Church Policy documents
Safeguarding Policy
Data Protection and GDPR
Social Media Policy
Social Media Working with young people
Legacy
Policy
Privacy
Notice
Password Protected Documents
Data Protection and GDPR
The General Data Protection Regulation (GDPR) came into force in May 2018 and consolidated existing legal obligations on organisations such as Yatton Methodist Church.
Yatton Methodist Church does what it can to protect privacy and keep information safe. If as a volunteer, minister or employee in the church you use or have access to personal information, you are responsible for ensuring that such information is handled in accordance with data protection legislation and in line with best practice.
Full details are set out in the Yatton Methodist Church Data Protection Policy, and the Yatton Methodist Church Privacy Policy advises individuals how their data will be used and protected. Both of these document are available on the church website www.yatton-methodist.org.uk
This guide summarises what you need to do as a volunteer, minister or employee in the church to ensure that the information you hold is looked after carefully and kept safe.
What is personal information?
Any information identifying a living individual or information relating to an individual that can be identified from that information. Personal Data can be factual (for example, a name, email address, location or date of birth, photograph, disability, health or ethnicity data) or an opinion about that person’s actions or behaviour.
Code of Practice
- Carefully read and follow the Yatton Methodist Church Data Protection Policy.
- Review and keep under review the personal information you collect and use. What information do you have? Why? Who has access to it? Do you need to keep all the information you have?
If you do not need all the information you hold this could be a great opportunity to dispose of it in accordance with the guidelines.
- Only collect and/or use personal information if you have a lawful reason for doing so, and in the future as you collect data, inform individuals about how you will use their personal information by advising them about the Privacy Policy.
There are six lawful bases for collecting data as follows. In the context of Yatton Methodist Church it will almost always be either A. or B.
- legitimate interest;
This lawful basis is appropriate if . . .
- The church has a legitimate interest for using the data for the purposes proposed. Note that legitimate interests can range from the trivial to the compelling.
- The proposed use of the data is within the “reasonable expectations” of the individual, and the individual would understand why their personal information is being used for the particular purpose.
- The use of the personal information is targeted and proportionate to achieve the intended purpose.
- consent;
where the individual has knowingly and freely given their clear consent to the collection and use of their personal information, and for the use (processing) of their information for the specific purpose in question. It can be written or verbal, but must be specific.
- contractual;
- legal obligation;
- vital interest (life or death scenarios);
- public interest (mainly for public bodies);
- Only use the personal information that you need and only for activities relating to the life and work of the Methodist Church.
e.g. do not use information from the Church Directory for your own private or business purposes, and only use personal information you actually need for the purpose required.
- Only collect and use the minimum amount of personal information that you need for a particular task.
e.g. if you are arranging a pastoral visit, you only need to collect sufficient personal information to enable the pastoral visitor to provide pastoral support. The pastoral visitor is meeting the spiritual needs of the Church member rather than providing medical care requiring a full medical history.
- Check the information you have is correct and up-to-date.
e.g. read back personal information given over the telephone, and update information when notified about changes in contact details.
- Destroy/ delete personal information as soon as it is no longer needed by shredding hardcopies and/or deleting computer files (including backups) in accordance with the guidelines detailed in the Yatton Methodist Church church Data Protection Policy. i.e. do not keep hold of information longer than you need it.
- Review how you collect and store personal information and update processes as necessary to ensure its safety.
e.g. do not leave personal information unattended in the vestry; store computer files on a password protected machine; do not print information unless you really need to and if you do store it somewhere safe.
- If you lose or allow unauthorised access to personal information, immediately contact the Yatton Methodist Church Data Championso that they can tell you what to do next.
Take any immediate action that you can to get the information back e.g. recall the email, ask the unintended recipient not to read it and delete the email, retrace your steps to find lost papers or contact the train or bus company if you think you left them on public transport
- Respond to requests to exercise data rights e.g. to erase information or provide details of information held, without delay and notify the Yatton Methodist Church Data Champion.
e.g. if somebody asks for copies of all the personal information you hold about them or asks you to delete personal information.
The Methodist Church uses personal information in many different ways but the following two purposes raise the most queries.
Directories and Circuit Plans
- You can rely on “legitimate interests” if the Directory or Circuit Plan is not shared with third parties.
- If you share the Directory or Circuit Plan with third parties e.g. they are published on your website or made accessible to third parties (left in the church foyer) you will need to obtain consent. Please note there is no need for consent to be obtained from Ministers in Full Connexion or probationers.
- If you have not obtained consent because you do not make the Directory or Circuit Plan available to third parties, ensure those members with a copy know they must keep the information confidential.
