The Data Protection Act 2018 (DPA 2018), in line with the United Kingdom General Data Protection Regulation (UK GDPR), has now replaced the previous law on data protection (the Data Protection Act 1998). The GDPR and DPA 2018 give individuals more rights and protection in how their personal data is used by organisations. Parishes must comply with its requirements, just like any other charity or organisation. This page provides guidance, and a templates to help you
The following documents should assist you as you seek to comply with UK GDPR and understand the Diocese of Exeter’s commitment to UK GDPR:
- National Church Institutions Safeguarding Privacy Notice June 2019 – This document outlines the way in which the Church of England will manage and store data.
- EDBF Privacy Notice – This document is Exeter Diocese Board of Finance’s privacy notice.
- Safeguarding Privacy Notice 2023 – This document is the Diocese of Exeter’s Safeguarding Privacy Notice 2023
- Parish Sample Privacy Notice – This document is an example for illustrative purposes only. If you wish to use this sample you will need to replace the PCC name with your own throughout the document and put in relevant contact details in the highlighted place in Section 9.
- ‘Keep in touch’ sample consent form – This can be used as a sample template to enable churches to obtain contact details keeping to UK GDPR.
- Parish sample Consent Form 2019 – This can be used as a sample template to enable churches to obtain contact details keeping to UK GDPR.
- Clergy Personal Files Privacy Notice – This document outlines Diocese of Exeter UK GDPR statement for clergy files.
If you need further information about Data Protection, please contact the Data Protection officer via email or phone:
Operations Manager & Executive Assistant to the Diocesan Secretary
Main: 01392 294901
Mobile: 07590 443906
Please see the following documents which you might find useful: