Privacy Notice

Privacy Notice for the Parochial Church Council (PCC) of Christ Our Hope Liverpool

Last amended 2 nd March 2026 (v3).

  1. What is personal data?

Personal data allows a living individual to be identified from that data. Identification can be by the information alone or alongside any other information that the data controller possesses or likely to possess in future. The processing of personal data is governed by the General Data Protection Regulation (GDPR).

  1. What is the role of the PCC?

The Parochial Church Council (PCC) of Christ Our Hope Liverpool is the data controller. This means we are legally responsible for deciding how your personal data is processed and for what purposes.

  1. How do we process your personal data?

We comply with our obligations under GDPR by keeping personal data up to date, by storing and destroying it securely, by not collecting or retaining excessive amounts of data, by protecting personal data from loss, misuse, unauthorised access and disclosure, and by ensuring that appropriate technical measures are in place to protect it.

  1. Why do we process your personal data?

We use your personal data for the following purposes:

  • To enable us to provide a service for the benefit of the public in our local area, which includes baptisms,
  • weddings and funerals as well as other events.
  • To administer membership records.
  • To manage our employees and volunteers.
  • To maintain accounts and records in compliance with our obligations as a Church of England parish.
  • To raise funds and promote the interests of Christ Our Hope Liverpool.
  • To inform you about news, events, activities and services running in the parish and the local area.
  • To share your contact details with the Diocese of Liverpool so they can comply with their legal obligations and to keep you informed about news in the diocese and events, activities and services that will be occurring in the diocese and in which you may be interested.
  • Some services and events may be recorded or livestreamed, to enable other people to participate remotely. You will be informed at the time if this is the case, so you will be aware if you may be being filmed or recorded.
  • Some church premises may have CCTV or surveillance systems to help maintain safety for staff, visitors and other people, and to protect against vandalism or other crimes. Any CCTV or surveillance systems will be clearly signposted in each location, with contact details in case of questions.
  1. What is the lawful basis for processing your personal data?

The GDPR legislation provides different legal bases for processing personal data. We use the following:

  • Legitimate interest, where we need the data to fulfil your request for a service or to make it easier to fulfil future requests.
  • Legal obligation and public task, where processing is necessary for carrying out legal obligations in relation to Gift Aid or under employment, social security or social protection law, or Church of England record keeping regulations.
  • Your consent where we wish to keep you informed about news, events, activities and services or where you want us to share your contact details with other people.
  1. Special Category data

The data we collect may reveal your religious beliefs, for instance through records of your attendance at church activities or an application for baptism. It may also reveal health status or disabilities, for instance through notifying group leaders of accessibility requirements or children’s allergies, or via requests for prayer.

  1. Who do we collect data from

We primarily collect data from you (or from a family member on your behalf).

  1. Sharing your personal data

Your personal data will be treated in strict confidence and will only be shared with other members of the parish so we can carry out the purposes above.

The only data shared with the general public is your name, if you are on the church electoral roll. It is an automatic legal consequence as stated in the CRR, (Part I Formation of the Roll 1(8) and Revision of Roll and Preparation of New Roll 2(1), 2(3) and 2(7)) that your name will be published, and by submitting your application form you are making that data public.

Some data may occasionally be visible to third parties in strictly controlled circumstances:

  • Software support teams when they are requested to fix technical issues in applications that store personal data.
  • The Diocese of Liverpool for oversight of financial, regulatory, legal and safeguarding processes, to assist with setting up processes and systems, and for wider communications and correspondence.

All of these parties have their own privacy and security policies. Data will not be shared outside of the UK/EAA without safeguards in place.

Data may be shared with other parties for safeguarding purposes if you apply for a role that requires a Confidential Declaration – please see Section 13 onwards for more details.

If we wish to share your data with third parties other than these, we will request your consent.

  1. How long do we keep your personal data?

We keep data in accordance with the guidance set out in the guide “The Church of England Retention Schedule” which is available on the Church of England Website.

  1. Your legal rights and complaints 

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

  • You can request a copy of all the personal data which we hold about you.
  • You can request that we correct any personal data if it is inaccurate or out of date.
  • You can request that we erase your personal data where it is no longer necessary for us to retain such data.
  • Where there is a dispute in relation to the accuracy or processing of your personal data, you can request a restriction is placed on further processing.
  • You can withdraw your consent at any time (this only affects data processed under the basis of consent).
  • You can lodge a complaint with us or with the Information Commissioner’s Office.
  1. Further processing

If we wish to use your personal data for a new purpose that is not covered by this Data Privacy Policy, we will publish a new policy explaining this new use before starting the processing to explain the relevant purposes and processing conditions. Wherever necessary, we will seek your prior consent to the new processing.

  1. Contact Details

If you wish to exercise your legal rights, or raise a query or complaint, please contact the Data Protection Lead at dataprotection@cohl.org.uk

You can also contact the Information Commissioners Office on 0303 123 1113, via their website or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Cookies On Our Site

    This site uses cookies to store information on your computer.

    Some cookies on this site are essential, and the site won’t work as expected without them. These cookies are set when you submit a form, login or interact with the site by doing something that goes beyond clicking on simple links.

    We also use some non-essential cookies to anonymously track visitors or enhance your experience of the site. If you’re not happy with this, we won’t set these cookies but some nice features of the site may be unavailable.