General Data Protection Regulations (GDPR)
The law relating to data protection is changing. This will affect all organisations in the UK, including businesses and charities.
The General Data Protection Regulation (GDPR) will take effect in the UK from 25 May 2018.
It replaces the existing law on data protection (the Data Protection Act 1998) and gives individuals more rights and protection in how their personal data is used by organisations.
Parishes must comply with its requirements and are each responsible for ensuring they do so, just like any other charity or organisation.
These pages provide guidance, support and direction to help parishes ensure they meet the new requirements.
- The Parishes Resources website provides guidance, templates and a checklist to help you meet your GDPR requirements.
- It is updated regularly – so please check back periodically. Most recently, a new FAQ has been added, the main parish guidance has been updated and there is a specific guidance note relating to giving reviews and fundraising communications.
- There are also example Consent forms that you can adapt for your parish.
- To access the Parish Resources materials, please follow this link.
Church of England - National Church Institutions Presentations
The following presentation provide an overview as provided by the National Church Institutions Team and the Church of England
- GDPR - Key Messages - NCI Working Group - December 2017
- GDPR and Consent - NCI CofE Presentation
- GDPR and Employees - NCI CofE Presentation - March 2018
- The Information Commissioner’s Office (ICO) is the UK’s independent authority set up to uphold information rights in the public interest, it is the body that will ensure businesses comply with the requirements of the GDPR.
- The ICO website contains a wealth of information to support organisations meet their requirements under GDPR and can be accessed by following this link here.
- The Ely Diocesan Board of Finance is required to process personal data in accordance with the requirements set-out in the GDPR.
- The data privacy note outlining how we process personal data can be found here.
- The Parish Resources team also provide a sample data privacy note for parishes to adopt to their own needs. this can be downloaded here.
- The Parish Resources team provides a regularly updated overview of some common myths around GDPR, as well as covering many of the frequently asked questions from parishes.
- The PDF can be downloaded here.
- If the link above doesn't work, the document is easily accessible from the Parish Resources website here.
- Some commonly asked questions about Data Protection can be found here.
Other Support Resources
- The Diocesan team is mindful that it has a duty to help support parishes meet their GDPR commitments
- In addition to the information we will provide on these pages, face-to-face training is preferred by many.
- Details on the training dates the diocesan office plans on facilitating can be found here.
- The Diocese of Oxford has also produced an excellent GDPR overview presentation for parishes that they have kindly allowed us to share, this can be downloaded here.