PRIVACY, DATA HANDLING AND RETENTION POLICY
God calls us to love our neighbor as we love ourselves, and this means handling the personal information of other people as we would want our information handled. Because of this, YWAM Derby is committed to keeping the letter and spirit of the law regarding the new General Data Protection Regulations (GDPR).
WHAT DATA WE HOLD
Paper files: Former trainee and missionary files, including application forms, references, records of police checks and safeguarding training, etc.
Paper Files: Current trainee and missionary files, including application forms, references, records of police checks and safeguarding training, etc.
Electronic Files and Paper Files: Current incomplete and recently completed application packs for missionaries and trainees.
Electronic and Paper Files: Current and past financial records, including but not limited to resident contributions to living expenses, fees for training courses, payments for utilities, payments for use of the building by various organisations, etc.
Electronic Storage: Telephone numbers, email address, and business addresses for local Christian church/outreach/ministry/missionary workers in the city, the nation and around the world, who we have been in contact with for business purposes.
Electronic Storage: Emails from those recently enquiring about serving as short-term or long-term missionaries with YWAM Derby, and from those enquiring about training courses we are running.
USE OF DATA
Data collected will only be used for the purpose for which it has been given. Temporary Data Handling and Retention Policy Created 6 June, 2018 Approved by YWAM Derby Board of Trustees: 10/10/2018 Review Due: 2021
Paper files: all files including personal data are kept in a locked filing cabinet, with access limited to 2 members of YWAM Derby, who make up the Personnel Team. These at present are Sandra Hobbs and Jonathan Schmidt.
Electronic files: all files are kept in the Personnel OneDrive, which is password protected; sensitive information such as passport copies, applications, etc. are encrypted using Axcrypt with a strong password encryption.
Emails: all emails are accessed as needed, with a password protected email browser and device.
Contact details: all contact details are held on-line, only accessed as needed on password-protected devices such as laptop computers and telephones. These devices are either kept securely with us, or locked in a secure filing cabinet with limited access.
All devices (except personal devices) and paper files are stored in locked filing cabinets, accessible only to those who need them, and these in turn are kept in an office which is locked and alarmed when not in use.
YWAM Derby will hold enquiry emails for maximum 6 months, unless further communication is required.
YWAM Derby will hold personal data for up to 6 years.
List of names and dates of service of former trainees/staff/missionaries/volunteers and dates of service will be kept indefinitely.
Any data which is required to be held for reasons of safeguarding will be kept securely for as long as necessary (as advised by legal advisors, insurers, best practice, the Churches Child Protection Advisory Service, etc.)
ACCESS TO PERSONAL DATA
Anyone whose data is held by YWAM Derby may request to see what data is held. In order to do this the person must request this in writing and provide proof of identity. We will aim to provide a copy of all data held within 30 days of request and proof of identity being received.
Of course, as according to legislation, any person may request that any data held by YWAM Derby be “forgotten.” This will be done within 30 days of request and proof of identity being received. We will, however, need to keep the name and dates of service with YWAM Derby on record.
Temporary Data Handling and Retention Policy
Created 6 June, 2018 Approved by YWAM Derby Board of Trustees: 10/10/2018 Review Due: 2021