Safeguarding and Privacy

NHS Test and Trace

As Sunday worship recommences at St Matthews, during this Coronavirus pandemic, we will be asking visitors to the church to provide contact details, which will be supplied to NHS Test and Trace if any member of the congregation tests positive for Coronavirus.

The information you give will only be used for this purpose, and will be destroyed after 21 days.  You can see the full privacy statement here.

COVID 19 Privacy Notice

This notice explains how information about you will be used temporarily by the PCC of St Matthews Church, Borstal during the Covid-19 pandemic crisis so that we can put in place a list of clergy, staff and visitors to the church buildings, as requested by the government in support of NHS Test and Trace. 

1/ Who we are
The PCC of St Matthews Church, Borstal are the data controller (contact details in section 7 below). This means we decide how your personal data is used and why.

2/ The information we collect about you and why we need it.
We collect your data for the purpose of supporting NHS Test and Trace, as requested by the government.
Although we may have your contact details already the Covid-19 pandemic has created a unique situation and additional reasons for us to collect the name and contact telephone number of all clergy, staff and visitors who use/ visit our church buildings in order to support NHS Test and Trace.
This is specifically in relation to contact tracing, which is the process of identifying, assessing, and managing people who have been exposed to a disease to prevent onward transmission and the investigation of local outbreaks.
In summary, Test and Trace:
Provides testing for anyone who has symptoms of coronavirus to find out if they have the virus
gets in touch with anyone who has had a positive test result to help them share information about any close recent contacts they have had; and
   alerts those contacts, where necessary, and notifies them they need to self-isolate to help stop the spread of the virus.

This is voluntary, and you can opt out of letting us share your details with NHS Test and Trace. 

3/ Lawful Basis
We will use your information lawfully, as explained below:
Consent.  We need your consent in order to collect your name and contact details to share with NHS Test and Trace if requested.  You will give us your consent by providing your details by filling in the form in church
Explicit consent.  We need your explicit consent to collect your data on the basis that you may have revealed a religious belief by using/ visiting our church buildings.  You will give us your explicit consent by filling in and signing the form provided.
You can withdraw your consent at any time after giving your details by letting us know you no longer want us to keep or share your personal data for the purpose of Test and Trace, however, once we have given your details to Test and Trace we will no longer be able to prevent processing.  To contact us, please see our contact details at 7. below.  We will continue to process your information unless told otherwise.

4/ Sharing your Data.
Personal data that is collected will only be used to share with NHS Test and Trace if requested. It will not be used for other purposes outside of those specified in this privacy notice. 

5/ Data Retention.
We will keep your name and contact details for 21 days and will dispose of it after this period.

6/ Your legal rights
Unless subject to an exemption under the GDPR or DPA 2018, you have the following rights with respect to your personal data:
The right to be informed about any data we hold about you
The right to request a copy of your personal data which we hold about you.
The right to withdraw your consent at any time, while the church body still has your data.
The right to request that we correct any personal data if it is found to be inaccurate or out of date.
The right to request your personal data is erased where it is no longer necessary for us to hold such data.
The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing.
The right to obtain and reuse your personal data to move, copy or transfer it from one IT system to another 

7/ Complaints and Queries
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.
Revd Sue Brewer
07930 492323
You also have the right to lodge a complaint with the Information Commissioners Office.  You can contact the Information Commissioners Office on 0303 123 1113 or online 

Safeguarding Children and Vulnerable adults

At St Matthews we take it very seriously that we must be a safe and welcoming place for all. We ensure that all engaged with children and vulnerable people have the required DBS certification and training.   The PCC have adopted the House of Bishops ‘Promoting a safer church: Safeguarding policy statement’

We believe that:
– everyone should be treated with dignity and respect
– the welfare of children, young people and adults at risk, is paramount
– we need to be transparent and open in all that we do
– we all take responsibility for the care and protection of the children, young people and adults involved in our church activities.

If you see or know something that concerns you, please share it with our clergy, nominated Safeguarding Officers or Church Wardens.

Priest-in-Charge:   This church is currently in vacancy

Parish Safeguarding Officer and Churchwarden:   Helen Cooper  07745 420055

Churchwarden:   Alison Robinson


General Data Protection Regulation (GDPR)

Privacy laws in the UK changed on 25th May 2018.

The new General Protection Regulation (GDPR) gives you more control over how your personal information is used and makes it easier for you to check and update any information we hold about you.

As far as St Matthews is concerned, any information we hold will, in the main, amount only to contact details such as your name, address, phone numbers and email address.  By keeping your details up to date, we can keep you informed of church activities and information which may be of interest or useful to you.  We will ask your permission before we hold your personal information.

We make sure that we use and store your data safely and securely.  Information is held only by church members having a legitimate need to do so, for example, but not exclusively, convenors of church groups, Messy Church leaders, those visiting or doing administration for baptisms and funerals and weddings, the Church electoral roll officer, and those preparing duty rotas.

Your information is held only on password-protected computers, or hard copy information in a locked filing cabinet, by authorised individuals.

All personal information will be kept for church use only and will not, in any circumstances, be passed to third parties. Your information will be erased as soon as it becomes redundant, no longer relevant or out of date.

GDPR gives you a number of legal rights to control what we do with your information.  For example, you can ask us to tell you what information we have about you, correct or update information that is wrong, or ask us to stop using your information.

We are committed to ensuring that your information is secure with us, remains confidential and accurate, and is used only for the purposes of ensuring better communication between the church and those we serve.

If you would like further information or explanation of any of these points, please contact us: