The Diocese of Down and Connor, which we refer to in this Notice as “the Diocese”, “we” and “us”, is a charity registered with the Charity Commission in Northern Ireland. Our charity number is 103983 and our registered address is 73 Somerton Road, Belfast, BT15 4DE.
For the purpose of the Data Protection Act 2018, the Diocese is a Controller in respect of your Personal Data. Please be aware that our parishes form part of the Diocese and are not separate legal entities. Parishes are not Controllers. All clergy, staff and volunteers of the Diocese who are involved in the Processing (which includes collecting, accessing, using and/or disclosing) of Personal Data held by the Diocese are Data Processors and have a duty to protect the data they process by complying with this policy
When you provide us with Personal Data in order to engage with us and/or benefit from our activities, we will keep a record of the data you give to us in order to enable us to comply with our statutory obligations and to achieve our charitable objects of advancing the Roman Catholic religion through the operation of our parishes and our other activities.
Everyone has rights with regard to how his or her Personal Data is handled by organisations. The Diocese is committed to ensuring that Personal Data is properly and securely managed in accordance with the relevant data protection laws, and believes this is an important part of achieving trust and confidence between the Diocese and those with whom it interacts. This Notice is to let you know how the Diocese will look after your personal data. When we ask you for personal data we will ensure that:
Please read this Notice to understand how we use and protect the information that you provide to us or that we obtain or hold about you, and to understand what your rights are in relation to information that we hold. This Notice applies to information about living identifiable individuals only.
If you are required to make any contact with the Diocesan Safeguarding Office, you will receive some additional information directly from it that sets out the ways it will use and process your data.
Personal data is another way of describing your personal information. It includes any information which relates to a living individual who can be identified from that information. Identification can be by the information alone or in conjunction with any other information in our possession or likely to come into our possession. The processing of personal data is governed by the Data Protection Act 2018. We process the following types of your personal data:
We may also collect, store and use the following types of Special Category of Personal Data:
We obtain this information from you, your relatives, other parishioners, other dioceses, schools, groups you are involved in, your employers, HMRC, charities (for example, Saint Vincent de Paul), medical professionals CCTV and web cameras, the police, social services and other law enforcement bodies.
The Diocese complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of personal information; by protecting personal information from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate organisational and technical measures are in place to protect your personal information.
We use your personal data for the following purposes (whether it is collected directly from you or whether we receive it from a third party): –
We will only use your personal information when we have a lawful reason to do so. This might be because:
For example our use baptism data to follow up for families for first communion.
For example you may consent to us sending fundraising communications to you by email or SMS.
For example sending your gift aid information to HMRC, or if we send information to a social services for safeguarding purposes;
For example where you enter into a hire agreement for the use one of our facilities;
For example where we update and maintain the register of marriages;
For example if you were unfortunate enough to fall ill or suffer an injury on our premises, then we may pass on information to the NHS for treatment purposes and to family members.
If we process any Special Categories of Personal Data we must have a further lawful basis for the processing. This may include:
For example, you have consented to us processing your health information to cater for your medical or dietary needs at an event;
For example, passing on information to the Police;
For example, carrying out parish censuses;
For example, reports in the media which have had your consent.
For example, where steps are taken to prevent fraud or other dishonest activity;
Provided that the legal basis is proportionate to the aim pursued and provides for suitable and specific measures to safeguard your rights, or as part of our legitimate interests as a Roman Catholic Diocese and charitable institution.
Your personal information will be treated as strictly confidential and will be used only for the purpose for which it was obtained, unless you have explicitly and unambiguously agreed that we might share your Personal Data with another organisation or unless we are otherwise permitted or required to under data protection rules or order of a Court or other competent tribunal or regulatory body as set out in this notice.
For example we may need to disclose your personal information to the Diocesan Safeguarding Office if you are involved in a safeguarding matter.
For example, if you are getting married in another parish or diocese outside the EEA.
