Data Privacy
What information will we collect?​
We will collect and use information about you to enable you to participate fully in the activities of the church enabling you to connect further into the life of the church and for Alive Church to offer enhanced pastoral care to you. The information we collect and store includes your contact details and date of birth, information about your family, information relating to your discipleship journey and your information regarding your connection points into the church.
​
Alive Church will always ask your permission for us to store this information. If you do not give us permission to store your information then Alive Church will be unable to effectively pastor you or inform you of activities that we believe will be of benefit to you.
In order to join some of our teams we collect further information in order for Alive Church to process a DBS check.
If you choose to give via standing order or through card payments to Alive Church, Rise and Build or Make A Difference we also collect additional information regarding your giving to Alive Church. This includes Account Number, Sort-Code, Bank Name, Branch, Account Holder’s Name, Card Number, expiry date and 3 digit security code.
​
If you apply to work for Alive Church we collect additional information as part of the application process, this includes: previous employment history (contact details, rate of pay), education history and hobbies.
​
If you are an employee of Alive Church we collect additional information to ensure our responsibilities as an employer can be met. This includes: National Insurance Number, information relating to any Student Loans you may hold.
​
Cookies
The Alive Church website - www.alivechurch.org.uk collects cookies only from people who visit this site and accept that they are happy for us to do so.
These cookies enable us to collect data such as: how users interact with our website, what other pages are used when a user comes to our website, what pages are immediately clicked on next and what pages are used when exiting from our site.
​
We can track which browser users are using and what devices are being used.
This data helps us look at any trends from our website to improve user experience and to ensure we are communicating effectively.
​
How will your information be used?​
Your information is collected by means of Alive Church forms and our Planning Center Database app. Our methods of collecting data include the use of:
- welcome cards
- electronic forms (on our website, Planning Center and at the Connection Area during services)
- directly into Planning Center through their website
- salvation cards
- forms and registers (Kids, Youth, Students, Teams and Events)
- standing order forms (Offering, Rise and Build, Make A Difference)
- giving envelopes
- job application forms
- DBS checking forms
​
Personal Information​
Once we receive your information it is transferred onto password protected files and saved to our online cloud based database ‘Planning Center’ - www.planningcenter.com. Original paper copies are shredded. The information we collect comprises name, date of birth, address, telephone numbers, email address, family names and contact details, discipleship journey information (baptism date, growth track attendance dates), connect group details and team information.
​
The Planning Center system uses the following protocols to ensure all data is secure
​
-
Planning Center is a PCI Level One compliant merchant
The Payment Card Industry Data Security Standards (PCI DSS, or more commonly, PCI) are a set of standards set forth by the four major card associations to protect cardholder data. All merchants and processors need to have physical, electronic, and procedural controls in place to ensure that cardholder data is stored and handled securely at all times.
​
-
Technical Security and Encryption
Whenever your data is in transit between you and Planning Center, everything is sent encrypted over HTTPS, and their databases utilise encryption at rest. They limit brute force attacks with rate limiting, and all passwords are filtered from all their logs and are one-way encrypted using industry standard bcrypt.
​
-
Data Durability and Recovery
Planning Center employ a multilayered backup strategy that is designed to be resilient to hardware failure, regional disasters, and malicious acts. Both point in time backups and daily snapshots are available for use in recovery.
​
-
Security Bug Bounty
Planning Center run an ongoing bounty program through HackerOne to provide penetration testing across all of their products. These security researchers are some of the best in the world at finding vulnerabilities and responsibly disclosing them.
​
-
Physical Security
All of your data on Planning Center is stored in AWS data centers, which use industry leading practices in physical security, redundancy, and availability. You can learn more about Amazon's data centers here.
​
-
Local Equipment Security
At the most basic level, Planning Center’s main physical space is locked and alarmed during off hours. In the event of a break-in, since their servers don't reside in their buildings, they aren't vulnerable to smash-and-grab robberies. Local computers are password protected and encrypted. In the course of conducting customer support, employees access customer data using an encrypted connection and must invoke a time-based one-time password upon connection.
​
-
Personnel Security
To protect company data, including customer data, all employees sign a non-disclosure agreement when hired.
Planning Center works on a permissions based structure. Only designated Alive Church staff and volunteers have access to the full data within Planning Center.
