Skip to content
Malin Parish – Ireland's Most Northerly
  • News
    • Homilies
    • Pastoral Letters January 2023
    • Synod 2023
    • MICA Prayer
    • Share The Good News
    • Latest News
    • Most married couples have weathered Covid storm well
    • The couple that prays together stays together
    • Paul: The Radical Gospel
    • All Married Couples
    • Mission
  • Parish Groups
    • Parish Pastoral Council
  • Sacraments
    • Baptism
    • Penance/Reconciliation
    • Eucharist
    • Confirmation
    • Matrimony
    • Holy Orders
    • Extremunction/Anointing of the Sick
  • About Us
    • Contact Us
    • Bulletin
    • Guestbook
    • Parish Schools
      • Scoil Treasa Naofa – Malin Town
      • St Mary’s NS – Malin Head
      • Urblereagh NS – Urblereagh
      • Scoil Cholmcille – Glengad
    • Parish Churches
      • Aughaclay
      • St. Mary’s Parish Church
      • Star of the Sea
    • Events
      • Pictures
  • Links
  • Privacy Notice

Privacy Notice

Privacy Notice

THE DIOCESE OF DERRY 

PRIVACY NOTICE 

OVERVIEW 

The Diocese of Derry recognises that the greatest of care must be taken when processing personal data about our  parishioners and we understand that this is not a purely administrative task. The records we hold can have profound  pastoral significance. Personal information is directly relatable to the dignity of human life, and the respect that  every individual deserves must extend to information we hold about that individual.

The law provides 6 legal bases for processing data:

1) Consent of the Individual

2) Contractual Necessity

3) Compliance with Legal Obligations

4) Vital Interests of the Data Subject

5) Performance of a Task in the Public Interest

6) Legitimate Interests

Further conditions apply when processing ‘Special Category’ personal data, which includes data revealing religious  or philosophical beliefs.

In the majority of instances, the information which we collect and store is of a basic, biographical nature such as  contact details- name, address and telephone number but the work of the Church is wide-ranging and there are  instances when additional information is necessary.

This notice sets out how we collect personal information about you, how we use, store and share it and how you can  interact with us about it.

  1. Who is the Data Controller? 
  • Legal responsibility for all decisions regarding the purpose and means of processing personal data rests with  the ‘Data Controller’.
  • The Diocese of Derry and more specifically the Derry Diocesan Trust is the Data Controller including when processing is carried out by its curial offices, Parishes and committees. It is important to note that Parishes  form part of the Diocese and are not separate legal entities.
  • Derry Diocesan Trust is a registered charity, (registration no. NIC105256).
  • If you require any further information on this notice or data protection within the Parish please contact: – Executive Director

Diocesan Office, St Eugene’s Cathedral, Francis Street, Derry BT48 9AP

Tel: 028 71262302

Email: office@derrydiocese.org

  1. Why is personal data processed? 

The work of the Parish Priest, parish staff, volunteers and clergy involves interacting with Parishioners on a daily  basis. We have carefully considered the information that we hold and have sub-divided our processing activities by  subject matter. The table below provides an overview of our processing activities and explains why processing is  necessary.

Subject Matter  Examples  Legal Basis for Processing
Sacramental

Records

 Baptism, Marriage, First Holy

Communion & Confirmation Registers

 When we collect personal data relating to the celebration  of a sacrament and maintain records on parish activities,  we do so in the legitimate interests of our Church and its  members. Collecting information pertaining to the  celebration of our faith is an essential part of the fulfilment  of our spiritual and charitable purpose to advance the  Catholic religion.

We also process information in compliance with our legal  obligations and as part of a wider task in the public  interest, for example when officiating at a wedding.
Records pertaining  to the celebration  and participation  in Mass, events,

pilgrimages and

services

 List of Eucharistic Ministers, Readers,  Choir & Musicians, contact

information and requests relating to  visits to the housebound, information  for the Parish newsletter, audio and  visual recordings & photographs, Death Registers

 The congregation plays an integral role in all religious  services. It is important for us to be able to communicate  with you in relation to news about activities and events  taking place within the Church and local community  including seeking feedback and informing you of any  changes to our pastoral plans or ministry. Processing this  data is necessary to fulfil our legitimate interests as a  Church and to fulfil our spiritual and charitable purpose.
Pastoral Care,

