Thanks for visiting King's Church International. We take your privacy extremely seriously and are committed to protecting and respecting it.

This Notice explains the what, why and how about the personal information we collect, including the specific ways we use, share and look after that information. It also tells you below about how you can update your details, your privacy rights and how the law protects you.

We may provide you with other privacy notices when we are collecting or using your personal information on specific occasions so that you are aware of how and why we are using your information. This privacy notice should be read in conjunction with any other privacy notices we provide you with and considered supplementary to them.

Under the UK General Data Protection Regulation (UK GDPR), King’s Church International is the ‘data controller’ and ‘processor’ for the purposes of personal information shared with us. King’s Church International is a registered charity (Registered Charity 1039958). King’s Church International also operates under the name of G12 UK and The King’s House School, Windsor.

We have appointed a data protection lead (DPL) who is responsible for overseeing questions in relation to this Privacy Notice. If you have any questions about this Privacy Notice or the personal information we hold about you, please contact the DPL in any of the following ways:

Address: King’s House, 77a Frances Road, Windsor, Berkshire, SL4 3AQ.

Telephone number: 01753 832444 Email: privacy@kcionline.org

Manage your preferences, or unsubscribe

WHAT PERSONAL INFORMATION DO YOU GIVE US?

Personal information, or personal data, is any information about an individual from which that person can be identified. It does not include anonymous data, where the identity has been removed.

We collect different types of personal information from you when you connect with us, for example when you:

· interact with us through our websites

· get involved in the life of the church through one of our services, groups or activities

· attend an event

· donate to the church

· create an account on our website

· respond to a survey

· apply for a role as a volunteer or staff member

· sign up to receive our newsletter

· communicate with us in any way.

The information we collect may relate to your:

· identity (e.g. name, date of birth, gender, occupation)

· contact details (e.g. physical address, email address, phone number)

· financial information (e.g. payment card information)

· transactions (e.g. payments to or from you)

· technical data (e.g. location, IP address, operating system)

· profile (e.g. preferences, survey responses)

· usage (e.g. how you use our website or services)

· communications (e.g. marketing and communication preferences).

We also collect aggregated data for statistical purposes, which may include your usage data to calculate the percentage of users opening our newsletter emails, for example. This type of data does not reveal your identity and therefore is not regarded as personal information.

This website is not intended for children; however, we do collect information relating to children if they attend one of our events or are left under our supervision while taking part in our activities.

As a church, we collect information about some services and events you attend. Some of this information may be considered to fall within special categories of personal information. Special categories of personal information includes information about a person’s: racial or ethnic origin; political opinions; religious or similar (e.g. philosophical) beliefs; trade union membership; health (including physical and mental health, and the provision of health care services); genetic data; biometric data; sexual life and sexual orientation. We may also collect information about criminal convictions and offences for some of our activities.

HOW DO WE USE YOUR INFORMATION AND ON WHAT BASIS?

As a church, we hold records of the people in our congregation, volunteers, guest and service users. We use this information to coordinate church activities and keep you informed of things happening in the life of the church.

We also collect and use information about our suppliers, contractors, staff and tenants. This information is used to administer the church and carry out our charitable objectives, which are to advance the Christian faith, aid persons who are in conditions of need, hardship or distress or who are aged or sick, and advance education on the basis of Christian principles.

In particular, we use this information to enable us to:

· Manage our communications and promote the life of the church

· Administer and promote our events, courses and services to help people develop in the Christian faith

· Maintain our database of church members and regular attenders

· Provide pastoral support

· Manage our volunteers, staff and teams

· Maintain our accounts and records

· Comply with any legal or regulatory duties

We will only hold and process your personal information where there is a lawful basis for doing so.

In most cases, this will be either because it is in our legitimate interests and your interests, or in order to fulfil a contract with you. Relying on our legitimate interests means that we will check that we will not cause you harm by using your personal information, that we will not use your information in an overly intrusive way and that we will only use it in the way described in this notice.

In some cases, we may use your personal information based on consent, for example to communicate with you according to your indicated preferences. You may change your mind and alter or withdraw your consent to receive certain communications at any time, as described below.

We will also use consent when requesting details of criminal convictions and offences for a specific purpose, or collecting information about children taking part in certain activities. Some of the information we collect about children is also to protect their vital interests, for example medical/allergy information for any children left in our care.

DO WE SHARE YOUR INFORMATION?

We will not share the personal information we hold with another organisation for their own purposes and we will never sell personal information for any reason whatsoever.

There are certain situations where we share your personal information with third parties, such as service providers whom we have contracted to fulfil specific services for us. For example, administering communications to those on our mailing list involves certain functions being provided by service providers who process on our behalf the name and contact details we pass to them. We currently use MailChimp to deliver the emails that those on our mailing list have signed up to receive. The service also enables us to gather statistics around email opening and clicks using industry standard technologies including gifs to help us monitor and improve our mailings.

Where this is the case, we remain in control of the information and the third party is not allowed to do anything with the information other than what we have requested.

Details of other groups of third parties we may share your personal information with include:

· Service providers who provide website, social media, IT administration, collaboration and other services, including Basecamp* and Google*.

· Electronic marketing and research services including Mailchimp* and Typeform*.

· Course and event management systems including Eventbrite* and Planning Center*.

· Advisors based in the UK, such as auditors, solicitors, banks, pension advisors and insurers who provide professional services.

· Regulators and authorities based in the UK, such as HM Revenue and Customs, who require information in certain circumstances.

