The Catholic Parish of St Philip Evans is committed to protecting your privacy. Below you will find a summary of the ways we keep personal data safe, in accord with EU and UK law. We use the term "parish officers" to include clergy (the parish priest and parish deacon), Director of the Deaf Service, any seminarian on placement in the parish, employees who by the nature of their work need to access personal data (e.g. parish secretary) and volunteers who run catechetical programmes (e.g. for adult converts, for teenage confirmation) or co-ordinate pastoral visiting (e.g. to those who are sick or have been bereaved).
Personal information connected with Baptisms, First Communions, Confirmations, Weddings and Receptions into the Catholic Church is stored in permanent written registers. Adults can access fully their own personal data on request, and legal guardians can access data of those under their protection. Since the Sacraments celebrated are public acts of the Catholic Church, any member of the public may enquire whether and when a named individual received a particular sacrament. We occasionally receive requests to remove information from our registers; since they are a historical record of ceremonies which actually took place, we cannot remove the record of someone who no longer wishes to be regarded as a Catholic, although we can annotate their entry with a note to that effect. If proof is supplied that our records are historically inaccurate, the appropriate correction can be made.
A small number of parish officers (e.g. priest, deacon, co-ordinator of each sacramental course or pastoral care group) will be granted full access to the contact details on the database. The database can also contain “pastoral notes” for a restricted audience (e.g. priest, deacon, and co-ordinator of the converts’ group only; deaf service officers only, etc.) where there is no need to share information more widely. On request, a person’s contact details may be retricted to such a pastoral note if there is concern about parish officers having wider access.
Many parish officers are given email accounts @sphilipevans.co.uk which are business accounts on Google Mail. Such officers are asked to use parish email rather than personal email for their parish-related work in order to provide an audit trail should the need arise. Some Google servers are outside the European Economic Area, but we have opted into the model contracts Google provides to ensure compliance with European Union data protection laws.
It is inevitable that third parties will email or telephone the parish to communicate information deemed “sensitive” under UK law because it contains information about a person’s religious status or state of health. To the extent unavoidable by such use of electronic communications, consent will be deemed to have been given by the act of sending the message. However, when the message contains sensitive information about other competent adults, their consent will be sought for the parish to retain this information.
St Philip Evans is part of the Archdiocese of Cardiff, which is a single Registered Charity, number 242380, with a board of trustees. The Diocesan Treasurer’s Office handles arrangements for processing of financial data (Gift Aid, Standing Orders, Legacies) and the parish Gift Aid Administrator handles data according to their rules. Other parish officers are only privy to the end-of-year reports and the transfer information which appears on monthly bank statements.
The Diocesan Safeguarding Office handles arrangements for clearance of volunteers needing a DBS-check to work with children or vulnerable adults. Records concerning applications or allegations are stored on parish premises in a locked filing cabinet to which the Parish Priest has no access; only the parish Safeguarding Officials operating at the direction of the diocesan Safeguarding Office may access this. Other parish officials are simply given a list of names of those cleared to work with children or vulnerable adults.