Safeguarding,

Health & Safety

 CCTV/webcam, Accident Log,

volunteer information, training

records, Access NI or National

Vetting Bureau

applications/clearance, record of  complaints

 This information is of pivotal importance for legal and  pastoral reasons and is processed in accordance with our  legal obligations, our public tasks and our legitimate  interests in contributing to the advancement of our faith in  the local community.
Finance &

Governance

including

Fundraising &

Donations

 Gift Aid declarations, parish

envelopes, minutes of committee  meetings, tender documents, use of  facilities, parish draws

 The Diocese is a registered charity and we are required to  hold information on finance and governance to comply with  our legal obligations under charity and tax law.
General church

administration

including

information on our  employees

 Parish diary and telephone directory,  routine correspondence, visitation  papers, contracts, timesheets,

personnel files, miscellaneous

information obtained relating to the  operation of our website including  cookies

 This category of data is varied, and processing is based on  both contractual necessity and our legitimate interest in  achieving our charitable objects of advancing and  maintaining the Catholic religion.
Statistical and

historical

information

 Parish census and surveys Processing information of a wider statistical and historical  nature is consistent with the performance of a task in the  public interest.

 

  1. How is personal data collected?  

The majority of the personal data which we process is collected directly from you by completing forms or in other  communications which may be verbally in person, in writing, by telephone or via the internet. On rare occasions,  we will gather information from third parties including references or checks for safeguarding purposes.

Failure to provide us with information which is required to comply with a legal/statutory obligation may restrict our  ability to administer a sacrament or engage in pastoral activities as well as your ability to volunteer or participate in  services, events or activities.

  1. Who has access to your data? 

Your information can only be accessed by authorised personnel within the Parish and the Diocese.

None of your data is subject to any direct marketing, automated decision making or profiling.  5. Do we share or transfer your data? 

The Diocese will only share your personal information with third parties if we believe it is necessary and consistent  with our legitimate interests. Sometimes sharing information is necessary for pastoral reasons for example, if a  school requires information to assist in preparation for the celebration of a sacrament. On other occasions, the  Diocese will consult with third parties such as IT consultants to assist us in administrative tasks, or professional

advisers to advise us on legal or technical matters. There are also instances when there will be a specific legal  requirement to share information, for example in order to perform essential safeguarding tasks such as checks  against criminal records from Access NI/National Vetting Bureau, liaison with the Police and other law enforcement  agencies, insurers or tax, charity or immigration authorities.

If we share your data, we will ensure that satisfactory controls are in place to allow your information to be  transmitted safely and will engage with third party service providers so that we can be satisfied that they comply  with data protection laws.

In the ordinary course of our routine processing activities, your data will be processed within the Diocese and will  not be transferred to countries outside the European Economic Area (EEA). However, if such action is necessary,  for example, a parishioner is getting married outside the EEA or information is required by the Vatican, we will  ensure that processing is carried out in accordance with government guidance and with an adequate level of  protection for personal data.

  1. How do we protect your data? 

The Diocese takes the security of your data seriously and has internal policies and controls in place to protect your  information. The steps we take have been developed as part of a risk assessment and reflect our practical, ‘common  sense’ and proactive approach to data protection such as making sure paper documents are securely locked away  when not in use; using passwords and encryption when processing soft copies of documents, limiting record-keeping  on portable electronic devices and removable storage, shredding documents when being disposed of and regularly  monitoring our IT security systems.

  1. Do any additional safeguards apply? 

Given the context in which processing occurs, it is inevitable that a high percentage of the data we process will  either explicitly or implicitly include an individual’s religion which is ‘special category’ data. When this is the case,  processing will only occur if one of the following conditions is met, in addition to the stated legal basis: –

  • Processing is carried out in the course of our legitimate activities as a non-profit making organisation with a  religious aim. Appropriate safeguards are in place and the processing relates solely to the members or to  former members of the Parish and personal data is not disclosed externally without your consent; • Data is manifestly made public by you as the data subject;
  • It is necessary for handling legal claims;
  • There is a substantial public interest for processing in accordance with the law;
  • Archiving is in the public interest/necessary for research & statistics;
  • Your explicit consent.
  1. How long do we keep your data? 

