Privacy Policy

1. Introduction
At King’s Arms Trust, we take your privacy seriously and recognise the importance of your data. We will only use your personal information for the King’s Arms Trust in accordance with the GDPR and with integrity. This policy explains how we collect data, how we use and store information and what it means for you.

2. Who we are
King’s Arms Trust is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.
King’s Arms Trust
King’s House,
245 Ampthill Road,
Bedford,
MK42 9AZ
Charity Number: 1116359

3. What information we collect
This privacy notice explains how King’s Arms Trust and it’s website comply with the General Data Protection Regulation (GDPR). Kings Arms Trust complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

  1. Directly from us
    We collect personal information each time you deal with us, for example when you provide your contact details in writing to church staff or volunteers; request materials or information; sign up for an event; make a donation; use our check in system for you or your children, or otherwise provide your personal details.
  2. From website interaction from us
    We collect non-personal data such as IP addresses, details of pages visited and files downloaded. Website usage information is collected using cookies, see the section on Cookies below.
  3. Indirectly from third parties
    We collect information from third parties such as PayPal and Stripe, where you have agreed to support King’s Arms Trust and have given your consent. You may wish to check their privacy policy to find out more information on how they will process your data.
  4. Where you give permission to other organisations
    We may collect information that you make available on, for example, Twitter, Facebook or similar organisations. You may wish to check their privacy policy to find out more information on how they will process your data.
  5. Sensitive data
    Where you provide the information, we may collect sensitive personal data, including, but not limited to, your religious beliefs, or your physical or mental health and other pastoral information you share with us.

4. What we do with it

a. Processing of requests/donations

We collect personal information on our online database ‘ChurchSuite’, Google Apps and TeamWork each time you deal with us, for example when you provide your contact details in writing to Trust staff or volunteers; request materials or information; sign up for an event; make a donation; use our check in system for you or your children, or otherwise provide your personal details. We may use the personal data we collect:

  • To inform you of news, events, activities, groups and services running in King’s Arms Trust
  • To enable us to provide a voluntary service for the benefit of the public
  • To provide pastoral care to our attendees and to safeguard the well-being of individuals and 3rd parties
  • To administer attendance/membership records
  • To provide an interactive website where email is used to communicate with users;
  • To raise funds and promote the interests of the charity
  • To manage our employees and volunteers
  • To maintain our own accounts and records (including the processing of Gift Aid applications);
  • Statistical analysis
  • To remain consistent with our values and beliefs as an organisation (See Article 9 (c) & (d))

b. Basis of processing your data
So that we can provide services you have requested, and keep you informed about news, events, activities and services and process your donations, we will process your personal data on the basis of the consent you provided us with. You are free to change your preferences at any time.Other processing based on legitimate interest is necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement. Legitimate interest is also the basis of our processing relating to members or former members (or those who have regular contact with us in connection with these purposes) and for claiming back tax under the government’s Gift Aid scheme, as we are a not-for-profit body with religious aims.

5. How and where we store your information

  1. How long do we keep your information?
    We will keep your personal information only for as long as we consider it necessary to carry out each activity unless required to keep for UK law and will be deleted within 24 months of your last activity with us, unless you request to be forgotten or remove the information yourself. We take account of legal obligations and accounting and tax considerations as well as considering what would be reasonable for the activity concerned. Pastoral and sensitive personal information will only be kept whilst you are accessing our Pastoral Care from the King’s Arms Trust and will be deleted within 6 months of either your pastoral situation being resolved or you no longer wish to access pastoral care from our organisation.
  2. Security
    We ensure that we have appropriate technical controls in place to protect any personal data you provide and that access to personal data is restricted only to those staff members or volunteers whose job roles require such access and that suitable training is provided for these staff members and volunteers. We may make limited use from time to time of external companies to collect or process personal data on our behalf. When we do so, we carry out checks on these companies, put in place contracts to make sure our requirements are clear, and carry out periodic reviews. When we do use external companies, we remain responsible for the storing and processing of your personal data.
  3. Credit/Debit card security
    If you use your debit or credit card to donate to us, purchase something or pay for an event, whether online or by Giving Envelope, we will process your information securely in accordance with the Payment Card Industry Data Standard. We may hold your bank account details if you have asked us to set up a standing order for you, which are stored securely and retained in line with legal requirements.
  4. Where we store your personal information
    We use online systems such as ChurchSuite, Google Apps and Team Work. You may wish to read their Privacy Policies to find out more information on how they meet the GDPR.