Planning Center acts as a Data Processor for Alive Church. Further information on how Planning Center processes your information can be found here: Privacy Policy
​
EVENTS​
Alive Church uses the following for event tickets:
​
Eventbrite acts as a Data Processor for Alive Church. Further information on how Eventbrite process your information can be found here: Privacy Policy
​
Wix acts as a Data Processor for Alive Church. Further information on how Eventbrite process your information can be found here: Privacy Policy
​
Airsquare acts as a Data Processor for Alive Church. Further information on how Airsquare process your information can be found here: Privacy Policy
​
Alive Church also uses Google GSuite with all of its staff, team leaders, ministry leaders and key volunteers. Google GSuite acts as one of Alive Church’s Data Processors. All Alive Church Google Accounts are password protected by 2-step security.
​
Further information regarding how Google processes your information on our behalf can be found here: Data Processing and Security Terms (Customers)
​
Alive Church uses www.brighthr.com as the data processor for staff data. Further information regarding how Bright HR processes your information on our behalf can be found here: Privacy Policy & Cookies
​
Your information is sometimes used away from the registered office. Alive Church permit the access to Planning Center and Google Accounts outside of the office. Your information may be sent via email between alivechurch.org.uk email addresses. Your information will not be emailed outside of the alivechurch.org.uk domain.
​
Alive Church do permit the keeping of paper registers and some forms. Paper records are always stored in locked cabinets and are transported inside folders to ensure they can not be viewed by unauthorised persons.
​
Standing Orders
​​Once we receive your information it is transferred onto password protected files and saved to an online cloud based Google Account. These password protected files can only be accessed by designated Alive Church staff. Original Paper copies are then sent to your bank in order to set-up the Standing Order.
​
Online donations
​
Alive Church use Paypal for our online giving portal. Paypal acts as a Data Processor for Alive Church. Further information on how Paypal processes your information can be found here: Privacy Statement
​
Electronic Giving (payment by card using the envelope scheme)
​
Once we receive your information it is used to process your giving via our card payment machines. The card information on the original paper envelope copy is then cut out and shredded. Once processed your card details are not stored by Alive Church. The remaining information on the envelope is then transferred onto password protected files and saved to our online cloud based Google Account. These password protected files can only be accessed by designated Alive Church staff. In order to process Gift Aid your information is transferred to www.fundfiler.com.
​
Fundfiler acts as a Data Processor for Alive Church in regard to Gift Aid. For further information on how fundfiler process your information please visit: https://www.fundfiler.com/terms.aspx#Privacy_Policy
​
The remainder of the giving envelope is kept in a secure locked cupboard for 7 years in accordance with the requirements of HMRC.
​
DBS Applications
​
DBS status, where applicable, is stored on Google Drives administered by Alive’s Safeguarding Officers. These password protected files can only be accessed by designated Alive Church staff. The records of DBS searches are recorded simply as status, viz. submitted, clear etc. Original paper DBS disclosures are destroyed.
DBS applications are processed through Groundlevel. Groundlevel acts as a Data Processor for Alive Church in regard to DBS applications. To view how Groundlevel will handle your information please visit: https://www.groundlevel.org.uk/privacy-policy
​
Job Applications
​
All job applications to Alive Church are received through the email hr@alivechurch.org.uk. Once we receive your information it is stored on a password protected Google Account. These password protected files can only be accessed by designated Alive Church staff.
Employees
​
All information regarding those who are employed by Alive Church is stored on a password protected Google Account and with www.brighthr.com. These password protected files can only be accessed by designated Alive Church staff. Alive Church shares employee information with Smethurst and Buckton Accountants, as one of our Data Processors in regard to Payroll.
You can find further information about how brighthr process your information by visiting: https://www.brighthr.com/terms/?tab=privacy
You can find out further information about how Smethurst and Buckton process your information by visiting: https://www.smethurstllp.com/
​
Photos and Videos
​
Here at Alive we categorise Photos and Videos into 2 categories:
​
1: Photos of activities and human interaction:
​
Photos that show activities of the church that could not be deemed as revealing ‘religious beliefs’. Photos such as shots in social spaces, conversations, community groups, connect group socials etc.
​
In this instance Alive Church do not seek to gain explicit consent from you. We will never publish or use your photo with any other data that can identify you (such as your name) without your explicit consent
​
2: Photos of ‘Religious Beliefs’ and photos of Children, young people and vulnerable adults:
​
Photos that show activities such as worship, prayer, baptism, dedication etc. or photos of Children, young people or vulnerable adults:
In this instance…
​
Alive Church will only ever take, store and use your photo having ensured you (or your parent / guardian) have given explicit permission for us to do so.
