Who we are and what this privacy notice covers
This privacy notice explains how Frontline Church (the data controller) may collect, process, protect and share personal data about you and the rights you have in relation to your personal data.  Please note that this notice relates to all our church and ministry activities, not just this website.
It is important that you read this privacy notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.
How we collect data
There are a number of ways that we may collect personal information about you. For example, when or if you:
  • Visit our website
  • Register your details and your family details, at frontline.churchsuite.co.uk or via an embedded form on our website
  • Make a donation, by completion of offering envelopes, text, via our website or electronic means
  • Register for a church event
  • Purchase a ticket for an event, including when you provide credit or debit card details
  • Provide your contact details, in writing or orally, to Church staff or volunteers
  • When you attend church services or participate in other Church activities
  • Communicate with the Church by means such as email, letter, telephone
  • Face to face meetings with staff and volunteers
  • Help with feedback or fill in a church survey
  • Complete a welcome card
  • Join a Community
  • Join a serving rota
  • Fill out a self-declaration form
  • Apply for a Disclosure and Barring Service (DBS) check
  • Are employed by the church

What data we might collect
  • Personal data, or personal information, means any information about an individual from which that person can be identified. We may collect, store or use different kinds of personal data about you as follows:
  • Identity Data includes first name, last name, marital status, title, date of birth and gender.
  • Contact Data includes address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments to and from you and other details of events or services you have purchased from us or gifts you have donated to us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Consent Data includes information relating to permissions, consents and your preferences in receiving marketing / communication from us.
  • Special Category Data includes details about your ethnicity, your health or your religious beliefs.
  • Safeguarding Data includes information about concerns or allegations and any investigation into those. It could also include information about criminal convictions, offences or allegations where this information has been provided in relation to Safeguarding.

How we use your personal data
As a church, we hold records of the people in our congregation, volunteers, guest and service users and use this information to coordinate church activities and to keep you informed of things happening in the life of the church.
We also collect and use information about our suppliers, contractors, and staff.  This information is used to manage and administer the church and to carry out our charitable purposes.  We will only use your personal data when the law allows us to. We will process your data on one or more of the following bases:
  • because it is necessary for our legitimate interests or your legitimate interests (our primary basis)
  • it is necessary for compliance with a legal obligation;
  • where we have your consent; or
  • if it is necessary for the performance of a contract (e.g. an employment contract or a contract to hire premises), or to take steps to enter into a contract.

Purposes for which we will use your personal data
We have set out below a description of the ways we plan to use your personal data.  Frontline Church collects and processes information so that we can:
  • Manage, administer and promote the life of the church
  • Administer financial transactions and donations
  • Administer our courses or events
  • Manage our website
  • Manage our volunteers and HR function
  • Where we need to comply with a legal or regulatory obligation

You have the right to withdraw consent to email or SMS communication at any time by clicking on an unsubscribe link in one of our emails to you, by emailing dataprotection@frontline.org.uk or speak to Hebe Ambler on 0151 733 3373

Specific information collecting and information on third parties
Where we use third parties to provide elements of our service and/or to process data on our behalf they are bound by law or contract to protect your personal data and only use it in accordance with our instructions. We only allow third parties to handle your personal data on the understanding that they will keep the information confidential. Whilst listing our most common third party service providers below we may on occasion use other third party service providers such as Surveymonkey, Dropbox or others.

Google Analytics
When someone visits www.frontlinechurch.org.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
For more information about how Google Analytics uses your data see their website. To opt-out of Google Analytics you can install their browser add-on.
Cookies and session tracking
Like many websites, Frontline Church uses tiny text files called ‘cookies’ to enhance your browsing experience. We do not identify you through the use of cookies.
Google – We use Google maps and analytics, both of these services use cookies which stay on your computer for varying lengths of time. View Google’s privacy policy
Vimeo – We embed videos from our Vimeo account on some pages. This cookie will only be downloaded if you visit a page which contains a Vimeo video. View Vimeo’s privacy policy
YouTube – Occasionally we may embed a YouTube video on our site. In these instances, the YouTube cookies will only be downloaded if you visit the page with the embedded video. View YouTube’s privacy policy

Visitors to our ChurchSuite website
We use a third party service, www.churchsuite.com  to facilitate much of our church management. We use ChurchSuite as our main contact database for people who are connected with us. Regular Attenders of Frontline Church will also receive a login to ChurchSuite where they can view and update the personal information we hold about them. ChurchSuite also use various cookies, their privacy policy can be viewed here. If you do not have a login to MyChurchSuite and would like one please email hebe@frontline.org.uk If you receive text message updates or rota reminders from us then these will be processed by Textlocal, their privacy policy can be viewed here.

People who subscribe to our E-newsletter
We use a third party provider, Mailchimp, to deliver our weekly e-news. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. This newsletter can be unsubscribed from at any time – just look for the link at the bottom of the email. For more information, please see Mailchimp’s privacy policy.

