is updated as it changes.
Use of automated decision-making and profiling
The Church may analyse your personal information to create a profile of your interests and preferences so that the Church can contact you with information relevant to you. The Church may make use of extra information about you when it is available from external sources to help the Church do this effectively.
Cookies and tracking
The Church does not use tracking cookies.
Linking to other websites / third party content
Changes to this Policy
'The Church' refers to EASTGATE CHRISTIAN COMMUNITY INC.
The 'Information Provider'/The 'Provider of Information' refers to you and/or the individual who has provided the Church with personal and/or sensitive information.
'You' refers to the individual who has provided the Church with personal and/or sensitive information.
'EASTGATE' refers to EASTGATE CHRISTIAN COMMUNITY, INC and related entities.