Search

Type your text, and hit enter to search:
My Area REGISTER

Privacy Notice

Hoddesdon Baptist Church is committed to being transparent about how it collects and uses the personal data we collect about you and to meeting its data protection legal obligations.

The processing of data is governed by the Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), the Data (Use and Access) Act 2025 and other legislation relating to personal data and rights such as the Human Rights Act. The intention of this privacy notice is to provide you with sufficient information to understand our data processes.

Who Are We?

This notice is issued by the Trustees of Hoddesdon Baptist Church (the minister and deacons), Burford Street, Hoddesdon, Herts EN11 8HX, United Kingdom. The Trustees act as the data controller for your personal information.

What is Personal Data?


Personal data is any information about a living individual which allows them to be identified from that data (for example a name, photographs, videos, email address, or address) or in conjunction with any other information.  
 

How Do We Process Your Personal Data?


We will comply with our legal obligations to keep personal data up to date; to store and destroy it securely; to not collect or retain excessive amounts of data or store data for longer than is necessary; to keep personal data secure, and to protect personal data from loss, misuse, unauthorised access and disclosure and to ensure that appropriate technical measures are in place to protect personal data.

We use your personal data for any of the following purposes:
  • To deliver the Church’s mission to our community, and to carry out any other voluntary or charitable activities for the benefit of the public
     
  • To enable those who undertake pastoral care duties as appropriate
     
  • To enable us to meet all legal and statutory obligations
     
  • To carry out comprehensive safeguarding procedures (including due diligence and complaints handling) in accordance with best safeguarding practice
     
  • To administer church membership records and our Fellowship Directory
     
  • To administer church-run groups
     
  • To administer hall hire
     
  • To promote the interests of the church and charity
     
  • To respond to enquirers
     
  • To manage church volunteers
     
  • To maintain our accounts and financial records
     
  • To seek your views or comments
     
  • To send you communications which you have requested and that may be of interest to you
     
  • To process the application for a role
     
  • We may process sensitive personal data relating to members of the fellowship in order to carry out pastoral care, prayer ministry and recruitment


How Do We Collect Your Data?


Other than when we carry out safeguarding and recruitment checks, we only record and process personal information about you which you voluntarily provide to us. For example, safeguarding and criminal record checks are made through the Disclosure and Barring Service (DBS) and we will take up references from a third party as part of the recruitment process.
 

What Data Do We Process?

  • Names, titles, aliases, photographs, including names of person supervising an activity organised by a hall hirer
     
  • Contact details such as addresses, telephone numbers and e-mail address
     
  • Emergency contact details
     
  • Financial giving to the church, which includes financial identifiers such as bank account numbers, payment card numbers, payment/transaction identifiers.
     
  • For employees, the data may include any or all of the following: remuneration, bank account details, National Insurance number, entitlement to benefits such as pensions, insurance cover, information about entitlement to work in the UK and information about any criminal record; Details of days of work and working hours, attendance, periods of leave and the reasons for absence, details of any disciplinary or grievance procedures or any warnings issued related to performance and related correspondence; assessments of performance, including appraisals, performance reviews and ratings, performance improvement plans and related correspondence; Information about medical or health conditions, or disabilities and any reasonable adjustments made; and equal opportunities monitoring information including information about ethnic origin, sexual orientation and religion or belief.
     
  • Other operational personal data created, obtained, or otherwise processed in the course of carrying out our activities, including but not limited to IP addresses, logs of accidents, injuries, complaints and insurance claims.
     
  • The data we process is likely to constitute special category data because, as a church, the fact that we process your data at all may be suggestive of your religious beliefs. We may also process other categories of sensitive personal data: gender, racial or ethnic origin, marital status, mental and physical health, allergies, details of injuries, medication/treatment received, data concerning sexual orientation and criminal records.
     
  • Where they are relevant to our mission, or where you provide them to us, we may process demographic information such as gender, age, date of birth, marital status, nationality, past experience/education/work histories, academic/professional qualifications, employment details, hobbies, family composition, and dependants.
     

What Is The Legal Basis for Processing Your Personal Data?


Most of our data is processed because it is necessary for our legitimate interests. Examples of this include: assisting you in fulfilling your role in the church, providing pastoral support or for protecting children and adults at risk. We will always take into account your interests, rights and freedoms.

Some of our processing is necessary for compliance with a legal obligation. For example, HMRC requirements, if you give to the church via the UK Gift Aid Scheme or to comply with legislation relating to safeguarding young people or adults at risk or employment (e.g. regarding disability or equal opportunity legal obligations).

