St Mary's Cathedral, as a Parish of the Diocese of Aberdeen, complies with the Diocesan Data Protection Policy which can be accessed in full here: https://www.rcda.scot/data-protection-policy/
Below are some specific details relating to the Cathedral’s use of your personal information in the ChurchSuite program.
Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data.
Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).
Who are we?
In accordance with the GDPR regulations and Diocesan structures, the parish of St Mary’s Cathedral is not a Data Controller. The Diocese of Aberdeen remains the sole Data Controller, even where the processing of information is carried out by its curial offices, parishes, departments, or agencies of the Diocese.
How do we process your personal data?
St Mary’s Cathedral complies with its obligations under the GDPR regulations by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
The ChurchSuite program is now one of the main ways in which we hold this personal data safely & securely.
We use your personal data in ChurchSuite for the following purposes:
Sharing your personal data
- To administer our parish records
- To manage our parish ministries and contact existing volunteers
- To maintain our own accounts and records (including the processing of gift aid applications)
- To inform parishioners of news, events, activities, Masses and services at St Mary’s (You can opt-out of these communications in the consent link to if you wish.)
Your personal data will be treated as strictly confidential and will only be shared with clergy, employees, or office volunteers within the parish in order to process a specific request of yours, to help us to carry out a particular ministry, or for other specific purposes connected with the Cathedral’s administrative and pastoral ministries.
We also share information with the Diocese of Aberdeen through the diocesan office when necessary in their capacity as our data controller and as they administer our Gift Aid scheme.
We will only share your data third parties outside of the Parish or Diocesan Office with your prior consent.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following main rights with respect to your personal data. This list is not exhaustive, and the full list of your rights can be found in the Diocesan policy linked above, and in the GDPR Legislation. These rights include:
- The right to request a copy of your personal data which St Mary’s Cathedral holds about you in ChurchSuite.
- The right to request that St Mary’s Cathedral corrects any personal data in ChurchSuite if it is found to be inaccurate or out of date.
- The right to request that the personal data we hold in ChurchSuite is erased where it is no longer necessary for St Mary’s Cathedral to retain such data.
- The right to withdraw your consent to the processing of your information in ChurchSuite at any time
- The right to lodge a complaint with the Information Commissioners Office.
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
For any queries, or complaints, in the first instance please contact Fr Keith at email@example.com, or through St Mary’s Cathedral office on 01224 640160.