Last updated 14th May 2018
Agapé Ministries CLG. is a registered company (company no. 449205) and charity (CHY 17459). We respect your rights under the General Data Protection Regulation (GDPR) and apply them to how we process your data. These rights are:
1. You need to be informed about how we collect, store and use your personal data
2. You can access the data we hold about you
3. If we have got your data wrong, you can correct us
4. You can have your data deleted, once this does not breach our legal requirements or legitimate business interests
5. You can restrict what data we process about you
6. You can obtain and reuse your data for your own purposes across organisations
7. You can tell us if you don’t like the way we process your data
8. You have the right to be protected against the risk that a potentially damaging decision is taken by automated means.
We process data to help generate interest and information about our work. We process data on the basis of your consent, our legal obligations and legitimate business interests. We do not subject data to automated decision making.
How do we collect data?
We obtain personal information from you via:
- direct interactions: when you enquire about our activities, engage in an activity with us, make a donation, register through one of our sites or at an event, or otherwise give us your personal information. If you meet with us for discipleship or spiritual advice, we may take confidential notes for spiritual guidance and support. If you prefer that we do not take notes, please let us know. The information you disclose is entirely at your discretion.
- third parties [or other publicly available sources]: we may from time to time obtain personal information about you from third parties. We will only collect personal information from third parties if they have obtained that information in a legal and proper way.
- Referral of information by individuals. Your name and contact details may have been passed to us by someone you know, who indicated that you might be interested in hearing about our ministry.
What data do we collect and store?
We collect the following:
- Your title, name, email address, mailing address, phone number. This is so we can inform you about Agapé events, updates and partnership opportunities and thank you for your involvement.
- In some cases PPS numbers. This is to claim tax back on donations under the Charitable Donations Scheme. Only the Agapé financial personnel see this data so they can file for tax reclaims.
- Bank details. Only the data processing personnel see this data to set up standing orders. There is then automatic withdraw for the specific Staff/or project you indicate.
- Financial transaction details including details about payments and donations from you and historical transaction data
- Passport numbers, your date of birth, GP health clearances, travel details, dietary requirements and room preferences, if you register for Agapé projects for which we need this information.
- HR information. If you work or volunteer with Agapé or apply to do so, we will collect the relevant data, which may include contact details, an application form, a Statement of Faith, references and a health clearance.
- Information about beliefs and circumstances including religious information and information you disclose about your personal circumstances
- Your communications preferences.
How we use your information:
We will generally only collect and use your personal information when it is necessary to achieve our legitimate business interest of fostering spiritual growth. We may also use your personal information when it is needed to provide you with goods or services, or to process support gifts or comply with our legal obligations.
The personal information we collect allows us to inform you on what is happening in Agapé, send you prayer updates and information about upcoming events, and send you our thanks for your involvement in the ministry.
You can unsubscribe at anytime by writing to firstname.lastname@example.org . Please let us know whether you wish to unsubscribe from postal or email communication, or both.
Generally, we will not disclose or share your personal information with anyone outside Agapé without your permission. However we may need to use or share your information with some third parties, including our external financial auditor, Revenue and third party service providers including cloud service providers for the hosting of sites, email marketing service providers and accommodation and service providers we use for Agapé events. Otherwise, we will not share your personal data outside of Agapé without your permission.
The table below describes each of the ways in which we use your personal information, the types of personal information that we use and the legal basis that applies to that use. Where the legal basis is legitimate interest, we also set out some further details.
|How we use your Personal Information
|The types of Personal Information involved
|To allow you to register and attend an event and to follow up with you after the event
|Identity data , contact details, communication data, travel information, requests and preferences
|For electronic communications and updates
|Identity data, contact details, communication data
|Consent or Legitimate Interest where it follows something you have bought, given or attended
|When you engage with us (for example, financially), the law permits our organization to send you relevant email marketing
|For physical communication and non-marketing electronic communication
|Identity data, contact details, communication data
|To keep you informed of our ministry; To send you ministry information and resources which we believe you will be interested in
|For contact management
|Identity data, contact details, communication data, requests and preferences
|To manage participation in our ministry and contact management across the ministry
|To improve your experience of our Digital Tools
|Identity data, contact details, system data, historical transaction data, requests and preferences
|To improve the operations of our Digital Tools and to show information that is more interesting to you
|To allow you to login and to access our Digital Tools
|Identity data and security credentials
|Contract and Legitimate Interests
|To ensure that your accounts on our Digital Tools are kept safe and private
|To apply for, or participate in, short or long term mission opportunities with us; to apply or participate as a volunteer
|Identity data, contact details, application data
|For spiritual guidance and support
|Identity data, contact details, information about your beliefs & circumstances, requests and preferences
|To provide spiritual guidance and support; to allow us to pray for you; to provide you with resources and activities that will help you grow spiritually
|To provide forums and digital communities
|Identity data, contact details, Your posts in discussion threads
|To provide a place for you to discuss spiritual and mission based topics
|For fund development
|Identity data, financial data, financial transaction data, contact details, information about your beliefs & circumstances, requests and preferences
|To provide opportunities for you to partner with us through financial giving, communication or prayer
|To process donations
|Identity data, financial data, financial transaction data, contact details and tax status
|Contract and Legitimate interests
|To securely receive your donation toward our charitable aims
|For statutory reporting
|Identity data, contact details, tax status
|Legal Obligations and Legitimate Interests
|We may have obligations to report to the authorities in other countries
|To deliver goods and services
|Financial data, financial transaction data, contact details
|To allow us to improve our tools; to maintain an audit trail of access to data; troubleshooting; data analysis; system maintenance;
|Historical transaction data, system data, audit logs and location data
|To manage and protect our Digital Tools; to ensure that our services run effectively and to track who is accessing your data
|To respond to complaints and requests
|Identity data, contact details, historical transaction data, application data
|Legal obligation and Legitimate Interests
|To ensure that your concerns are addressed
Protection of Personal Information:
Agapé takes the security of your personal information very seriously. We have put in place appropriate security measures to protect your personal information from being accidentally lost, misused or accessed in an unauthorised way, altered or disclosed. These include technical, administrative and physical security measures to ensure that any information we collect is stored and processed securely.
We have contractual provisions requiring all third party service providers to respect the security of your personal data and to treat it in accordance with our data protection policy and all applicable laws. We will not allow third party service providers to use your personal information for their own purposes and they will only be allowed to process your personal data in accordance with our instructions.
We use computer systems with limited access and your data is stored in encrypted form. Part of our data is securely stored outside the EU. We will only transfer personal data with adequate safeguards in place and in full compliance with applicable laws. We have established standard contractual clauses with our service providers to ensure they protect your information and to enforce legal transfers of data internationally.
Retention of Personal Information:
Agapé wants to make it easy for you to keep your personal information accurate and up to date. We will retain your information for the period necessary for the purpose for which it was collected.
Access to Personal Information:
You can help ensure that your contact information is correct by writing to email@example.com .
We will provide you with reasonable access to your data for any purpose including to check its accuracy or to have it deleted, so long as we do not need to retain it by law or for legitimate business purposes. We will process such requests within one month.
We may decline to process requests that jeopardise the privacy of others, or for which access is not otherwise required by law. Access, correction or deletion requests can be made to firstname.lastname@example.org .