Privacy Notice Open Presbytery Webinars - Legacies of Slavery Apology
Privacy Notice Open Presbytery Webinars - Legacies of Slavery Apology
The Church of Scotland Equality, Diversity and Inclusion Group of the Assembly Trustees (EDI Group) is providing you with this information to comply with data protection law and to ensure that you are fully informed and we are transparent in how we collect and use your personal data.
Who is collecting the information?
The Church of Scotland EDI Group is the Data Controller. We have an appointed Data Protection Officer (DPO), Alice O'Sullivan, who can be contacted by emailing: Privacy@churchofscotland.org.uk
Why are we collecting it and what are we doing with it (Purpose)?
We will be collecting your personal data in order to allow you to sign up to attend the Presbytery information sessions relating to the Church's forthcoming legacies of slavery apology and receive the Microsoft Teams link. This event will allow those in Presbyteries who have not attended an individual Presbytery event on this topic to share their views and participate in the learning from the ecumenical pilgrimage to Jamaica in 2023.
What personal data do we collect?
We will collect basic personal data including names and email addresses and which presbytery you will be representing. As this is an event for presbyteries, by default we will collect special category personal data revealing religious or philosophical beliefs.
How are we collecting this information? What is the source?
We will collect the information from you directly when you register for the event or from the Presbytery that nominated you to attend this event.
The lawful basis for the processing
The lawful basis for processing for this purpose is UK GDPR Article 6(1)(a) "the data subject has given consent to the processing of his or her personal data for one or more specific purposes".
For the processing of special category data, the lawful basis is UK GDPR Article 9(2)(d) "processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition that the processing relates solely to the members or to former members of the body or to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects".
Who we share the information with:
This data is shared between members of Church of Scotland Central Services staff and members of the EDI group, as the data controllers. The data processors are Microsoft as we use MS Teams to hold the webinar, this data is stored within the UK and there is an appropriate contract in place.
Details of data transfers to any third countries or international organisations
As the International Presbytery will be invited to attend the events there will be a transfer of personal data from the International Presbytery to the National Offices. This will be in a secure process with appropriate safeguards in place.
How long do we hold the personal data?
The data is held only for the purposes of sending joining details of the webinar and will be deleted immediately following the event following church procedures.
Do we use automated decision making processes, including profiling?
The Church does not process data in this way.
Individuals' rights in relation to this processing
Individuals have a number of rights under data protection laws. These are detailed here. Not all rights are absolute and some only apply in relation to the lawful basis for processing. For this purpose, the only right which does not apply is the Right to Object. All other rights apply.
If you want to exercise any of your rights please contact the Church, you can email the DPO at Privacy@churchofscotland.org.uk or make the request verbally. The Church will process your request accordingly and respond without undue delay and within one calendar month. It may be necessary prior to the request being processed that the Church will require proof of identity. This is required to ensure an individual's personal data is not disclosed to an unauthorised individual.
As the processing is consent, it's important to note that you can withdraw your consent at any time. To do this please contact EDI@churchofscotland.org.uk who will process your request accordingly.