This will be a practical session working with the guidance published by the Church of England on the new General Data Protection Regulation (GDPR) to help you understand it and adapt it for use in your parish.
Contents to include:
What is a Data Subject?
Data Audit (practical session)
- What data does your parish hold?
The six reasons for holding data (practical session)
- Consent – freely given, can be withheld without detriment
- Necessary to fulfil contract
- Legal obligation
- Legitimate interest – needed for performance of main business
- Needed to protect vital interests
- Legal power/ public function
- What do they need to say?
- Where do they need to be displayed?
Data Collection forms
- When is consent needed?
- Special Concerns: sensitive data
- Policy and procedures