How Grace Church Manchester (“we”) use your information as a data controller
Your privacy is important to us. We are committed to safeguarding the privacy of your information.
It is important that you read this privacy notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.
Why are we collecting your data?
We collect personal data to provide appropriate pastoral care, to monitor and assess the quality of our services, to fulfil our purposes as a church and to comply with the law regarding data sharing. In legal terms this is called ‘legitimate interests’. Some of our processing is necessary for compliance with a legal obligation. Retaining safeguarding records and gift aid declarations are examples of this. When it is required, we may also ask you for your consent to process your data. We do not share your information with others except as described in this notice.
We collect and use your information to
- Enable us to meet all legal and statutory obligations
- Carry out comprehensive Safeguarding procedures (including due diligence and complaints handling) in accordance with best safeguarding practice from time to time with the aim of ensuring that all children and adults at risk are provided with safe environments
- Minister to you and provide appropriate pastoral and spiritual care including through Life Groups
- Fulfil our purposes as a church and deliver our Church’s mission to the community
- Comply with the law regarding data sharing
- Enable us to follow up membership, course and event enquiries
- Administer our membership records of adult and child members, friends and regular attenders
- Fundraise and promote the interests of the Church and charity
- Process and record financial donations that you have made (including Gift Aid information)
- Send you communications such as our weekly news email and information about our activities and church ministries that may be of interest to you
- Operate team rotas for the effective function of the church and Sunday services
- Recruit, support and manage our employees and volunteers
- Respond effectively to enquirers
- Maintain our own accounts and records
- Promote and include others in our services through photographs, sound recordings, video recordings and live website streaming of service and selected events
- Update you about changes to our services, events, role holders and any matters of interest related to the church community
- Reimburse you using financial identifiers for ministry expenses occurred on behalf of the church or if we provide a direct service to you e.g. you purchase a ticket for a church event
The categories of information that we may collect, hold and share include:
- Personal information (such as name, photos, telephone number, address, email address, date of birth, marital status)
- Characteristics (such as gender, ethnicity, language, nationality, country of birth)
- Special categories of personal data (such as your religious beliefs)
How do we process your personal data?
The controllers will comply with their legal obligations to keep personal data up to date; to store and destroy it securely; to not collect or retain excessive amounts of personal data; to keep personal data secure; and to protect personal data from loss, misuse, unauthorised access and disclosure and to ensure that appropriate technical and organisational measures are in place to protect personal data.
Storing your data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
We hold your data for varying lengths of time depending on the type of information in question but in doing so we always comply with Data Protection legislation. Details of retention periods are available in our retention policy which you can request by contacting us at
Security of your data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees or trustees who need to know. They will only process your personal data on our instructions.
We have put in place procedures to deal with any suspected personal data breach and will notify you and the ICO where we are legally required to do so.
Who do we share your information with?
We will not share your information with third parties without your consent unless the law requires us to do so.
Your rights and personal data
You have the following rights with respect to your personal data:
When exercising any of the rights listed below, in order to process your request, we may need you to verify your identity for your security. In such cases we will need you to respond with proof of your identity before you can exercise these rights.
- The right to access personal data we hold on you. At any point you can contact us to request the personal data we hold on you as well as why we have that personal data, who has access to that information and where we obtained the personal data from. Once we have received your request we will endeavour to respond within one month.
- The right to correct and update the personal data we hold on you. If the personal data we hold on you is out of date, incomplete or incorrect, you can inform us and your personal data will be updated.
- The right to have your personal data erased. If you feel that we should no longer be using your personal data or that we are illegally using your personal data, you can request that we erase the personal data we hold. When we receive your request we will confirm whether the data has been deleted or the reason why it cannot be deleted (for example because we need it for our legitimate interests or regulatory purposes).
- The right to object to the processing of your personal data.You have the right to request that we stop processing your data. Upon receiving the request we will contact you and let you know if we are able to comply or if we have legitimate grounds to continue to process your personal data. Even after you exercise your right to object, we may continue to hold your personal data to comply with your other rights or to bring or defend legal claims.
- The right to data portability. You have the right to request that we transfer some of your personal data to another controller in certain circumstances. We will comply with your request, where it is feasible to do so, within one month of receiving your request.
- The right to withdraw consent to the processing at any time for any processing of personal data to which consent was sought. You can withdraw your consent easily by telephone, email or by post (see contact details below).
- The right to object to decisions being taken by automated means.
- The right to lodge a complaint with the Information Commissioner’s Office.
Changes to this notice
We keep this Privacy Notice under regular review and we will place any updates on our website. If we make significant change we will notify you. This Notice was updated in November 2023.
Contact Details
Please contact us if you have any questions about this Privacy Notice or if you would like further details on how your information is used, how we maintain the security of your information and your rights to access information we hold on you, please contact:
The Data Protection Officer
Address: Grace Church Manchester, 247a Wilmslow Road, Manchester, M14 5LW
Telephone: 0161 826 1160
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
Cookies
We use cookies on our website. By using our website you agree to this Policy and you consent to our use of cookies in accordance with the terms of this Policy.
About Cookies
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
There are two main kinds of cookies: “session” cookies and “persistent” cookies. Session cookies only last for the duration of users using the website and are deleted from your computer when you close your browser, whereas persistent cookies outlast user sessions and remain stored on your computer until deleted, or until they reach their expiry date.
Cookies on this website
We use both Session Cookie and Persistent Cookies on this website.
Generally, we use cookies to help us administer this website, to improve the website’s usability and for marketing purposes. We may also use cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to user needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not.
Cookies do not contain any information that personally identifies you, a cookie in no way gives us access to your computer or any information about you.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Cookie Name | Cookie Category | Description | Duration |
wordpress_ | 2 | WordPress cookie for a logged in user. | session |
wordpress_logged_in_ | 2 | WordPress cookie for a logged in user | session |
wordpress_test_ | 2 | WordPress cookie for a logged in user | session |
wordpress_test_cookie | 2 | WordPress test cookie | session |
wp-settings- | 1 | WordPress also sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. | 1 year |
wp-settings-time- | 2 | WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. | 1 year |
PHPSESSID | 1 | To identify your unique session on the website | session |
SESS | 1 | To ensure that you are recognised when you move from page to page within the site and that any information you have entered is remembered. | session |
Third-party cookies
We also use third party cookies to analyse the use of this website and improve its performance.
For this purpose we use Google Analytics. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. Google will store and use this information. Read Google’s privacy policy. Find out more about Google Analytics opt out.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies.