This will be a practical session working with the guidance published by the Church of England on the new General Data Protection Regulation (GDPR) to help you understand it and adapt it for use in your parish.
Contents to include:
What is a Data Subject?
Data Audit (practical session)
What data does your parish hold?
The six reasons for holding data (practical session)
Consent – freely given, can be withheld without detriment
Necessary to fulfil contract
Legitimate interest – needed for performance of main business
Needed to protect vital interests
Legal power/ public function
What do they need to say?
Where do they need to be displayed?
Data Collection forms
When is consent needed?
Special Concerns: sensitive data
Policy and procedures