For example with payroll providers, IT consultants, distributors of parish newsletters and directories. We require these third parties to comply strictly with our instructions and with data protection laws;
In the course of processing your Personal Data, or disclosing it to the recipients referred to above, we may transfer it to countries which are outside the European Economic Area (EEA), some of which may not have laws which provide the same level of protection to your Personal Data as laws inside the EEA. In such cases we will take steps to ensure that the transfers comply with the Data Protection Act 2018 and that your Personal Data is appropriately protected. We do so by taking the following measures:
We keep personal information in accordance our Data Retention Policy. We keep certain types of information for different periods of time. Specifically, we retain gift aid declarations and associated paperwork for up to 7 years after the calendar year to which they relate; and we retain sacrament registers (i.e. baptismal records, communion records, marriage records etc.) permanently.
You have the following rights with respect to your personal data: –
Please note that these rights may be limited in certain situations, for example, we cannot erase any sacramental records. We may however be able in certain circumstances to append a note to such records.
Rights may only be exercised by the individual whose information is being held by the Diocese or with that individual’s express permission. Children from twelve years upwards are entitled to make their own requests where the Diocese reasonably believes that that they have an appropriate understanding of the request that they are making. Parents (guardians/family members) do not have an automatic right to see information about their child or prevent their child from making a request to the Diocese.
We may also require proof of your identity for verification purposes before you can exercise any of these rights.
We ask that you ensure that any personal information you provide us with is as accurate and as complete as possible. Please don’t include personal information about another person (including family members) unless you have told the person and they agree to it being provided. We also ask you to tell us as soon as possible if any of the personal information you have provided changes, for example if you change your address.
The policy includes the websites hosted under the downandconnor.org domain only. Within the Diocese domain you may find websites over which the Diocese does not maintain editorial responsibility or direct control. Such sites can include the websites of other Catholic groups, bishops, Holy See etc. While the Diocese encourages compliance with this web privacy statement at such sites, please consult the privacy statements of individual sites, or contact the persons responsible for those sites, in order to understand the policies and practices under which they operate. This also includes links to Facebook and Twitter. By visiting www.downandconnor.org you are accepting and consenting to the practices described in this statement.
When someone visits www.downandconnor.org we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it. The Diocese does not use automatic decision making software and does not engage in profiling.
It is the policy of the Diocese not to disclose technical details in connection with visits to this website in respect of individual website visitors to any third party unless obliged to disclose such information by a rule of law. The technical information will be used only for statistical purposes. You should note that technical details, which the Diocese cannot associate with any identifiable individual, do not constitute “personal data” for the purposes of the Data Protection Act 2018 and GDPR 2018.
Cookies, also known as browsers or tracking cookies, are small text files that are added to your computer when you visit a website. They help websites to perform certain functions e.g. to know who you are if you log into a restricted part of a website, for shopping carts, and for tracking purposes.
The Diocese uses the following cookies:
The Diocese is committed to ensuring your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your information. The Diocese uses technical and organisational security measures to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously adapted in line with technological developments.
We seek to ensure that we keep your personal data accurate and up to date. However, you are responsible for informing us of any changes to your personal data and other information.
No personally identifiable information is collected on this website from visitors, staff, clergy and volunteers that browse the website for information on our activities. We review these measures regularly.
Unfortunately the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, any transmission via our website is ultimately at your own risk. Once we have received your information we will use strict procedures and security features to try and prevent unauthorised access to, or unlawful processing or disclosure of, such data.
If you are unhappy with any aspect of how your personal information is being processed, please contact the Diocesan Data Protection Officer:
Telephone: +44 (0) 28 9077 6185
You can contact the Information Commissioners Office (UK) on 0303 123 1113; via email https://ico.org.uk/global/contact-us/email/ or by writing to the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Once we have received your information, we will use appropriate procedures and security to mitigate against unauthorised loss and to protect your personal data from unlawful processing, accidental loss, destruction and damage.
We may make changes to this Notice from time to time as our practices and laws evolve. We will not make any use of your data that is inconsistent with the original purposes for which it was obtained (if we intend to do so we will notify you in advance when possible) or otherwise that is permitted by the data protection laws.
We are a vibrant, diverse, Catholic community in South Belfast, dedicated to living the Gospel day by day through our words and actions.
Holy Rosary Presbytery,
503 Ormeau Road,
Telephone: 028 9064 2446