We will collect and use information about you to enable you to participate fully in the activities of the church enabling you to connect further into the life of the church and for Alive Church to offer enhanced pastoral care to you. The information we collect and store includes your contact details and date of birth, information about your family, information relating to your discipleship journey and your information regarding your connection points into the church.
Alive Church will always ask your permission for us to store this information. If you do not give us permission to store your information then Alive Church will be unable to effectively pastor you or inform you of activities that we believe will be of benefit to you.
In order to join some of our teams we collect further information in order for Alive Church to process a DBS check.
If you choose to give via standing order or through card payments to Alive Church, Rise and Build or Make A Difference we also collect additional information regarding your giving to Alive Church. This includes Account Number, Sort-Code, Bank Name, Branch, Account Holder’s Name, Card Number, expiry date and 3 digit security code.
If you apply to work for Alive Church we collect additional information as part of the application process, this includes: previous employment history (contact details, rate of pay), education history and hobbies.
If you are an employee of Alive Church we collect additional information to ensure our responsibilities as an employer can be met. This includes: National Insurance Number, information relating to any Student Loans you may hold.
Your information is collected by means of Alive Church forms and our Alive Church App. Our methods of collecting data include the use of:
Once we receive your information it is transferred onto password protected files and saved to our online cloud based database ‘Planning Center’ - www.planningcenter.com. Original paper copies are shredded. The information we collect comprises name, date of birth, address, telephone numbers, email address, family names and contact details, discipleship journey information (baptism date, growth track attendance dates), connect group details and team information.
The Planning Center system uses the following protocols to ensure all data is secure
The Payment Card Industry Data Security Standards (PCI DSS, or more commonly, PCI) are a set of standards set forth by the four major card associations to protect cardholder data. All merchants and processors need to have physical, electronic, and procedural controls in place to ensure that cardholder data is stored and handled securely at all times.
Whenever your data is in transit between you and Planning Center, everything is sent encrypted over HTTPS, and their databases utilise encryption at rest. They limit brute force attacks with rate limiting, and all passwords are filtered from all their logs and are one-way encrypted using industry standard bcrypt.
Planning Center employ a multilayered backup strategy that is designed to be resilient to hardware failure, regional disasters, and malicious acts. Both point in time backups and daily snapshots are available for use in recovery.
Planning Center run an ongoing bounty program through HackerOne to provide penetration testing across all of their products. These security researchers are some of the best in the world at finding vulnerabilities and responsibly disclosing them.
All of your data on Planning Center is stored in AWS data centers, which use industry leading practices in physical security, redundancy, and availability. You can learn more about Amazon's data centers here.
At the most basic level, Planning Center’s main physical space is locked and alarmed during off hours. In the event of a break-in, since their servers don't reside in their buildings, they aren't vulnerable to smash-and-grab robberies. Local computers are password protected and encrypted. In the course of conducting customer support, employees access customer data using an encrypted connection and must invoke a time-based one-time password upon connection.
To protect company data, including customer data, all employees sign a non-disclosure agreement when hired.
Planning Center works on a permissions based structure. Only designated Alive Church staff and volunteers have access to the full data within Planning Center.
Alive Church also uses Google GSuite with all of it’s staff, team leaders, ministry leaders and key volunteers. Google GSuite acts as one of Alive Church’s Data Processors. All Alive Church Google Accounts are password protected by 2-step security.
Further information regarding how Google processes your information on our behalf can be found here: Data Processing and Security Terms (Customers)
Your information is sometimes used away from the registered office. Alive Church permit the access to Planning Center and Google Accounts outside of the office. Your information may be sent via email between alivechurch.org.uk email addresses. Your information will not be emailed outside of the alivechurch.org.uk domain.
Alive Church do permit the keeping of paper registers and some forms. Paper records are always stored in locked cabinets and are transported inside folders to ensure they can not be viewed by unauthorised persons.
Once we receive your information it is transferred onto password protected files and saved to an online cloud based Google Account. These password protected files can only be accessed by designated Alive Church staff. Original Paper copies are then sent to your bank in order to set-up the Standing Order.
Electronic Giving (payment by card using the envelope scheme)
Once we receive your information it is used to process your giving via our card payment machines. The card information on the original paper envelope copy is then cut out and shredded. Once processed your card details are not stored by Alive Church. The remaining information on the envelope is then transferred onto password protected files and saved to our online cloud based Google Account. These password protected files can only be accessed by designated Alive Church staff. In order to process Gift Aid your information is transferred to www.fundfiler.com.
