In 2018 the General Data Protection Regulations (GDPR) replaced the Data Protection Act (DPA 1998). Brexit has not made a material difference to the regulations.
While the GDPR contains all the same principles as the DPA, there are some additional requirements, in particular regarding the need to obtain proper consent to retain personal information about a living individual. In addition the regulations increase the rights of an individual in respect of how their data is kept and includes the right to be “forgotten”. Read more on the differences here
You will be able to get a good overview of the GDPR requirements by reading the documents on this page. The templates at the end – particularly the Audit Form, the Privacy Notice and the Consent Form – will help make your parish compliant to the GDPR requirements.
Explore these pages for more:
- The Eight Rights of Individuals under GDPR
- The Six Lawful Bases under GDPR
- GDPR terms and what they mean
- GDPR FAQs
GDPR Training
Parish Buying has negotiated discounted rates on GDPR training with provider Me Training. Each course costs just £10 and there are five levels, ranging from Basic to Advanced. You can book through Parish Buying by following this link. (Free registration is needed.)
Templates
You might find these templates useful for your parish GDPR admin:
- Privacy Notice
- Retention Policy
- Audit Form
- Consent Form
- Churches’ CCTV Policy template and the accompanying Guidance for churches which have a camera surveillance system installed
Last Updated
14 Mar 2024 – updated Churches’ CCTV Policy Template V.2.0