People who sign up for events run by Frontline Church
For events we run which require guests to sign up/purchase tickets, this will usually be done using ChurchSuite (see above). If you are already a supporter of Frontline Church then this event sign up will be logged against your profile in ChurchSuite. New contacts will be saved in ChurchSuite but kept separate from our general contact book. Any payments will be handled by a third party provider (usually Stripe), Frontline Church does not store or process any payment details.

People who fill in a Connect Card or Membership form on a Sunday
The paper card is held securely until it can be transferred to our digital system (ChurchSuite, their privacy policy can be viewed here), usually the next day, the paper copy is then shredded. We will use the information you have provided to contact you and connect you in with relevant/appropriate activities in Frontline.

People who register their kids for Frontline kids or youth work
The data is stored securely by ChurchSuite and only accessed by relevant staff and approved volunteers. We will only hold on to your data for twelve weeks from your last visit to Frontline – unless you choose to be added to the address book.
Visitors: As a visitor your data is kept separate from our address book and will be used only for the purposes of the check in system. We ask for: date of birth so they can be placed in the correct group; name of parent, medical info so that snacks, drinks etc are appropriate; and any additional needs to help us better look after your child.
Regular Attenders: For those who wish to attend regularly there is the option to add your children’s details into our Children’s address book in ChurchSuite. This gives you more control over your children’s data (including the ability to edit it) and allows us to more easily contact you in relation to children’s work activities.
More info about The check-in system: https://churchsuite.com/tour/children/church-child-check-in-system ChurchSuite security: https://churchsuite.com/tour/security
People who volunteer in Frontline kids and youth work
Volunteering in Frontline Kids work involves filling in an application form (for non-parent volunteers), a self-declaration form and, if a person is added to the team, they will then need to undertake a DBS check. We use a third party service called the Churches Child Protection Advisory Service (CCPAS) to complete these checks, their privacy policy is available here. Your application and references will then be stored securely for six months before being destroyed.
We will need to share your personal information with organisations such as HMRC, pension providers, payroll processors and other relevant organisations. We have confirmed that these organisations are compliant with GDPR and will inform staff of the full list of these third parties.

Imagine If Trust
Imagine If Trust is a charity founded from and run in close connection with Frontline Church and many of our members volunteer for or support IIT. Where our members have expressed interest in volunteering for IIT we may share their personal data with IIT for this purpose. Our e-news may also include information about Imagine If and its activities where we feel this would be of interest to those who attend the church.

Using your personal information to keep in contact with you
Frontline Church will use your contact information to keep in touch with you, for example providing updates on church life including news about events, services, courses and church news.
We will not contact you if you have asked us not to.
You can ask us to stop sending you communications or change your contact preferences through MyChurchSuite or by contacting us – email dataprotection@frontline.org.uk, speak to Hebe Ambler on 0151 733 3373.

How long will we retain your personal information?
Most personal information will be held only whilst you wish to maintain a relationship with us. Some data may be held longer for the purposes of satisfying any legal, accounting, or reporting requirements.

Confidentiality and security of personal information
The security of your personal information is of paramount importance to us and we use a wide range of technical and organisational security measures to safeguard it, including physical, electronic, and procedural controls.
Access to the Church Suite database is strictly controlled through the use of name specific passwords, which are selected by the individual. Those staff and approved volunteers authorised to use the database only have access to their specific area of use within the database. This is controlled by the Data Controller who is the only person who can access and set these security parameters. All access and activity on the database is logged and can be viewed by the Data Controller.
All our staff who have access to personal and/or confidential information are subject to confidentiality obligations and may be subject to discipline including termination if they fail to meet these obligations.
From time to time we may publish photographs or video, captured at church events and meetings, on our websites or social media to help publicise events or demonstrate church life.  We do not normally process personal information when using such content, but nonetheless want to provide you with the opportunity to object if you would rather not have images of yourself used in this way.  Please email Hebe hebe@frontline.org.uk or write to us to object.  We will ask for your explicit consent when displaying your name alongside any such content.
If you are a regular attender of the church we are able to provide you with access to the My ChurchSuite platform, available in “app” form or within a browser.  This will allow you to access your personal information and that of your children, keep it up to date and manage your privacy settings.  To receive access to My ChurchSuite simply email your request to hebe@frontline.org.uk and we will contact you with an invitation to set up your own secure account.

Your rights
Under Data Protection legislation, you have the right to request access to information about you that we hold. To make a request for your personal information contact Hebe Ambler dataprotection@frontline.org.uk
You have the right to:
  • Request access to your personal data
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data.
  • Object to processing of your personal data that is likely to cause, or is causing, damage or distress
  • Request restriction of processing of your personal data
  • Withdraw consent at any time where we are relying on consent to process your personal data.
For any further information around data protection, to make a request for your personal information or to exercise any of the above rights please contact Hebe Ambler - dataprotection@frontline.org.uk, 0151 733 3373
Frontline Church aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 30 days of receipt of a request.
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
If you would like to discuss anything in this privacy notice, please contact: Hebe Ambler – dataprotection@frontline.org.uk, 0151 733 3373