Church Mission Society is dependent on the generosity, goodwill and faithfulness of individuals, and churches, to meet our charitable objectives. Building and maintaining truly mutual and fruitful relationships is central to our identity as an acknowledged community in the Church of England. Because of this we are committed to transparent, ethical and honest communication.
If you are unhappy with our work, whether that is about your data or anything else, please do not hesitate to contact us on firstname.lastname@example.org or call us on 01865 787419.
Church Mission Society (CMS) is registered with the Information Commissioner (ICO), registration number Z6100362. You can read more concerning our registration here, including a list of all data related activities that we have registered with the ICO.
If you use our website or any of our services or provide us with any personal information, we will point you toward this policy, so that you can be fully aware of how information about you might be used and disclosed.
What is personal data?
Personal data covers any information that enables us to identify you as an individual. This information could include, name, address, telephone number, email address, credit card details or bank details (submitted when making a donation).
Where do we collect personal data?
We only ever collect information we need to do our work, including data that helps us to improve what we do and how we do it. There are a number of places we collect data from. These are:
- Information you give us directly: We gather this information through specific activities, for example when you complete printed forms, telephone us or complete online forms on our website.
- Information you give us indirectly: For example when you give your data to third party websites, such as JustGiving or Give.net.
- Information we collect from your use of our websites: This information is collected using cookies, which helps us understand what information people are finding most valuable and make improvements to our websites.
- Information from third parties: For example we may receive information about you from a friend who books you onto an event or makes a donation in your name.
- Information from public sources: We may combine information you have provided with information from public sources. This helps us to get a better understanding of who our supporters are, and ensure we engage with you more effectively. This saves time and resources, and helps ensure we are as cost effective as possible.
We also make every effort to avoid collecting data from people under 16 years of age.
Sensitive categories of data
Data protection law recognises that certain categories of personal information are more sensitive than others, such as ethnicity, political opinions or health issues. We do not collect sensitive information unless there is a clear reason for doing so, such as your involvement in an event where knowing this information improves your safety and helps with your engagement. You may disclose sensitive information to a volunteer or member of staff for prayer, and they may make a temporary note as a reminder.
When we collect this data we will make it very clear why we are doing so and what the legal basis is for doing this.
- To make the websites function properly and give you a pleasant user experience
- To collect statistics (anonymously) about how people use our website, so that we can make improvements and report on our investment in digital resources
- To help deliver and measure the effectiveness of our online advertising via Google Adwords and Facebook
- To enable you to share material from our websites on social media (AddThis)
For more information about cookies and guidance on how to control them, visit the Information Commissioners Office (ICO) website.
How do we use personal data?
We use personal data in a variety of ways, such as sending you subscriptions of our publications, to process event bookings, provide you with information you have requested, record the contact we have had with you, or writing to you as a supporter of Church Mission Society.
All information that we hold concerning you will be held and processed by Church Mission Society in accordance with the provisions of data protection legislation.
We will respect your preferences to be included or not included in email mail-outs and postal mailings. Please do use the options within the emails to unsubscribe or contact us by email at email@example.com, by phone on 01865 787400 or by post at the address below.
We will also respect your preference for your photo not to appear in Church Mission Society publications. Please contact us to express this preference.
We will only keep your details for as long as necessary. For details of this please see our data retention policy.
Please be especially assured, we will not transfer your contact details to other charities or to other companies for their marketing purposes.
At Church Mission Society we are concerned to build positive and mutually beneficial relationships with our supporters and members. To do this we often tailor our communications to best meet the interests and motivations of both individuals and churches. To achieve a more tailored approach we may carry out desk and online research which involves reviewing publically available information such as news articles and business websites to better understand your interests.
You should also note that we may also use publically available information to ensure we comply with regulations regarding money laundering.
We may also use broader demographic and geographic data to better understand supporters ‘in the round’. All of this work is done to improve the experience supporters have of Church Mission Society.
Please do note that we do not undertake the practice of wealth screening.
When we share your data, and who we share it with
Except where detailed below we will not, without your consent, supply your contact details or other personal data to any third party outside Church Mission Society except where we are required to do so by law, or where the transfer is within the Church Mission Society group of companies (CMS, CMS Trust, SAMS, CMS House Enterprises Ltd).
