Privacy Policy

(last update 21/9/2021)

Purpose of this Privacy Policy

This privacy policy is for the ChurchBuilder product served by Concordant Systems Ltd and governs the privacy of its users who choose to use it.

The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users and Concordant Systems. Furthermore, the way ChurchBuilder processes, stores and protects user data and information will also be detailed within this policy.

ChurchBuilder

This web application and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users. ChurchBuilder complies with all UK national laws and requirements for user privacy.

USE OF COOKIES

ChurchBuilder uses session cookies to ensure that the system works consistently as a user navigates around it. This cookie is not left on the visitor’s computer when they leave the site.

Some churches may choose to add Google Analytics or other tracking mechanisms to their site which do leave behind cookies and would therefore require them to include a warning for visiting users for compliance with recent legislation.

Once logged in, a user can choose to save login details on their computer, and some parts of the system store preference information. The church’s terms and conditions for the site that are accepted on first login should draw attention to this.

CONTACT & COMMUNICATION

Users contacting a ChurchBuilder site or its owners submit their information for processing by that Church. Privacy questions regarding church-owned data should be addressed to the church. The data is stored and backed up by Concordant Systems per our Data Protection Policy, but is otherwise processed according the policies of the church that owns the site.

Concordant Systems makes no use of church-owned data except when performing technical support for or on behalf of a church.

DATA ACCURACY AND UPDATES

The personal information stored on ChurchBuilder is under the control of the church that owns the particular site you are using.

All subject access requests (requests for what information is stored in ChurchBuilder, or requests to delete or update information in ChurchBuilder) should be directed at the church that owns the data. Your church should have a policy for how personal data is kept up to date and how old data is deleted. This is typically found on a link in the footer of the church's front page. If you direct a Subject Access Request to Concordant Systems () then we will forward it to the appropriate church for processing.

The details of what information ChurchBuilder stores about you varies from church to church, but typically will contain name, telephone numbers, email addresses, connections to other family members, groups and categorisations, rota information, pastoral care information, allergies, job title, attendance information. For full information please check the privacy policy of your church.

DATA ACCESS

ChurchBuilder contains many features that restrict who in a church can access the data of an individual. These security features are under the control of the church’s representatives that have been given responsibility for managing their site. These representatives also have measures available to check that the security features that have been set are working as intended. Requests about what personal data church staff or members have access to on a a particular ChurchBuilder site should be directed at that church’s ChurchBuilder representatives or the church’s governing body.

DATA STORAGE AND SAFETY

Concordant processes data per our data protection policy and the UK Data Protection Act. This includes requirements for keeping ChurchBuilder safe from attack and accident, restricting who has access to confidential data, encrypting personal data when it is stored or moved around, and ensuring that the storage hardware is destroyed when it is decommissioned.

Data is stored in the UK under the control of Concordant Systems Ltd and complying with our data protection policy.

LAW ENFORCEMENT

We reserve the right to pass on personal information to any law enforcement agencies properly requesting it in connection with the commission of any offence once we are reasonably satisfied as to the circumstances surrounding the request.

FACEBOOK / OFFICE 365 / GOOGLE

ChurchBuilder does not copy or retain data from Facebook, Office 365 or Google - our connection to these services is used purely to authenticate a user.