Privacy Policy

Rattlesden Baptist Church   Felsham Road, Rattlesden, Bury St Edmunds, Suffolk IP30 0SF  Tel: 01449 737650

Church Administrator:  Heather Waters.                            



  1. Rattlesden Baptist Church is committed to processing all personal data safely, fairly and lawfully. Under the new guidelines of GDPR, Rattlesden Baptist Church is the Data Controller and the Church Administrator is the Data Processor. Rattlesden Baptist Church does not own a church computer for the purposes of personal data storage. The Church Administrator holds limited personal data on a private computer for the purposes of producing a Church Congregation Contacts List annually and for maintaining registers for children’s and young people’s work. The Church Treasurer holds limited personal data for the purposes of contract work.
  1. Rattlesden Baptist Church does not currently have any employees.
  1. Personal data is held by the church for several reasons:                                  a) For the lawful purpose of discharging our legal obligations.                    b) For the safeguarding of children (e.g. to facilitate speedy contact with parents/guardians and/or a named medical professional should the need arise).                                                                                                                                   c) For compiling an annual Church Congregation Contacts List.
  1. All personal data held for an individual is freely available to that individual upon request. In the case of children, the information is available to the individual’s parents or guardians unless a court order exists whereby this information may only be divulged to specific named parties . Every individual has the right to rectification and erasure of their personal data, the right of data portability, the right to object to any information held and the right not to be subject to automated decision-making, including profiling.
  1. All personal data held by Rattlesden Baptist Church has been:                   a) Supplied freely by the individuals whose information is held or by their parents/guardians where the individual is a child/young person (a registration form is completed for all children’s and youth club attendees), or                                                                                                                             b) Supplied in matters of child safeguarding by appropriate third parties e.g. Child Safeguarding Officer, Police, Social Workers. In such cases the data will be held in secure files by the appropriate officer.
  1. All personal data regarding children and young people that has been supplied by parents/guardians is held in paper form in a file in a secure, locked cupboard. Spare copies of the Church Congregation Contacts List are also kept in a locked cupboard. A list of current attendees at Sunday School, Crossroads Club (primary school age children) and Youth Club is held in paper form in a locked cupboard and on the personal computer of one Youth Leader and/or one Sunday School teacher for the purposes of printing a weekly register. The attendee lists are reviewed and revised on an annual basis. After non-attendance of twelve months the information is eradicated. In the event of any new use of an individual’s personal data, this will be brought to the individual’s attention and discussed prior to implementation.
  1. Rattlesden Baptist Church does not disclose any personal data to third parties other than in the matter of child safeguarding as paragraph 5 b).

8. In compliance with GDPR, in the unlikely event of a data breach (personal data being seen by a person not entitled to see it or data being misplaced/lost) Rattlesden Baptist Church will notify the Information Commissioner’s Office (ICO) of the full details within 72 hours.