Struthers Memorial Church (“the Church”) is committed to protecting your personal information and being transparent about how we use it. This Privacy Notice explains what data we collect, how we use it, how we keep it safe, and your rights under UK data protection law. 

​

This notice applies to anyone who attends our services or events, joins our activities, supports the Church, volunteers with us, works for us, or otherwise interacts with our ministries across all branch churches. 

​

If you have any questions, please contact data.protection@struthers-church.org. 

​

1. Who We Are 

 

Struthers Memorial Church is a company limited by guarantee incorporated in Scotland. It is also a registered Scottish Charity No. SC006960. We are a Christian church with branches across the UK. 

​

The Data Controller is the Church’s Board of Directors. 

​

Each church branch has a Data Protection Champion, and the Church appoints a Data Protection Lead to oversee data protection across all locations. 

​

​

​

2. Personal Data We Collect 

​

We collect different types of personal data depending on your relationship with the Church: 

​

General Contact & Membership Information 

 

* Name, address, email address, phone number 

 

Children’s & Youth Activities 

 

* Child’s name, age, emergency contacts 

* Medical/dietary information 

* Parental/guardian consent forms 

 

Events & Activities 

 

* Registration details 

* Medical or dietary information 

 

Gift Aid & Financial Giving 

 

* Name, address, taxpayer status 

* Bank details for giving 

* Donation records 

 

Staff & Volunteers 

​

* Contact details, role information 

* Payroll and HR information 

* PVG / safeguarding checks and related records 

 

Photography, Video & Livestreaming 

​

* Images or video in recorded or livestreamed services 

* Social media content where applicable 

 

Safeguarding 

​

* Records of concerns, reports, and investigations 

* Special category data needed for protection of children and vulnerable adults 

 

3. How We Use Your Data 

 

We use personal data to: 

​

* Communicate with attendees 

* Run services, ministries, youth groups, Sunday schools, conferences, camps, and other events 

* Provide pastoral care 

* Organise volunteers and rotas 

* Manage church administration and operations 

* Process financial giving and Gift Aid 

* Maintain safeguarding and meet legal obligations 

* Manage livestreamed services and media content 

 

We do not use your data for purposes incompatible with these. 

​

4. Legal Bases for Processing 

​

We rely on the following legal bases: 

​

Legitimate Interests 

​

Used for: 

​

* Congregational communication 

* Church administration 

* Pastoral care 

* Safeguarding 

* Volunteer and staff management 

 

We rely on the lawful basis of legitimate interest under Article 6(1)(f), and for special category data such as religious belief, we process it under Article 9(2)(d) — processing carried out in the course of our legitimate activities as a not-for-profit body with a religious aim. 

​

Legal Obligation 

​

Used for:

 

* Safeguarding and child protection 

* Gift Aid, tax and financial requirements 

* Employment and charity law 

 

Consent 

​

Used for: 

​

* Certain communications 

* Some event and activity forms 

* Media involving children 

* Use of specific medical information 

 

You may withdraw consent at any time by emailing data.protection@struthers-church.org. 

​

5. Photography, Livestreaming & Social Media 

 

Some services and events may be livestreamed, photographed or recorded and posted to public platforms such as Instagram or other social media accounts. 

​

* Livestreams focus on service leaders. 

* Others may appear in the background. 

* Notices will be displayed where livestreaming, photography or recording is taking place. 

* Livestream recordings are typically available online for up to 12 months. 

 

If you prefer not to be visible on camera, please speak to the branch minister, event organiser or Data Protection Champion. 

 

6. Website and Cookie Information 

 

Our church websites collect limited technical information to ensure the site works effectively and to help us understand how visitors use it. This may include your IP address, browser type, device information, and pages visited. 

​

Cookies and Similar Technologies 

 

1. Essential Cookies 

​

These are required for the site to function and cannot be disabled. 

​

2. Analytics Cookies (Google Analytics) 

​

Some branch websites use Google Analytics to understand website usage and improve content. These cookies only run with your consent via our cookie banner. 

​

Google Analytics may collect: 

​

* IP address (anonymised where configured) 

* Device/browser details 

* Interaction data (pages viewed, time spent) 

 

3. Third-Party Cookies (Google Maps, Media Embeds) 

 

Our websites may include embedded content such as: 

* Google Maps 

* YouTube videos/livestreams 

* Social media feeds 

 

These services may set their own cookies or collect data as if you visited their platforms directly. 

​

Cookie Banner & Consent 

​

Where analytics or non-essential cookies are used, you can: 

​

* Accept all cookies 

* Reject non-essential cookies 

* Adjust your preferences at any time 

 

Managing Cookies 

​

You can delete or block cookies through your browser settings. Rejecting non-essential cookies may affect the display of embedded features like maps or videos. 

​

7. How We Store and Protect Your Data 

 

We store personal data securely using: 

​

* Google Drive with restricted access 

* Data Developments for Gift Aid and finance 

* Secure digital systems with access controls, passwords, and role-based permissions 

* Secure handling and rapid destruction of paper forms 

* Data Protection Impact Assessments (DPIAs) for high-risk activities 

 

Access is limited to those who need it for their role. 

​

8. Sharing Your Data 

​

We only share personal data: 

​

* Where required by law 

* With service providers who support church operations (e.g., Google, Data Developments) 

* With safeguarding bodies such as Disclosure Scotland 

* When necessary to protect a child or vulnerable adult 

* Where we have a lawful basis and legitimate interest 

 

We do not sell personal data. 

​

Some systems involve international data transfers (e.g. Google Drive). These are protected by legally approved safeguards such as UK Standard Contractual Clauses and the EU–US Data Privacy Framework. 

​

9. How Long We Keep Your Data 

​

We only collect the data we need for each specific purpose and keep it no longer than necessary. We follow the Church’s retention schedule: 

​

* Event forms (incl. children’s medical info): 1 year after event 

* Attendee contact records: while attending + 3 years 

* Gift Aid and financial records: 6 years 

* Staff/volunteer records: while in role + 3 years 

* Complaints: 6 years 

* Safeguarding records: 75 years 

* Livestream recordings/social media posts: 12 months 

 

10. Your Rights

 

You have the right to: 

​

* Access your personal data 

* Correct inaccurate information 

* Request deletion (in specific circumstances) 

* Object to certain types of processing 

* Withdraw consent 

* Restrict processing (where appropriate) 

* Raise concerns with the Information Commissioner’s Office at www.ico.org.uk 

 

To exercise your rights, email data.protection@struthers-church.org. 

​

11. Data Breaches 

​

If a breach occurs, the Data Protection Lead will: 

​

* Investigate immediately 

* Log the incident 

* Report serious breaches to the ICO within 72 hours 

* Notify affected individuals where required 

* Implement improvements to prevent recurrence 

 

12. Contact Us 

​

For questions about this notice or to make a Subject Access Request: 

​

Email: data.protection@struthers-church.org