MORNINGSIDE UNITED CHURCH
  • Home
  • About Us
    • The Link Newsletter
    • Gallery
    • Staff
    • Our Story
    • Why are we United?
    • Financial Reports
  • Contact Us
  • What´s On?
    • Calendar
    • Services >
      • Communion
      • Pray >
        • Why Pray?
        • Prayer for the Congregation
    • Eric Liddell Centre
    • Christian Aid: Holy Corner Booksale
    • Coffee morning
    • Youth Choir
    • Book Group
  • Event Venue
    • Hall Lettings
    • Weddings
    • Baptisms
    • Renewal of Vows
    • Funerals
  • DONATE
GDPR documentation
Information for staff and members with access to church personal data
Guidance document 
Guidance for staff and members with access to church data
Policies and Consent forms publicly available
Consent form 1, form 2, form 3, form 4 – these are needed because consent is necessary for collecting certain types of data  
The following 3 documents are on the Governance page of this site. 
 
Privacy Notice – this is a public document which describes what data we hold and why we do so.
Data Protection Policy – this is a public document which provides an overview of the responsibilities required for GDPR compliance – this is from the Church of Scotland website
Data Retention Policy – how long to keep certain documents – this is from the Church of Scotland website
Policies for internal use only
Information Security Policy – this covers physical, computer and network security
Records Management Policy – a reminder of the need to consider business continuity in the event of a disaster

Information for the Kirk Session
​​Guidance document
Guidance for the Kirk Session
Documents describing our data
Data Model and Audit – this is the starting point and describes the flow of personal information into and out of the church. This needs to be updated if we engage in new processing.
Data controller documentation 1 – this describes all our processes and suggested justification for lawful bases chosen for each one. It includes legitimate interests assessments. Note that the lawful bases should not be changed.
Documents based on the ICO’s checklists
Data controller documentation 2 – this is a description of an individual’s rights. Note however that a subject access request should be referred the Presbytery in the first instance
Data controller documentation 3 – this is needed to meet data protection criteria – how data is collected eg lawfully, fairly etc
Data controller documentation 4 – this is needed to meet information security criteria – how data is kept secure – physically and electronically
Data Protection Principles – this describes the 6 principles a) to f) and provides checklists to ensure compliance
Information Security documentation – provides a checklist and a reminder of our legal obligation to carry out testing of the security of our systems

Powered by Create your own unique website with customizable templates.
  • Home
  • About Us
    • The Link Newsletter
    • Gallery
    • Staff
    • Our Story
    • Why are we United?
    • Financial Reports
  • Contact Us
  • What´s On?
    • Calendar
    • Services >
      • Communion
      • Pray >
        • Why Pray?
        • Prayer for the Congregation
    • Eric Liddell Centre
    • Christian Aid: Holy Corner Booksale
    • Coffee morning
    • Youth Choir
    • Book Group
  • Event Venue
    • Hall Lettings
    • Weddings
    • Baptisms
    • Renewal of Vows
    • Funerals
  • DONATE