Fundfiler act as a Data Processor for Alive Church in regard to Gift Aid. For further information on how fundfiler process your information please visit: https://www.fundfiler.com/terms.aspx#Privacy_Policy
The remainder of the giving envelope is kept in a secure locked cupboard for 7 years in accordance with the requirements of HMRC.
DBS status, where applicable, is stored on Google Drives administered by Alive’s Safeguarding Officers. These password protected files can only be accessed by designated Alive Church staff. The records of DBS searches are recorded simply as status, viz. submitted, clear etc. Original paper DBS disclosures are destroyed.
DBS applications are processed through Groundlevel. Groundlevel acts as a Data Processor for Alive Church in regard to DBS applications. To view how Groundlevel will handle your information please visit: https://www.groundlevel.org.uk/privacy-policy
All information regarding those who are employed by Alive Church is stored on a password protected Google Account and with www.breathehr.com. These password protected files can only be accessed by designated Alive Church staff. Alive Church share employee information with Smethurst and Buckton Accountants, as one of our Data Processors in regard to Payroll.
You can find further information about how breathehr process your information by visiting: www.breathehr.com/privacy-policy
You can find out further information about how Smethurst and Buckton process your information by visiting: www.smethurstandbuckton.co.uk
Here at Alive we categorise Photos and Videos into 2 categories:
1: Photos of activities and human interaction:
Photos that show activities of the church that could not be deemed as revealing ‘religious beliefs’. Photos such as shots in social spaces, conversations, community groups, connect group socials etc.
In this instance Alive Church do not seek to gain explicit consent from you. We will never publish or use your photo with any other data that can identify you (such as your name) without your explicit consent
2: Photos of ‘Religious Beliefs’ and photos of Children, young people and vulnerable adults:
Photos that show activities such as worship, prayer, baptism, dedication etc. or photos of Children, young people or vulnerable adults:
In this instance…
Alive Church will only ever take, store and use your photo having ensured you (or your parent / guardian) have given explicit permission for us to do so.
That consent will be a written record, signed and dated.
We will never take, store, share or use a photo or video of you without your (or your parent / guardian) explicit permission.
You (or your parent / guardian) can decide not to grant us explicit permission to take, store, share or use a photo or video of you.
You (or your parent / guardian) can withdraw your explicit permission at any time and ask us to delete any photos or video that we hold.
We collect and use your information in the following situations:
Where we rely on consent to use your information, you have the right to withdraw that consent at any time. Please see the ‘Your choices and rights’ section of this policy for more details.
Acts Trust is a Lincoln-based charity (charity number 1119911) founded by Alive Church in 2006, with the aspirational goal of poverty elimination in the City. Alive Church work in close partnership with Acts Trust and therefore will share your information with Acts Trust for the purposes of keeping you up to date with the work of Acts Trust and providing opportunities for you to serve the work of the charity.
A number of the Teams and Connect Groups across Alive use Facebook Messenger and Facebook Groups / Pages to communicate with team and connect group members. You can find more information on how Facebook handle your information here: https://www.facebook.com/about/privacy/update
Alive Church uses Mailchimp to send emails regarding upcoming events, newsletters, team and connect group updates. Alive Church treat Mailchimp as one of our Data Processors. You can find more information on how mailchimp handle your information here: https://mailchimp.com/legal/privacy
We promise we will never share your information with anyone else.
The period for which we will keep your information.
We will keep your information for as long as is necessary for us to fulfill the purposes that we describe in this policy.
Your information is deactivated and/or destroyed at your request, on your death or once you have left the church following a period of 6 months of non-attendance.
You have a number of rights in relation to your information, and can make a number of choices about how we collect and use it. For example, you can decide not to receive marketing material from us, tell us how you want to receive communication from us, and object to some of the ways in which we use your information.
Please note that some of the choices or changes you make may impact our ability to communicate with you, pastor you and connect you to groups and teams that may benefit you.
You can log into Planning Center at www.planningcenter.com to:
You can contact us using the details below to:
We are Alive Church Lincoln Limited, Registered Charity No: 1140435. Registered Company No: 7494717. A company limited by guarantee having no share capital. A member of the Evangelical Alliance. Part of the Groundlevel Network of churches.
Our registered office is Alive Church, Newland, Lincoln, LN1 1XG. We are the Data Controller. Get in touch by contacting the Data Protection Lead at the above address, or you can contact the church on 01522 542166 to raise any questions or concerns.