​
That consent will be a written record, signed and dated.
​
We will never take, store, share or use a photo or video of you without your (or your parent / guardian) explicit permission.
​
You (or your parent / guardian) can decide not to grant us explicit permission to take, store, share or use a photo or video of you.
​
You (or your parent / guardian) can withdraw your explicit permission at any time and ask us to delete any photos or videos that we hold.
​
When we can use your information
​
We collect and use your information in the following situations:
-
Where we believe it is necessary to use your information to comply with a legal obligation to which we are subject
-
Where our use of your information is for the purposes of our legitimate interests and we have made sure that your information, and your rights in relation to that information, are protected.
-
Where we have your consent. We will rely on your consent to:​
-
Use of your information to send you prayer requests and information updates on the following organisations:
-
Open Doors
-
Tearfund
-
Betel
-
Safe Families
-
Acts
-
Ground Level
-
Dave Bell Music
-
-
-
Use your information for marketing to you by email, text message and other methods of electronic communication from time to time in accordance with your data choices.
Where we rely on consent to use your information, you have the right to withdraw that consent at any time. Please see the ‘Your choices and rights’ section of this policy for more details.
​
Who will we share your information with?
​
ACTS TRUST
Acts Trust is a Lincoln-based charity (charity number 1119911) founded by Alive Church in 2006, with the aspirational goal of poverty elimination in the City. Alive Church work in close partnership with Acts Trust and therefore will share your information with Acts Trust for the purposes of keeping you up to date with the work of Acts Trust and providing opportunities for you to serve the work of the charity.
You can object to us using your information in this way by writing to dataprotection@alivechurch.org.uk or FAO Data Protection Lead, Alive Church, Newland, Lincoln, LN1 1XG
​
FACEBOOK MESSENGER + GROUPS
​
A number of the Teams and Connect Groups across Alive use Facebook Messenger and Facebook Groups / Pages to communicate with team and connect group members. You can find more information on how Facebook handle your information here: https://www.facebook.com/about/privacy/update
​
MAILCHIMP
​
Alive Church uses Mailchimp to send emails regarding upcoming events, newsletters, team and connect group updates. Alive Church treat Mailchimp as one of our Data Processors. You can find more information on how mailchimp handle your information here: https://mailchimp.com/legal/privacy/
​
We promise we will never share your information with anyone else.
​
The period for which we will keep your information
​
We will keep your information for as long as is necessary for us to fulfill the purposes that we describe in this policy.
Your information is automatically made anonymous or destroyed at your request, on your death or once you have left the church following a period of 6 months of non-attendance.
​
Your Choices and Rights
​
You have a number of rights in relation to your information, and can make a number of choices about how we collect and use it. For example, you can decide not to receive marketing material from us, tell us how you want to receive communication from us, and object to some of the ways in which we use your information.
​
Please note that some of the choices or changes you make may impact our ability to communicate with you, pastor you and connect you to groups and teams that may benefit you.
​
You can log into Planning Center at www.planningcenter.com to:
​
-
Access and update the contact and personal details we hold about you
-
Opt-out of receiving communications to your device and/or telephone including calls to your mobile or other number, SMS, post and emails from us.
You can contact us using the details below to:
​
-
Request access to your information if you cannot locate it in Planning Center, www.planningcenter.com
-
Ask that we update, complete or correct your information if you are unable to do so in Planning Center, www.planningcenter.com
-
Ask that we erase or restrict our use of your information
-
Request that we provide your information to you in a commonly used electronic format and to have that information transmitted directly to another organisation (this is known as the right to data portability)
-
Object to Alive Church using your information in certain circumstances.
-
If you are concerned about how your information is used, please contact us at dataprotection@alivechurch.org.uk or FAO Data Protection Lead, Alive Church, Lincoln, LN1 1XG. Alternatively, you have the right to complain to the Information Commissioner’s Officer.
​
Who We Are
​
We are Alive Church Lincoln Limited, Registered Charity No: 1140435. Registered Company No: 7494717. A company limited by guarantee having no share capital. A member of the Evangelical Alliance. Part of the Groundlevel Network of churches.
​
Our registered office is Alive Church, Lincoln, LN1 1XG. We are the Data Controller. Get in touch by contacting the Data Protection Lead at the above address, or you can contact the church on 01522 542166 to raise any questions or concerns.​​