You are viewing this site in staging mode. Click in this bar to return to normal site.

This is our Data Protection Policy Statement. You can download the full Policy here.

Policy statement

Cross Street Baptist Church is committed to protecting personal data and respecting the rights of our data subjects; the people whose personal data we collect and use. We value the personal information entrusted to us and we respect that trust, by complying with all relevant laws, and adopting good practice.

We process personal data to help us:

a) maintain our list of church members and regular attenders;

b) provide pastoral support for members and others connected with our church;

c) provide services to the community including the Stay & Play and English Classes;

d) safeguard children, young people and adults at risk;

e) recruit, support and manage staff and volunteers;

f) maintain our accounts and records;

g) promote our services and activities;

h) maintain the security of property and premises;

i) respond effectively to enquirers and handle any complaints and

j) liaise with tenants and premises users

This policy has been approved by the church’s charity trustees who are responsible for ensuring that we comply with all our legal obligations. It sets out the legal rules that apply whenever we obtain, store or use personal data. 

Why this policy is important

We are committed to protecting personal data from being misused, getting into the wrong hands as a result of poor security or being shared carelessly, or being inaccurate, as we are aware that people can be upset or harmed if any of these things happen.

Our Data Protection Policy sets out the measures we are committed to taking as an organisation and, what each of us will do to ensure we comply with the relevant legislation.

In particular, we will make sure that all personal data is:

a) processed lawfully, fairly and in a transparent manner;

b) processed for specified, explicit and legitimate purposes and not in a manner that is incompatible with those purposes;

c) adequate, relevant and limited to what is necessary for the purposes for which it is being processed;

d) accurate and, where necessary, up to date;

e) not kept longer than necessary for the purposes for which it is being processed;

f) processed in a secure manner, by using appropriate technical and organisational means;

g) processed in keeping with the rights of data subjects regarding their personal data.