In 2018 a law around Data Protection and Processing came into place, meaning that churches now have a legal responsibility to ensure that they are keeping the data and personal information of individuals up-to-date and safe.
Managing trustees of Churches, Circuits and Districts have to annual complete a GDPR Annual Checklist to the best of their ability which ensures the Data Handlers for the Methodist Church (TMCP – Trustees for Methodist Church Purposes) that the Methodist Church is compliant.
This page provides links to the necessary forms needed for compliance as well as helpful resources to help individuals understand the GDPR Annual Checklist, and correctly fill it in.
What do I need to be Compliant?
- The Data Mapping form is a review of the personal information (data) relating to individuals that they collect and use. Once reviewed and recorded, the results then need to be kept up-to-date.
- Once this is completed, it just needs to be reviewed each year
- All Trustees must read an updated copy of the Managing Trustee Privacy Notice, and this must also be on a noticeboard/available to others to read
- This tells people how you process and deal with the data
- To help Managing Trustees keep the required records, the processor record has been created to help with compliance
- There is a template of a consents form on the TMCP website as linked above, however it is worth considering the 6 lawful bases. To find out more about this, click here
Helpful Resources
GDPR Guidance – Sheffield District
Check out this website (click HERE) for some helpful and realistic prompts to consider