My Church is a project built for God's glory and is based on Christian values.
Therefore, your privacy is very important to us. This policy is designed to let you know
what data we collect from our users, how we use it and why we use it. This notice is
applicable to our website and the software and service we provide.
We urge you to read this privacy notice so you are fully aware of how we collect and process personal data. Equally, if after reading this policy you have any questions, please do not hesitate to contact us. We will be more than happy to answer any queries.
Please also be aware that this privacy notice is a brief summary of our data protection practices. Please read our data protection policy if you're looking for a more in-depth explanation of our data protection policies and procedures.
The author behind the My Church project is Edan Joseph Brooke. Edan works as an IT support technician but is also experienced as a web developer.
My Church is a registered as a data controller with the ICO (registration reference
The project was founded out of a passion to see youth ministry develop and to make lives easier for youth and for leaders in the church.
You can contact the My Church team by sending an e-mail to email@example.com, or by calling 0161 738 1165. If you would like to contact our data protection compliance manager or if you have a data protection enquiry, you can send an e-mail to firstname.lastname@example.org. You may also phone the data protection compliance manager on 0161 738 1165 or write to them at the following address:
Data Protection Compliance Manager
Armadillo MUMB #10232
We collect several pieces of personal information from users. As the My Church system is very complex and has a lot of functionality, we collect data in many ways.Registration of interest in the service
When a user registers their interest in the platform, we collect, store and process the following pieces of information about them. This information is collected and processed to allow us to follow up on enquiries about the service and to deliver requested information.
If a user registers as a volunteer with us or expresses that they may be interested in doing so, we collect and process the following pieces of information. This is done so that we have sufficient information to enter into a contract with the individual.
If a user generates an invite to another individual and the individual chooses to accept the invite, the following information will be requested, stored and processed in order to allow the individual to use the service.
This personal information is used to:
This information will be shared with 3rd parties in some situations.
The My Church project uses multiple levels of security to protect the information our users entrust us with. We recognise that some information we store is sensitive and have procedures in place to deal with this.
For the most part, the service uses consent as a legal basis for processing personal data as it is registration based, though we do process personal data under other basis.
Please see the table below for an explanation of the basis we may process personal data under. We endeavour to process your personal data under the most appropriate basis at all times.
|Explanation||Right to erasure||Right to portability||Right to object|
The data subject has given clear and explicit consent for their personal data to be processed.
but right to withdraw consent
Processing is necessary to fulfil a contract between My Church and the data subject, or to take steps to enter into a contract.
We are required to process personal data to fulfil a legal obligation.
Processing is mandatory to protect the vital interests of either the data subject, or another person, in a life or death situation.
Processing is necessary to perform a task carried out in the public interest that is set out in law, or in the exercise of official authority.
Processing is necessary for purposes of legitimate interests pursued by My Church or by a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject.
|Dependant on circumstance|
The basis on which we hold and process personal data differs. The My Church system and project is very extensive so we cannot process under just one basis for everything.
To learn how we process data relating to children please read §5.4 of our full data protection policy.
For more information about our legal basis for processing data, please contact our data protection compliance officer by sending an e-mail to email@example.com or by calling 0161 738 1165.
The length of time for which we hold personal data depends on the purpose it was collected for.
Data that is collected solely on the basis of consent is kept only for as long as we
have your consent to process your personal data.
If you have registered your interest in the My Church platform and now wish to withdraw your consent for us to process this data, you can unsubscribe by following the link in the e-mail that was sent to you when you registered your interest. If you no longer have this e-mail, please contact the data protection compliance officer. Opting out will withdraw the consent that you gave to us to store and process your personal data. Your personal information will be permanently deleted from our records.
If you registered as a volunteer with us but never undertook any responsibilities or work with us, you can have us delete your personal data by following the link in the e-mail that was sent to you when you registered as a volunteer. If you no longer have this e-mail, please contact the data protection compliance officer to be removed from our records.
Volunteers who have undertaken work on the project have their information held on the basis of legitimate interests.
If you have an account with us, you can close your account permanently and withdraw your consent to data processing by logging into your account online. This only applies if legitimate interests conditions do not apply. If you wish to object to processing under the basis of legitimate interests, please contact our data protection compliance officer.
If you have any questions regarding data retention, such as additional data retention periods information, please contact our data protection compliance officer using the aforementioned contact details.
My Church does its best to be compliant with General Data Protection Regulation 2018 and
Data Protection Act 2018. This legislation gives you as a data subject several rights in
regards to collection and processing of your personal data.
If you do not wish for us to store cookies on your computer, you can object to this by changing cookie settings in your web browser. Please be aware that by doing this your experience on our website will be suboptimal as the website is designed with cookies playing a key part in enabling full functionality.
Cookies are used to identify your device so we can provide a tailored experience even when you leave the website and come back later. Cookies do not contain any personal information about you.
The My Church system integrates with and links to third party websites and services. These external entities are not operating under our policies or procedures and may be operating under a different legal jurisdiction. Therefore, please consider this before providing any personal data to these third party websites or services as they are not affiliated with us.
We also work with other organisations that allow us to provide our service. Some of these organisations are responsible for storing our databases or backups and will therefore hold your personal information.Online SAS
Online SAS are responsible for
hosting our service including our database servers and therefore hold data that is
protected under the Data Protection Act.
Online SAS holds all our customer information in a manner that is compliant with GDPR.Amazon UK Services LTD.
Our backup data and any user uploads to the service are stored with Amazon in their
Amazon Web Services (AWS) S3 service. Our allocated storage with AWS, referred to as a
"bucket", is located in the EU so falls under GDPR legislation.
Amazon holds all our customer data in a way that is GDPR compliant, and allows
us to comply by offering a backup solution to us.
As per our published backups procedure, backups exceeding 6 months in age are removed from Amazon's systems.
Unlimited Web Hosting
provides staff e-mail accounts at My Church. Therefore, any personal data you e-mail to
a My Church domain will reach Unlimited Web Hosting. They don't read the content of your
e-mails, though they could access it if they wanted or needed to.
This company is based in the United Kingdom and is compliant with data protection laws.
Unlimited Web Hosting allows the My Church team to communicate with you by e-mail. All e-mails are treated with confidentiality both by our team and by Unlimited Web Hosting's team.Freshworks Inc
Freshworks powers the My Church support centre. The majority of support requests are routed through Freshworks' system to allow us to provide a high quality of support. Freshworks is committed to complying with GDPR.
Freshdesk provides our helpdesk and is well-versed in data protection compliance. They are GDPR compliant to the best of our knowledge.
If you have any questions or concerns you'd like to raise in regards to any of our policies or procedures or anything on this page, please contact our data protection compliance officer by e-mail at firstname.lastname@example.org. Alternatively, you can reach the data protection compliance officer by phone (0161 738 1165).
This policy was last updated Mon 4 June 2018 by Edan Brooke.