6. When we share your personal information
Your personal data will be treated as strictly confidential and will only be shared with the relevant staff and members of the Trust in order to carry out a service or for purposes connected with the Trust. We may use your data for statistical analysis and share the results with third parties, but your data will never be shared with third parties.

  1. Legal duty
    We may need to pass on information if required by law or by a regulatory body. For example, a Gift Aid audit by the HMRC, or if asked for details by a law enforcement agency.
  2. Our service providers
    We do not sell or pass any of your personal information to any other organisations and/or individuals without your express consent, with the following exception – by providing us with your details you are giving the Trust your express permission to transfer your data to our service providers including mailing houses, such as ChurchSuite and MailChimp, to enable fulfilment of the purpose for collection.Where such details are shared we have confidentiality agreements in place that restrict the use of your information to the purpose for which it is provided and ensure it is stored securely and kept no longer than necessary.

    We may provide third parties with general information about users of our site, but this information is both aggregate and anonymous. However, we may use IP address information to identify a user if we feel that there are or may be safety and/or security issues or to comply with legal requirements.

7. Cookies

  1. What are cookies?
    A cookie is a small amount of data that is sent to your browser and stored on your computer’s hard drive. Our website makes use of cookies to collect information about our visitors through Google Analytics.

  2. How we use them on our website
    To enjoy our website to the full, we recommend that you leave cookies turned on. If you turn off cookies then you may not be able to enter parts of the site. The cookie data that we collect we may use to customise the content on our website and to help to understand visitor’s current and future needs
  3. Managing cookies
    Most browsers allow you to turn off the cookie function. To do this you can look at the help function on your browser.
  4. Third party cookies
    We work with a number of third party suppliers who set cookies on our website to enable them to provide us with services. These are mainly used for reporting purposes so we can improve the way we communicate. We use websites such as Youtube to embed videos and you may be sent cookies from these websites. We do not control the setting of these cookies, so we suggest you check the third party website for more information about their cookies and how to manage them.We also use third party suppliers such as Google Analytics and these providers may use cookies. They may also use tracking pixels, which are commonly found in advertising to track the effectiveness of adverts. As some of these services may be based outside of the UK and the European Union, they may not fall under the jurisdiction of UK courts. If you are concerned about this you can change your cookie settings (see above) and can find more information about this here.

     

8. Children
Families making use of the children’s facilities during our services are required to provide personal data for their children. This data is provided with the consent of the parent or guardian and is securely held and stored as above. We require parental consent for any child under the age of 13.

9. Your choices and telling us when things change

  1. Preferences
    You can change your preferences on what you receive from us, or how we contact you, by mail or email, at any time. You can do so by:
    Directly through ChurchSuite by clicking here
    Email us on: info@kingsarms.org
    Write to us at: Chair of Trustees, King’s Arms Trust, King’s House, 245 Ampthill Road, Bedford, MK42 9AZ
  2. Updating your details
    We do appreciate it if you keep your details up to date. You can do so in the same way as updating your preferences (above). We may use Post Office address search, postcode lists or other available sources to confirm data that you provide us with, where, for example, we are unsure of what you have completed on a form. We will not use these sources to create data that you have chosen not to provide, for example, if you have left a telephone number blank; nor will we automatically update changes of address, we will normally only update your address when you tell us it’s changed.
  3. Telling us to stop processing
    You have the right to ask us to erase your personal data, to ask us to restrict our processing or to object to our processing of your personal data. You can do so at any time by:
    Directly through ChurchSuite by clicking here
    Email us on: info@kingsarms.org
    Write to us at: Chair of Trustees, King’s Arms Trust, King’s House, 245 Ampthill Road, Bedford, MK42 9AZ

10. Access to your information
You have the right to request details of the information we hold about you. To make this request, please write to us at the details above. For more information about your rights under the Data Protection Act (DPA) and General Data Protection Regulation (GDPR) you can visit the website of the Information Commissioner’s Office: ico.org.uk

11. Changes to this privacy notice
This privacy notice was last updated in May 2018. We may amend this policy from time to time to take account of changes to our processes or changes to data protection or other legislation. By continuing to use our website you will be deemed to have accepted these changes.

12. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

13. Governing law
The Privacy Notice is subject to English law. All claims or disputes (including non-contractual disputes or claims) arising out of or in connection with the use of the websites shall be subject to the non-exclusive jurisdiction of the courts of England and Wales.
If you have any queries please contact us at roydon.loveley@kingsarms.org

You can read the full Privacy Notice (extended) here.