As you may be aware, the Data Protection Act 1998 will be replaced by the General Data Protection Regulation (GDPR) from 25th May 2018. The Hill Church (and its initiatives such as Matthew’s House) is a not-for-profit organisation. We are a registered charity in England and Wales, number 1151797. We a company by limited guarantee, number 08415396. Our correspondence address is PO Box 696, Swansea SA1 9PQ.
We generally communication via four common ways: email, phone, social media or post. You can choose your preferences using our communication software or via our respective websites. You can also email friends@matthewshouse.org.uk or hello@the-hill.co to change these at any time.
When you give us data you are entitled to know that we will use it for the purposes of The Hill Church, or if you provided it purely to do with Matthew’s House, then only for the purposes of Matthew’s House. You are entitled to have your data edited or removed. You can also make a complaint where necessary to our leadership or organisations like the Charity Commission.
We do not buy data, and therefore only have information of people or organisations who are connected to what we do. When we are provided with personal information we store it securely and manage access. People normally give us information, so we can stay in touch, maintain accurate communication records, rotas or for financial information e.g. gift aid, donations etc. When you visit our website, we collect non-personal data such as IP addresses, which pages people visit and which items they download. We do this to ensure our website is working properly and providing a good service.
We will process information legally and will store it in accordance with our legal obligations as a charity and company. We never sell, trade or rent your personal information to anyone. We only disclose personal data to data processors carrying out work on our behalf under a clear non-disclosure condition. Any such companies are acting as approved data processors for us, and they may only use this information to perform functions as instructed by us. They are required to destroy the information once the function for which it has been transferred has been carried out. We may need to pass on information if required by law or a regulatory body, like HMRC. We will keep your data in line with these requirements.
We are committed to keeping your data safe and sound! We use reliable, proven security protected and coded software to manage our activities and look after any information you provide us. However, despite all the security and protection we put in the place, the internet is not 100% secure and when you submit data to us, it is always at risk. Please do not be alarmed though. We use encrypted and secure forms and solutions. These are monitored and managed professionally.
You can ask us if we are keeping any personal data about you and can request to receive a copy of that personal data – this is called a Subject Access Request. To make a Subject Access Request you will need to provide adequate proof of identity such as a copy of your passport, birth certificate or driving licence before your request can be processed. Subject Access Requests should be made to the address stated above.
We may make changes to this Privacy Policy from time to time. Any changes made will be posted to this page. This privacy notice was last updated on 25 May 2018.