One of the fundamental principles of lawful data processing is that any data held is accurate and, where necessary,  kept up to date and erased without delay. Personal data may be stored for longer periods if the data is processed  solely for archiving purposes in the public interest for historical research purposes or statistical purposes.

The subject matter of the record will determine how long the information is retained within the Diocese. We consider  some of the personal data we hold to be of wider historical or genealogical significance, which justifies retaining it  for longer periods than would typically be associated with business transactions. There may also be instances where  the sensitive or legal nature of the record itself requires us to store the information for an extended period. For  example, all records pertaining to safeguarding are maintained for 100 years. The table below provides a quick  reference for each subject matter, but if you require specific information on a retention period please contact the  Executive Director.

Subject Matter  Retention Period
Sacramental Records Permanently
Records pertaining to the

celebration and participation in  Mass, events, pilgrimages and  services

 Routine information such as rotas and contact details will be checked intermittently and by the Parish Office on an informal basis and formally reviewed every 5 years to  ensure that the data remains relevant/accurate and that processing is still necessary.
Safeguarding This information is sensitive and is held for 100 years.
Finance & Governance including  Fundraising & Donations Determined by Company, Charity & Tax Law

Specifically, we retain Gift Aid declarations and associated paperwork for up to seven  years after the year to which they relate.
General church administration  including information on our

employees

 Determined by Employment Law otherwise routine information such as diaries and  timesheets will be checked intermittently by the Parish Office on an informal basis  and formally reviewed every 5 years to ensure that the data remains  relevant/accurate and that processing is still necessary.
Statistical and historical

information

 Permanently

 

  1. Your Rights 

The General Data Protection Regulation provides the following rights for individuals: 

  • The right to be informed 
  • The right of access 
  • The right to rectification 
  • The right to erasure 
  • The right to restrict processing 
  • The right to data portability 
  • The right to object 
  • Rights in relation to automated decision making and profiling. 

These rights are not absolute and your ability to exercise these rights will depend on the legal basis for processing.

You can make a subject access request in writing to the Diocese at any time, free of charge. Please contact our  Executive Director using the contact details on page 1 of this notice. If you believe that the information which we  hold is incorrect or incomplete, you can inform us and ask us to update the records held.

You are entitled to ask us to erase, limit or stop processing your data. We may ask you to explain your reasons for  the request. If we are processing your data in compliance with a legal obligation, contractual necessity, fulfilment  of a public task or in pursuit of overriding, legitimate interests, it may not be possible for us to agree to your request  but if this is the case, we will explain the reason for our decision.

As stated above, none of your data is subject to automated decision making or profiling and therefore, the rights  associated with type of processing do not apply.

  1. How can I make a Complaint? 

If you believe that the Diocese has not complied with your data protection rights, you can complain to the Information  Commissioner (NI) or the Data Protection Commissioner (ROI). Further information on this process can be found  online by accessing the relevant websites.

In Northern Ireland:- https://ico.org.uk/global/contact-us/ In the Republic of Ireland:-

https://www.dataprotection.ie

CONCLUSION 

Data Protection is a complex and evolving legal issue. This notice will be reviewed on an annual basis. The Diocese, through its Parishes, is committed to compliance with the six data protection principles set out in the General Data  Protection Regulation which provides that Personal Data must be:

  • Processed fairly, lawfully and in a transparent manner;
  • Collected for specified, explicit and legitimate purposes and not further processed for other purposes  incompatible with those purposes;
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed; • Accurate and, where necessary, kept up to date;
  • Kept in a form that permits identification of Data Subjects for no longer than is necessary for the purposes for  which the personal data is processed; and
  • Processed in a way that ensures its security, including protection against unauthorised or unlawful processing  and against accidental loss, destruction or damage, using appropriate technical or organisational security  measures.

 

Privacy Notice

MICA Prayer

Latest

News

Pastoral Letters

Bulletin

Parish Prayer Day

Mass Times

St. Patricks Church – Saturday 6pm & Sunday 10:30am

Star of the Sea Church – Saturday 8pm & Sunday 12 noon

St. Mary’s Church – Sunday 9am

Confessions
Please check the Bulletin for Confession times

Theme by Colorlib Powered by WordPress