Data Protection & Privacy

Light’s Hope takes your privacy seriously. We collect and use personal information only for the purposes of church life, including worship, pastoral care, safeguarding, training, and administration. Online, this may include cookies, IP addresses, or similar information to help our website function and improve accessibility.

Your data is stored securely, never sold, and only shared where required by law or to protect someone from harm. You have the right to access, correct, or request deletion of your information at any time.

Data Protection & Privacy Policy

1. Commitment
Light’s Hope values the privacy and security of all personal data entrusted to us. We comply with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, and we are committed to using personal information responsibly, securely, and transparently.

2. What Data We Collect
We may collect and process the following types of information:

  • Membership data: names, contact details, participation in Church Families.
  • Clergy/ministry data: training, ordination, safeguarding checks, and role records.
  • Safeguarding records: incident forms, logbooks, DBS information, and training records.
  • Pastoral care information: records of support where necessary.
  • Financial data: donations, Gift Aid declarations, expenses, and payroll (if applicable).
  • Digital data: emails, online meeting registrations, chat contributions, recordings where consented.
  • Communications: newsletters, correspondence, and feedback.

3. How We Use Data
Personal data will be used only for purposes consistent with the Objects of the Church, including:

  • Supporting participation in Church life (in-person and online).
  • Safeguarding and safer recruitment.
  • Pastoral care and community support.
  • Administering worship, training, ordination, and governance.
  • Processing donations, Gift Aid, and financial records.
  • Communicating with members, leaders, and supporters.

4. Safeguarding Records

  • Safeguarding records are kept securely, with access restricted to Safeguarding Officers and the Safeguarding Lead.
  • Records are stored only as long as required under statutory and safeguarding best practice.
  • Information will only be shared with statutory bodies or others where legally required to protect someone from harm.

5. Digital and Online Participation

  • Online services, meetings, and community platforms are treated as part of Church life.
  • We will use tools such as captions and transcripts where possible to support accessibility.
  • Online gatherings may be recorded for training or safeguarding purposes, but only with prior notice and consent.
  • Personal data collected through online platforms (e.g. names in Zoom/Teams, chat contributions) will be handled with the same care as in-person records.

6. Legal Basis for Processing
We process personal data under one or more of the following legal bases:

  • Consent – where individuals have given clear permission (e.g. newsletters, media use).
  • Legal obligation – where required by law (e.g. safeguarding, HMRC).
  • Legitimate interest – where processing is necessary for the operation of the Church (e.g. membership records, pastoral care).
  • Contract – where data is needed for agreements with staff or contractors.

7. Data Security

  • Paper records stored in locked storage.
  • Digital records stored on password-protected systems.
  • Access limited to those who need it for their role.
  • Data breaches will be reported to the ICO in line with UK law.

8. Data Retention

  • Safeguarding records: in line with Thirtyone:eight and statutory guidance (sometimes long-term/permanent).
  • Membership data: retained while active and no more than 3 years after leaving.
  • Financial records: 7 years (HMRC requirement).
  • Pastoral care notes: retained only as long as necessary.

9. Sharing of Data
We will never sell or share personal data for profit. Data will only be shared:

  • With statutory authorities (e.g. safeguarding referrals, HMRC).
  • With trusted processors under contract (e.g. DBS checks, payroll services).

10. Your Rights
Individuals have the right to:

  • Access their personal data.
  • Request correction or deletion.
  • Withdraw consent (where processing is based on consent).
  • Restrict or object to processing in certain circumstances.
  • Complain to the ICO if concerns are not resolved.

11. Website and Cookies

  • Our website may collect standard internet log information, including IP addresses, browser type, and details of visitor behaviour patterns. This helps us understand how people use the site, improve accessibility, and protect against misuse.
  • We may use cookies (small files stored on your device) to improve website functionality, remember preferences, and analyse traffic.
  • Users can control or disable cookies through their browser settings, but some website functions may not work properly without them.
  • Where we use third-party services (e.g. analytics, embedded videos, online giving), those providers may also collect data in line with their own privacy policies.

12. Contact
For data queries or to exercise your rights, contact:

Data Protection Contact
Light’s Hope
data@lightshope.org

For safeguarding concerns, please visit our Safeguarding Policy page.