- When people give you their personal information to include in the Directory or Circuit Plan, destroy the completed forms; shred or tear up information handed to you in paper form and delete emails, or store the information securely only for so long as you need to. Keep in locked filing cabinets, locked cupboards or password protected files or anywhere that is considered safe and secure.
Pastoral records
- You can rely on “legitimate interests” if the information belongs to the Church’s own members, former members, or persons with whom it has regular contact in connection with the Church and will not be shared with third parties.
- Keep any health information to a minimum. The person may want to share details of their illness with you but you do not need to take written records of this. What do you need to record? What information is essential for the pastoral records?
- As the information may include special category information e.g. health data, take special care of it. Keep any paper records in a locked filing cabinet (or cupboard) if possible, keep any computer records password protected, do not leave the files unattended and only share information with others involved in pastoral visits on a need to know basis.
Where to find more help?
Contact: Martin Buckley, Yatton Methodist Church Data Champion
07495 309091
buckley.martin45@gmail.com
Social Media Working with Young people
Policy and Guidelines
This policy document relates to social networking, internet, email and use of mobile phones.
We recognise that for many young people, technology is their preferred means of communication and it can also be an extremely effective tool within youth work. However while it brings opportunities there are also significant risk and it is important that guidelines are followed.
Leaders communicating with young people or vulnerable adults via the internet, email, social networking or mobile phone must be DBS checked in accordance with the Methodist Church safeguarding guidelines.
It is recommended that:
- If a worker expects to communicate with young people via email, messenger, social networking sites or texting, written permission from the child’s parents should be given.
- One-to-one communication between a worker and a young person should normally be avoided. Communication should always be in a page or group context, using an approved ‘Work’ account that a supervisor or approved third party can access and review.
- Clear and unambiguous language should be used in all communications. Avoid abbreviations and symbols that could be mis-interpreted.
- Do not use any comment or picture of a young person without written parental permission.
Mobile Phones:
- Employed workers should be supplied with a mobile phone dedicated for work purposes. This allows for the phone to be switched off outside working hours, and for usage to be accountable.
- The work phone number should be the only number that young people are given; a worker’s personal number should remain private.
- Any texts received that raise concerns should be saved and passed on to a supervisor, safeguarding officer or approved third party within the organisation. Conversations raising concerns should be discussed as soon as possible.
Email and Messenger services, including Whatsapp etc:
- Be aware of who has access to computers, or other devices, used for communication between workers and young people.
- There should be a ‘curfew’ on instant messenger communication and mobile phone texting and this should only take place during reasonable ‘working hours’ and not late into the night etc.
- Log and save all conversations and regularly review these with your supervisor before they are deleted. Make sure that young people know that a supervisor has access to the conversations.
- Video or Voice messenger should be done in public so that other people are aware of what you are doing and to whom you are speaking.
Facebook & Social Networking Sites:
- Best practice is that it is not appropriate to use a personal Facebook account and profile for work with young people, so you should create a professional account to manage your communications with young people
- To create a professional or ‘work’ account and profile, enter your work email in the sign up box, adding ‘Work’ or another suitable term after your last name to distinguish your professional profile from your personal (i.e. Sue Brice Work)
- Your supervisor/Named Person should be aware of the account name and password so that they can at any time log onto the account to monitor the communications. Young people should be made aware that information is shared in this way.
- You should ensure your organisation/church name is entered onto the profile you create. Also make sure you use work contact details and web address.
- You should use a photo of you in an official/work setting.
- Adding interests makes your profile more interesting, but only share information appropriate to the young people you will be working with. Likes or endorsements of political causes might not be appropriate.
- You should consider entering a ‘expectations statement’ under ‘about’ in your profile such as:
I am a youth worker with a keen interest in social media which I use to share about the groups and events we run through Yatton Methodist Church. I also post lots of links that I think young people who come to our groups would find interesting. I only log-in to Facebook a few times a week so if you need to contact someone from Yatton Methodist Church urgently then please call 0XXXXXXXX or email theYW@xxxxxxxx.org.uk.
- Any communication or content that raises concerns should be saved or printed, shared and discussed with your supervisor/named person.
- Workers should only accept friend requests for this profile from young people known to them, that they have first met offline.
- Communication should normally be in the public domain wherever possible using group mailings or public wall posts.
- Workers with personal social networking accounts should customise their privacy settings in order to maintain the boundaries between their personal and professional lives.
Legacy Policy
At Yatton Methodist Church we welcome all gifts in Wills, however large or small, and we promise to use those gifts to make a difference in our church and/or community.
Our legacy policy is to use gifts to help fund significant activities or projects, whether buildings, equipment or staff, rather than day to day expenditure.
Since needs change over the years, we encourage gifts left in wills to be for the general purposes of the church rather than for a restricted purpose. Church Council representatives may discuss possible uses of a particular gift with executors, bearing in mind any known areas of interest in the church by the benefactor (e.g. music, buildings, children and youth, evangelism, overseas mission or aid) and the churches priority at the time.
Gift left to the church will be used as soon as practically possible, to make a real difference to the church’s mission and ministry.
Social Media Policy
“All new forms of communication provide opportunities to share the Good News of Jesus Christ in the world. They come, however, with new values. Whereas the printed word has a certain finality of declaration about it, social media is interactive, conversational and open-ended. Moreover, it happens in a public, not private, space. The Methodist Church therefore encourages the user to use social tools as a means of engaging in an interactive conversation with people of all faiths and none. As Gospel people, our conversation should be ‘seasoned with salt’ (Colossians 4:6), and these guidelines aim to help us to do so.”
Social Media Guidelines of the Methodist Church in Britain.
This Policy is based on the principles set out in the Social Media Guidelines issued by the Methodist Church for employees of the Methodist Council. Yatton Methodist Church accepts that the following principles form good practice for Methodist Ministers, lay employees and other office holder or those holding a representative role in the Methodist Church:
Be a good representative of the Methodist Church. Remember that you are an ambassador for Christ, the Church and your part of it. Disclose your position as a member or officer of the Church, making it clear when speaking personally. Let Galatians 5:22-26 guide your behaviour.
Be respectful: respect confidentiality. Respect the views of others even where you disagree.
1. Participation via Social Media
You should participate online in the same way as you would with other public forums. You take responsibility for the things you do, say or write.
Never share personal details like home address and phone numbers except with someone you know and trust, and if you decide to do so then use a private message. Be aware an address can be disclosed in many ways for example via photos or a GPS position as well as in written form.
Always remember that participating online results in your comments being permanently available and open to being republished in other media. Once something is posted to a blog or other internet site, it should be assumed to be still available even if it is later deleted from the original site.
Stay within the legal framework and be aware that safeguarding, libel, slander, copyright and data protection laws apply, as well as the Constitutional Practice and Discipline (CPD) of the Methodist Church.
Confidentiality: Treat email and text messages with the same level of care and security as written correspondence.
Be aware that self-disclosure via social media can inadvertently reach a wider audience than intended and so become common knowledge. Always be circumspect if there is a risk that information presented may be misinterpreted or misunderstood.
Be aware that your participation may attract media interest in you as an individual, so proceed with care whether you are participating in an official or a personal capacity. If you have any doubts, take advice, but remember that you are responsible for your online activities.
Always be aware that your membership of the Church means that you are regarded as a representative of the faith we share.
2. Use of Official Name and Logo
Any use of the Yatton Methodist Church name or logo for branding or titling pages, blogs or similar elements of social media must be approved in writing prior to use. Requests should be made to the Church Administrator.
3. Individual Judgment
Even when engaging in social media for personal use, the comments of a member of Yatton Methodist Church may be viewed as a reflection on the Church. Users should use their best judgment when engaging in social media activities and should be on guard against actions and discussions that could harm the interests of our church community.
4. Transparency
Users’ social media communications are made in their personal capacity and not on behalf of Yatton Methodist Church. Statements made by members of the church community should not be taken as expressing the formal position of Yatton Methodist Church unless the writer is specifically authorized to do so by the Minister.
5. Copyright Laws
Users must comply fully with copyright law when posting and uploading materials. Any posting of materials to official Yatton Methodist Church social media must be limited to materials in which the copyright is owned by the party seeking to post the information, or in which the owner has consented to the sharing of the materials. Images and other materials from the Yatton Methodist Church website shall not be copied and uploaded to other forums without the prior written consent of the Minister.
6. Privacy
Users of social media must comply with the Yatton Methodist Church Privacy Policy i.e. All users of social media within the Yatton Methodist Church community should take care to safeguard the privacy interests of other community members. In particular, personal information (that is, information that can reasonably identify a particular person, including name, phone number, address or email address) should not be disclosed without the prior written consent of the person identified. In cases where a user has consented to the publication of such information, appropriate privacy settings and levels should still be utilized.
7. Mindfulness for those deployed and employed in our Churches
Those working for the church should reflect on when to use social networks during working hours. It is recognised that this is a powerful and effective medium to keep in touch with friends, co-workers and volunteers, but being mindful of how much time is spent in online activities set against other work priorities is vital.
This Policy should be read in conjunction with:
1. The Methodist Safeguarding Policy
2. Yatton Methodist Social Media and Engaging with Young People – Policy and Guidance. This sets boundaries for the use of Internet, email and texting communication particularly for those working with young people.