THE VINE MAIDSTONE

DATA PROTECTION PRIVACY STATEMENT

Approved by the Trustees of the Vine: July 2021

Reconfirmed: May 2023, May 2024 and July 2025

This privacy policy covers the way in which the Vine will collect, use and disclose personal

information that elders, trustees/directors, fellowship members, employees, volunteers, donors

and other people associated with us may provide. Data Protection legislation allows us to process

this information where we regard it as being in the church’s legitimate interest or where there is a

legal or regulatory requirement.

The Vine recognises the importance of privacy and security of personal information and this policy

outlines the way in which information is collected and handled. The Vine is registered with the

Information Commissioner’s Office (ICO) and strives to comply fully with data protection law

applying in England and Wales. Individuals’ rights, as defined by the General Data Protection

Regulation (GDPR) and the Data Protection Act 2018, will be respected.

Why the Vine retains personal data

 Personal data, which is supplied to the Vine in writing or electronically by individuals, is

retained for the purpose of communicating to and within the fellowship of the Vine and for the

preparation of such as rotas, room bookings and training records. Personal data will be used to

advise people of church services and other church related events.

 Personal data is also retained where there is a need to do so for law or regulatory reasons

(e.g. employment, payroll, safeguarding) or where there is need to process donations

(including gift aid claims) or payments.

 Specific consent is sought for collection, storage and use of personal data unless there is an

alternative legal or regulatory basis as defined by the GDPR and associated law.

What personal data is kept by the Vine?

 Personal information includes any information that identifies an individual, such as name,

address, e-mail address or telephone/mobile number.

 If information in addition to this is retained, the purpose will be made clear and prior consent

will be sought unless the purposes are a requirement of legislation or regulation (e.g.

employment, payroll, safeguarding) or to process individual donations to the Vine and any

associated gift aid claims.

 Forms used within the Vine requesting or requiring personal data will have consent clauses

(and tick boxes) together with an appropriate data collection related clause.

Where the personal data is stored?

 Personal data is stored electronically principally using Church Suite (a UK cloud hosted, web-

based church management system). This system is administered by approved Vine individuals.

 Personal data stored other than using Church Suite is in paper (locked filing) or electronic

(password protected laptops, PCs and software) form. Such data is only accessible to those

approved by the Vine and can only be used for the purpose intended.

How the personal data is used

 Personal data is used to administer the Vine and to communicate within the fellowship.

 Basic information on Church Suite will be shared within the fellowship to facilitate

communication between people and groups but individuals have the freedom to change

information or tailor privacy preferences for themselves and their families.

The Vine Maidstone, Boughton Lane, Maidstone, Kent, ME15 9QF

Data Protection Officer: dataprotection@thevineuk.net

Charity Number: 1152669. Company Number: 08476230

 Information will not be forwarded outside the Vine unless there is a requirement by law,

regulation or public duty or unless there is prior consent.

 Every reasonable effort will be made to ensure that personal data is up-to-date and accurate.

 Personal data is also used for specific purposes such as safeguarding records, employment,

gift aid claims, etc.

How long personal data will be retained?

 Personal data normally will be retained by the Vine for up to twelve months after a person has

ceased to be a regular member of the church fellowship unless there is a requirement by law

or regulation for it to be held longer.

Your rights

 Any individual has the right to request what information is stored about them at the Vine.

Requests should be addressed in writing to the data protection officer, via the church office or

via the e-mail address listed below. Responses will be consistent with ICO guidelines.

 Any individual has a right to refuse consent for their information to be retained by the Vine,

and to be deleted, unless continued retention is required by law or regulation.

Breaches

 Should a data breach occur and personal data be lost, misused or inadvertently and

mistakenly revealed, the individual or individuals concerned will be informed, an internal

breach form will be completed and be advised to the Trustees and, if required, the matter will

be logged with the ICO. Procedures will be adjusted if considered necessary.

Data Protection Privacy Policy

 This data protection privacy policy will be reviewed periodically – at least annually. If there are

any changes, a revised copy will be uploaded to the Vine’s website and will be advised to

individuals where current data is retained.

registered charity number: 1152659

registered company number: 8476230

THE VINE HEALTH AND SAFETY POLICY

CHILD SAFEGUARDING policy

VULNERABLE ADULTS SAFEGUARDING POLICY

01622 746839
boughton lane, loose, maidstone, kent, me15 9qf