top of page

Privacy Policy

Policy Name:

Privacy Policy/Notice

Effective from:

May 2021

Last Reviewed:

September 2025

Last Revised:

May 2021

Next Review:

September 2026

 

We are the The New Life Church, Woking ('NLC', 'we', 'us'), registered as a Charitable Incorporated Organisation in England and Wales under charity number 1177764. Our contact details are:

Address:  New Life Church High Street Kingfield GU22 9BX
Email: theadministrator@newlifechurch.org.uk
Telephone:  01483 725660

NLC is committed to protecting your privacy. This privacy notice describes what information (your ‘personal data’) we collect and process about you, why and how we will handle and use it, and what your rights are. We use your information in ways you would expect – like managing serving teams and keeping you informed about events. For some specific things we will ask for your consent, which you can withdraw at any time.

You can also tell us if information we hold is not accurate or if you want us to delete the information we hold about you.  In compiling this statement, NLC has considered the Retained General Data Protection Regulation (“UK GDPR”) and the Privacy and Electronic Communication Regulations.

For the purposes of data protection law, we are considered as the ‘controller’ of the personal data we collect and hold about you and we are therefore responsible for it.

We are registered with the Information Commissioner’s Office ('ICO') with registration number Z1761065.

Any queries, complaints or subject access requests should be directed to the data protection lead: protect@newlifechurch.org.uk

For further information on data protection, you can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/cont… or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

Your personal data – what is it?

Personal data is any information about an individual which allows them to be identified from that data (for example a name, photographs, videos, email address, or address). Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.

The processing of personal data is governed by the UK GDPR.

The information we collect will vary depending on the reason for our interaction with you but may include your full name, postal address, phone number, email address, date of birth, next of kin, financial and credit card details, dietary preferences, access requirements, your IP address (the location of your computer on the internet), pages accessed on our website, information about your interests and any other information that is reasonably necessary.

We collect and store information about you whenever you interact with us including for example when you register with us to receive updates about church activities, when you apply to work for or volunteer with us, when you make a donation to us or otherwise give us any other personal information.

It is entirely your choice whether to give us information about yourself or not, and whether that information may or may not be visible to others.

How do we use your data?

We will use your data for three main purposes:

  • Contacting you to keep you informed of church activities and events.

  • The day-to-day administration of the church, e.g. pastoral care and oversight, preparation of rotas, recording attendance, maintaining financial records of giving for audit and tax purposes.

  • Statistical analysis; gaining a better understanding of church demographics.

NLC complies with its obligations under the UK GDPR by

  • keeping personal data up to date.

  • storing and destroying it securely.

  • not collecting or retaining excessive amounts of data.

  • protecting personal data from loss, misuse, unauthorised access and disclosure; and

  • ensuring that appropriate technical measures are in place to protect personal data.

What is our legal basis for processing your personal data?

Article 6 Para 1(a) of the UK GDPR gives us a lawful basis of processing data for specific purposes where you have consented to us doing so.

In other circumstances, under Article 6 Para 1(f) of the UK GDPR, we may process your data in ways you would reasonably expect where there is legitimate interest to do so. This may include instances where we process data for volunteering, small groups and events for example.

How we look after your personal data

We will treat all your personal information as private and confidential and will not disclose to any third party – internally it may be shared where necessary to facilitate the administration and day-to-day operations of NLC. All NLC staff and volunteers who have access to personal data are required to adhere to our policies.

There are four exceptional circumstances to the above permitted by law:
1. Where we are legally compelled to do so.
2. Where there is a duty to the public to disclose.
3. Where disclosure is required to protect your interest.
4. Where disclosure is made at your request or with your consent.

Our Database of Personal Information

We use a third-party service, ChurchSuite.com, to facilitate much of our church management, including as a database to hold any personal information we collect from you.  ChurchSuite stores all data in the UK within data centres that meet strict industry security requirements.  Members of NLC will also receive a login to ChurchSuite where they can view and update the personal information we hold about them. ChurchSuite also use various cookies.  You can read their privacy policy here: Church Suite Privacy Policy.

Information contained in our database will not be used for any other purposes than set out in this policy, and access is strictly controlled and granted only as needed for relevant processing.

The database will not be accessed by any authorised users outside of the UK, in accordance with UK GDPR, unless prior consent has been obtained from the individual whose data is to be viewed.  All access and activity on the database is logged and can be viewed by the system administrations.  Information kept on our computer systems and technical devices are encrypted with passwords to prevent unauthorised access.

Where we have given you (or where you have chosen) a password that enables you to access certain parts of our site or app (ChurchSuite), you are responsible for keeping this password confidential. We ask you not to share a password with anyone. The transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. 

 

If you serve NLC as a member of staff or in a key role then we will pass on your name and contact details to the Baptist Union of Great Britain and/or the South Eastern Baptist Association (of which we are members) to enable them to send you information relevant to your role. We will always ensure you are aware of what information is being shared with them and you will be able to decide which contact details are shared.

To enable us to provide adequate pastoral support to you and your family, one of the Ministers may record information which may be regarded as sensitive. This information will be stored (in password protected documents) on the church computer but the password will only be known by the Ministers. This information will NOT be disclosed to anyone else without your consent.

People who sign up for events run by NLC

For events we run which require guests to sign up/purchase tickets, this will usually be done using ChurchSuite. If you are already a supporter of NLC then this event sign up will be logged against your profile in ChurchSuite. New contacts will be saved in ChurchSuite but kept separate from our general contact book. Any payments will be handled by a third party provider (usually Stripe, but potentially also PayPal), NLC does not store or process any payment details.

People who fill in a Connect Card on a Sunday

The paper card is held securely until it can be transferred to our digital system (ChurchSuite), usually the next day, the paper copy is then shredded. We will use the information you have provided to contact you and connect you in with relevant/appropriate activities in NLC.

People who register their children for NLC Youth or Children’s activities

The data is stored securely by ChurchSuite and only accessed by staff and approved volunteers. We will only hold on to your data for eight weeks from your last visit to NLC – unless you choose to be added to the address book.

Visitors: As a visitor your data is kept separate from our address book and will be used only for the purposes of the check in system (this may include follow up contact). We ask for: date of birth so they can be placed in the correct group; a mobile phone number so that, if needed, we can contact you promptly during the meeting; medical information so that snacks, drinks etc are appropriate; and any additional needs to help us better look after your child.

Members: For members of NLC there is the option to add your children’s details into our Children’s address book in ChurchSuite. This gives you more control over your children’s data (including the ability to edit it) and allows us to more easily contact you in relation to children’s work activities.

 

 

Processing financial payments

If you use a debit or credit card to donate to us, we will pass your debit or credit card details securely to our payment processing partner, Stripe, as part of the payment process, but the details are not stored by us. Where you have provided us with bank details directly so that we may process a regular donation from you by direct debit or standing order we will keep that information securely.  We will store records of your transaction in order to comply with financial regulations.

How long do we keep your personal data?

We keep your data for no longer than reasonably necessary. We will process your data as long as you are a member of the church or are in regular contact with the church. e.g. Sunday services, volunteering and/or small groups.

If you resign from membership or are no longer in regular contact with us, we will retain your data for as long as legally necessary in line with our retention policy.

Your rights in relation to your data

You have a number of rights under data protection law. These include:

  • The right to access your personal data and to obtain certain information about it.

  • The right to rectify the data if it is inaccurate.

  • In some circumstances, such as when the data is no longer required or if the use of the data has no legal justification, the right to have that data erased.

  • In limited circumstances, the right to object to our handling of the data.

  • In limited circumstances, the right to restrict the handling of your data.

  • The right to obtain a copy of your data in a commonly used electronic form if the data is processed by automated means and the processing is based on your consent or contractual necessity.

More details about how these rights apply can be found in our Data Protection Policy which can be accessed by contacting the church office who can supply this to you.

You also have the right to withdraw your consent at any time when we rely on consent as a legal ground to justify our handling of your personal data. This would not affect the lawfulness of anything done before consent is withdrawn but it would stop us from continuing to use the relevant information.

You can exercise your rights or obtain more information about them by sending a request in writing to protect@newlifechurch.org.uk. We may need to confirm your identity before progressing the request and will aim to achieve this within 30 days of confirmation. This right to access your data is subject to certain exemptions: Personal Information may be withheld if the information relates to another individual.

Job applications and volunteering opportunities

If you apply for a job or volunteering opportunity with us, we will collect information to assess your suitability for the role. We will only use the information you give us to process your application and to monitor recruitment statistics and undertake relevant checks.

NLC will put together a file about your employment or volunteering role which will be kept secure, used only for matters that apply directly to your role with us and kept after your role with us has ended in accordance with our record retention policy.

Third Party Websites

Our website may refer or contain links to other websites. Please note that this privacy notice does not apply to information collected through these websites. These third-party websites should have their own privacy policies which describe how they might collect your data and use it.

We are not responsible for these third-party websites or the information which they might collect and, therefore, you are encouraged to view their policies before browsing through third party websites or providing them with information.

Use of Cookies

Cookies are used to help improve your experience of our website.

Cookies are small files which websites store on your computer, and which contain various types of information about your visit to a website. They are not viruses or malicious software, but they are generally aimed at providing you with a good experience when browsing a site by, for example, remembering your preferences so that you do not need to reset them every time you visit the website.

Cookies normally expire after a length of time which can vary from a few minutes to more than a year. Some cookies are ‘session cookies’ which are deleted when you close your internet browser or after a period of inactivity. Others are ‘persistent cookies’ which remain on your computer until their expiration date.

We do not store cookies on your computer without your consent, unless they have the sole purpose of carrying out the transmission of communications or they are strictly necessary for providing an online service.

The information derived from our use of cookies will be aggregated to provide statistical information about the usage of our website. However, we do not use any information derived from cookies, nor any IP addresses we collect, to identify any individual user of our site.

How to control and delete cookies

You may restrict or block cookies which are set by any website through your browser settings. Your browser settings also allow you to clear your browsing history and delete cookies. Information about how you can do this can be found on this link https://ico.org.uk/for-the-public/online/cookies. Mobile devices may have their own settings, and you need to refer to the manual of the device.

Please note that restricting or disabling cookies may impact the functioning of parts of our website.

Changes to our Privacy Notice

We may change our privacy notice from time to time in which case we will upload the updated notice to our website. It is advisable to refer to the privacy notice regularly, particularly before sharing information about yourself which you consider to be sensitive.

Complaints to the Information Commissioner

You have a right to complain to the Information Commissioner’s Officer (ICO) about the way in which we collect and handle your personal data. Complaints to the ICO can be made on the ICO’s website https://ico.org.uk/.

​

bottom of page