Some third parties are based outside of the UK so their processing of your personal information will require a transfer of data outside the UK. Where this is the case, we make sure that your personal information is protected in the same way as if it were here and we take all reasonably necessary steps to ensure that the data is kept private and held securely.

As such, we will only choose third parties based in countries that are deemed by the UK or European Commission as providing an adequate level of protection for personal data. For third parties based in the USA, we will select those that are part of the EU-US Privacy Shield. For some service providers, we may use specific contracts or Data Processing Agreements to ensure the protection of your data.

*Basecamp, Google, MailChimp, Typeform, Eventbrite and Planning Center are companies based in the USA, which are certified under the Privacy Shield: Basecamp’s Privacy Policy Google’s Privacy Policy and Privacy Shield Notice MailChimp’s Privacy Policy and Privacy Shield Policy Typeform’s Privacy Policy and Privacy Shield Policy Eventbrite’s Privacy Policy and Privacy Shield Notice Planning Center’s Privacy Policy

DO WE TRACK YOUR ACTIVITY?

When you use our websites or services, we collect information about your visit and your use of our websites or services. We and our analytics service providers (like Google) use “cookies”, “tags” or “scripts”, which are strings of code on your computer, to help us understand and improve our user experience.

You may turn off cookies that have been placed on your computer by following the instructions on your browser. Please note that doing this may affect the functionality of the websites.

Our websites may include social media features, like the Facebook Like or Share button. These features may collect information about your IP address and which page you’re visiting on our site, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our site.

DO WE LINK TO OTHER WEBSITES?

Our websites may contain links to and from third party websites. Clicking on those links may allow third parties to collect or share information about you. These websites have their own privacy policies. If you follow a link to any of these websites, we recommend that you read their privacy policies before you submit any information to these websites. We do not accept any responsibility or liability for their policies.

HOW ABOUT SOCIAL MEDIA?

We also maintain a presence on social media platforms like Facebook, Twitter, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them.

HOW IS YOUR PERSONAL INFORMATION SECURED?

We keep personal information secure with appropriate security measures in place to attempt to protect it against loss, misuse, alteration or destruction. We also limit access to your personal information to those team members, staff, contractors or third parties who have a need to know and who are subject to a duty of confidentiality.

We use secure server software to encrypt personal information we collect online. However, the transmission of data across the internet is not completely secure. We cannot guarantee that loss, misuse or alteration of data will not occur whilst being transferred.

We have procedures in place to deal with any personal data breach and will notify you and the relevant authorities where we have a legal requirement to do so.

HOW LONG DO WE KEEP YOUR INFORMATION FOR?

As our relationship with our members and those connected with us is generally long term, we keep your personal information for as long as we need it to maintain that relationship and keep only the information that is necessary. We take into account our need to meet any legal and regulatory obligations. These reasons vary from one piece of information to another.

When we no longer need the information, we will dispose of it securely, using specialist companies to do this work for us if necessary.

WHAT RIGHTS DO YOU HAVE REGARDING YOUR INFORMATION?

Under the UK GDPR, you have various rights regarding your personal information, unless an exemption applies. This includes rights to access, correction, erasure, transfer/portability, and restriction of or objection to processing.

Please note that we may not always be able to meet certain requests due to legal obligations or where our rights override yours. In addition, meeting certain requests may mean we are unable to fulfil our contractual obligations to you and therefore we may need to cancel your tickets to an event or withdraw a service. However, you will be notified if this is the case.

HOW CAN YOU UPDATE YOUR DETAILS?

We do our best to keep your information accurate and up-to-date, to the extent that you provide us with the information we need to do that. If you find that the personal information we have about you is inaccurate or needs updating, for example you may have changed your name or email address, please contact us at communications@kcionline.org so that we can correct it as soon as possible.

WHAT IF YOU NO LONGER WISH TO BE CONTACTED?

If you no longer wish to be contacted in a certain way or wish to unsubscribe to all communications, you can update your preferences either by clicking the ‘update your options’ or ‘unsubscribe’ link in the footer of any email you receive from us or by contacting communications@kcionline.org.

If you no longer wish to be connected to King’s Church International at all or wish for your information to be erased, please inform us by contacting communications@kcionline.org so that we can action your request as soon as possible.

Our account users can also update their preferences and request to close their account when logged in.

HOW CAN YOU ACCESS YOUR INFORMATION?

We will give you access to any personal information we hold about you usually within one month of any request in writing for that information. Individuals may request this information from us by contacting the DPL at privacy@kcionline.org. There is usually no charge for individuals to access their personal information.

WHAT IF YOU HAVE QUESTIONS OR CONCERNS? Please direct any questions or comments about this Privacy Notice to privacy@kcionline.org or contact our DPL using the contact details given above.

If you are not satisfied with the way we deal with any complaint in relation to the use of your personal information, you may be able to refer your complaint to the Information Commissioner’s Office, the UK’s data protection regulator. However, we would appreciate the opportunity to deal with your concerns in the first instance.

HOW WILL YOU FIND OUT ABOUT CHANGES TO THIS NOTICE?

We keep this Privacy Notice under review to ensure it remains accurate. If we make any material changes to it, we’ll post them on the website and communicate them to the last email address you gave us. Any changes will be effective as of the date we post them on the website or send the email (whichever date is later). If you object to changes in our Privacy Notice, we may have to remove your details from our database.

Last updated 17 December 2021

Thanks for taking the time to learn about King's Church International’s Privacy Notice.