The General Data Protection Regulation (GDPR) is a new piece of legislation that comes into effect in May this year. It is new to everyone and will have an impact on almost every organisation, charity, and PCC. Each diocese is working on how to support Cathedrals, DBF offices and parishes, and will be doing various things to achieve compliance.
There are range of documents that you will find helpful in preparing for, and setting up your GDPR work. This page is the central resource for GDPR for us in Gloucester Diocese.
Step 1: Getting Ready!
As part of your step one activities, please read through the resources below and complete your data audit checklist, which will help you identify any questions and concerns.
- Overview of GDPR – Parish GDPR Fact Sheet
- Training slides from our recent workshops – GDPR training for Parishes
- Parish Guide to GDPR – Click here for the detailed guide
Brief guide to Data Protection for PCC members – Click here
- Data Audit Checklist – Parish Resources Data Audit Checklist Template
- Make a plan with questions to help you where you have gaps in your checklist
- Agree a parish template policy – Parish Data and Information policy statement
- Do you have someone who can help you in the parish? We are hoping to have a working network of parish people. Let us know if you do. We are currently working on a mini role description for this position.
- Frequently Asked Questions – see below in Step 2.
- Privacy Notice vs Consent – Consent and Privacy Notice check out this document when you need either/both and add these to your plan
- Privacy Notice vs Consent – parishresources.org.uk/gdpr/privacy
- Template Diocesan Privacy Notice for all PCCs and for Incumbents
- Data Sharing Template guide
Have in Place
- PCC Data Policy – Parish Data and Information policy statement
- Completed Audit Checklist
- Consent form template where you need one – parishresources.org.uk/gdpr/consent
- Data/GDPR file to keep a record of all your plans, records and audit checklist!
Parish Resources GDPR hub: click here to visit the hub for national resources
Once you have worked through these resources and identified any questions, please check our frequently asked questions section below.
Step 2: Frequently Asked Questions
- Check whether your questions have been answered on our Frequently Asked Questions page.
- From 1 February we have set up a firstname.lastname@example.org email account for very general parish based enquiries (ie not parish specific) – as things progress please do email us your questions and each Friday morning we will compile an updated FAQ and publish them here, with a generic mix of the most frequently asked questions, and highlight them on the diocesan website as a further way of people checking things out.
- Privacy vs Consent Diocesan Document
- GDPR – key messages PowerPoint
Step 3: GDPR helpline
We have set up a helpline with our legal advisers VWV, (funded by the Diocesan Board of Finance) for parish specific enquiries that you may have from working through your checklists and templates.
The helpline number is: 0117 314 5311.
Each parish is eligible to one hour of dedicated GDPR legal advice from one of the team there. (The hour may be cumulative too as you may have several questions over a period of time). Before calling VWV, we would ask that you have completed Step 1 and Step 2. VWV will be able to advise you on any questions specific to your setting.
As things progress and dioceses offer information and guidance we will add anything directly here that might be of interest. London Diocese also has a resource that you might find helpful.