We may also process data if it is necessary for the performance of a contract with you, or to take steps to enter into a contract.  For example, a contract with those who hire the church facilities or employees.

Religious organisations are permitted to process information about your religious beliefs to administer membership or contact details.

Religious organisations are also permitted to process special categories of data in the course of legitimate activities with appropriate safeguards and on condition that the processing relates solely to the members, to former members or to people who have regular contact with us in connection with our purposes and that their personal data are not disclosed to outside bodies without their consent.

Where your information is used other than in accordance with one of these legal bases, we will first obtain your consent to that use. This includes permission to include personal data, including images, on our website or in our church newsletters.
 

Who has access to your data?


Only people appointed to specific roles within the church (for example, ministers, church secretary, treasurer, pastoral care team, church-run group leaders and church administrators) can access your data, and what they can see is limited to what they need in order to carry out their role.


Third Party Access

Circumstances where your data may be shared with a third party include:

  • If you donate money to us using the UK Gift Aid scheme, we will send details of those gifts to HMRC.
     
  • If you receive a salary, your information will be shared with Stewardship who process salary payments on our behalf.
     
  • Google Analytics collects standard internet log information and details of visitor behaviour patterns.
     
  • When you send an email to us, it bounces from server to server as it crosses the Internet. Along the way, server administrators can read what you send and we cannot ensure or guarantee that loss, misuse or alteration of data will not occur whilst data is being transferred. Email was not built for confidential information and is therefore not secure.

Third parties are legally obliged to store your data safely and for only as long as legally required before destroying safely, to only use the data for the purpose intended and not to share it with any other party.

We will not share your information with any other third parties without your permission unless we have a legal obligation to do so (e.g. to comply with our Safeguarding policy when you volunteer to work with children and/or vulnerable adults).


How Does The Church Protect Your Data?


We have no central church computer. Digital data is stored on computer devices held by and in the homes of church officials (ministers, trustees, church officers, leaders of church-run groups and church administrators). Data in paper form may also be stored in the homes of those same people.
To prevent unauthorised disclosure of your information, paper-based records are kept secure from unauthorised access when not in use. Electronic and portable memory devices are protected by encryption, passwords or equivalent security measures.
 

For How Long Does The Church Keep Your Data?


We will keep some records permanently if we are legally required to do so.  We may keep some other records for an extended period of time.

For example, it is current best practice to keep financial records for a minimum period of 6 years to support HMRC audits. Data concerning children’s attendance at events may be kept for 75 years. In general, we will endeavour to keep data only for as long as we need it. This means that we may delete it when it is no longer needed.

General requests received via our website are deleted as soon as they are dealt with which is usually within a few days but no longer than a month. Every six months checks are carried out to confirm that none have been overlooked. 

All records will be retained according to our Data Disposal Schedule, which is available on request by applying to the Church Secretary (See Contact details below).
 

What Are Your Data Subject Rights?


As a data subject, you have a number of rights. You can, for example:
  • Access and obtain a copy of your data on request
     
  • Require the Church to change incorrect or incomplete data
     
  • Require the Church to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing (unless retention is required for legal reasons) or you withdraw your consent, where consent was sought
     
  • Object to the processing of your data where the Church is relying on its legitimate interests as the legal ground for processing
     
  • Lodge a complaint with the Information Commissioner’s Office (see Contact details below).

On proof of identity, we will make reasonable and proportionate searches when someone asks for access to their personal information.
 

Transfer of Data Abroad


Any electronic personal data transferred to countries or territories outside the UK will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the UK. Our website is also accessible from overseas so on occasion some personal data (for example in a newsletter) may be accessed from overseas.
 

Contact Details


Please contact us if you have any questions about this Privacy Notice or the information we hold about you or to exercise all relevant rights, queries or complaints at:
  • The Church Secretary, Hoddesdon Baptist Church, Burford Street, Hoddesdon, Herts EN11 8HX United Kingdom
     
  • Email us
     
  • Phone Message: 01992 444720 (answerphone).

 
We will make every effort to respond to you within 7 days. We will acknowledge complaints within 30 days and respond to them without undue delay.
 
You can contact the Information Commissioner’s Office on 0303 123 1113 or via one of the other methods given on their Contact Us page at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
 

Review

This notice is effective from 7 August 2025. We will review it regularly and update it when necessary, so please check back from time to time.

 

Login

Planning your Visit

Sermons 


Listen Again Or Catch Up 

Did you miss a Sunday service or want to listen to a talk again? Find all our latest talks right here. 

Close This site uses essential cookies to operate. You can allow additional cookies for monitoring page visits. For more details see our cookies policy.