There are other situations which mean that we do share your data, such as where it is necessary to do so to undertake our activities. For example, we may:
- transfer your name and address to a mailing house in order to send out mailings to you
- transfer your contact details to our email platform provider (dotmailer) in order to send out tailored emails to you
- transfer your name, address and the values of gifts that you have given us to HMRC in order to reclaim gift aid on your gifts
- transfer your name and contact details to conference centres if you are a supporter attending a CMS sponsored conference or event
- transfer your application and attainment details, with other academic bodies, if you are a student on one of our courses
- transfer your name and address to profile research organisations in order to get anonymous analysis of our supporters’ collective behaviour and identity – for example, average age or common interests
- transfer your name and address to research organisations so they can conduct personalised surveys or collect independent feedback on our performance, or their own views and opinions
- transfer your name, address and the values of gifts that you have given us to other organisations in the CMS family (specifically CMS-Africa, Asia CMS, CMS Australia, CMS Ireland, New Zealand CMS and SAMS USA), where your gift has been earmarked specifically for the ministry of mission personnel working for one of those entities.
If you are making a donation or payment with a debit or credit card via the Church Mission Society website, or by phone, we use two companies who are experts in their field to do this.
Please do note we really want to encourage members of the Church Mission Society Community to give consent allowing us to supply their contact details to other members of the community. We do this to encourage prayer for one another, fellowship, or arranging times to meet up. You can choose to share your address, phone number and/or email address to do this.
What is our legal basis for processing your data?
Within GDPR there are six legal bases for processing data. We rely on four of these to process your data, below we have highlighted the main activities we undertake that process personal data:
- We use a contractual basis for processing data relating to our online shop, or being a student on one of our courses.
- We rely on legitimate interest for a variety of purposes including sending you our publications, invitations to financially support our work, undertake desk research and thank you for your donation.
- We use consent to contact you by email or phone, which means we cannot contact you in these ways without your explicit permission. Every news, prayer or promotional email you receive (via our managed email platform) provides a clear and simply way to opt out, or unsubscribe, from future emails. These emails will also provide a way for you to amend which emails you receive.
- We use legal obligation as the basis for processing any legally required activities such as Gift Aid returns to HMRC.
It is the area of Legitimate Interest that might be of greatest interest to you. Legitimate Interest is about balancing the interests of CMS (furthering our own charitable objectives; inspiring and informing people about mission and resourcing those in mission) against your interests, rights and freedoms, and having careful and close regard to any reasonable expectations you might have about the use of your data.
Who has access to your information, and how is it kept safe?
We maintain a high level of security in relation to your data. All staff and volunteers of Church Mission Society undertake data protection training. We place a high value on ensuring personal data of any kind is kept securely. Also in accordance with our data protection policy, we report to our Board of Trustees any breach of the data protection policy, for accountability, monitoring and improvement.
If you contact us by phone to make a payment, or donation, by credit or debit card, only those staff authorised to process payments will be able to see your credit card details. Once the transaction is completed we do not store credit or debit card details.
Although the vast majority of data is kept within the EU, sometime it is necessary to send your data outside the European Economic Area (EEA). For example, on occasion we may share your data with a supplier who then holds this data on a server outside the EEA. By submitting your data to us you agree to this transfer, storing or processing at a location outside the EEA.
How long do we keep your data for?
We will hold your personal information on our system for as long as it is needed to fulfil the function for which we hold the data, or for as long as is required by law for the relevant activity. For more details of this please do look at our data retention policy.
Contacting us regarding your personal data
As an individual, you have a right under data protection legislation to obtain information from us, including a description of the data that we hold on you. Should you have any queries concerning this, please contact us at the address below.
You also have the right to amend or update the information we hold about you, change your communication preferences, withdraw your consent to use your personal information (where we have used consent as the legal basis for processing), and make a number of other changes to what data we hold on you and how we process it.
To contact us to make any changes call us on 01865 787400, email us on firstname.lastname@example.org or write to us at the address below.
Church Mission Society,
Changes to this policy
This version 3.1 - May 2018