School of Discipleship (SOD): Deepen your spiritual growth through structured discipleship, biblical teaching, and practical Christian living. If you are interested, please fill the Contact Form to notify us.Believers’ Class: Build a strong foundation in Christian faith, prayer, and daily walk with Christ. If you are interested, please fill the Contact Form to notify us.Baptismal Class: Learn the meaning of baptism and prepare for this important step of faith. If you are interested, please fill the Contact Form to notify us.Transportation: If you need church-provided transportation to attend services or classes, please fill the Contact Form to notify us in advance so arrangements can be made.

Legal

Privacy Policy

Last updated: March 10, 2026. This policy explains how RCCG Living Seed Church Derby collects, uses, stores, and protects personal data in line with UK GDPR, EU GDPR principles, and the Data Protection Act 2018.

Who We Are

RCCG Living Seed Church Derby is the data controller for personal data processed through this website for church communication, ministry operations, event registration, safeguarding duties, and pastoral care.

Personal Data We Collect

  • Contact details you submit, including name, email address, and phone number.
  • Central People records used to connect your contact details, roles, consents, attendance, cell group, worker, and follow-up records safely.
  • Profile update submissions and secure update-link activity used to help you maintain your church record without creating a website account.
  • Profile photos where you choose to upload them, including photo consent preferences and update history.
  • Event registration details, ticket information, and attendance/check-in records.
  • First-timer details, including contact preferences, consent choices, visit context, and optional prayer requests.
  • Follow-up records, contact history, assigned care administrators, outcomes, and pastoral support notes where provided.
  • Worker and department administration records, including role assignments, operational notes, and availability-related details where provided.
  • Birthday day/month and anniversary details where you provide them for church care, reminders, and greetings.
  • Cell group submissions, assigned cell group, membership status, transfer history, and birthday day/month collected through cell group forms.
  • Store orders, donation records, Gift Aid declarations, and digital download access records where relevant.
  • Newsletter subscription data and ministry join requests.
  • Basic technical data needed for site security, authentication, cookie preferences, and fraud prevention.

How We Use Your Data

  • Respond to inquiries, prayer requests, and church office communications.
  • Welcome first-time visitors and provide follow-up contact by email, SMS, WhatsApp, or phone where consent has been given.
  • Coordinate follow-up, pastoral care, and church support through authorised workers or administrators.
  • Manage worker teams, departments, leadership roles, and operational church service rotas.
  • Prepare birthday and anniversary reminders and send greetings only through channels where suitable consent exists.
  • Assign people to cell groups, maintain cell group membership records, and support communication and care administration.
  • Manage events, tickets, store orders, digital downloads, donations, Gift Aid declarations, and ministry participation requests.
  • Maintain data quality, duplicate review, consent history, retention reviews, and aggregate reporting for church administration.
  • Allow members and workers to update their own details securely through time-limited update links.
  • Use profile photos internally for administration, care, and celebration readiness where appropriate consent has been recorded.
  • Send newsletters or updates where you have requested to receive them.
  • Protect children, young people, and vulnerable adults as part of safeguarding obligations.
  • Maintain platform security, fraud prevention, and service continuity.

Lawful Bases (GDPR)

  • Consent for newsletter signup and optional communication preferences.
  • Consent for first-timer follow-up contact by the channels you select.
  • Consent for birthday and anniversary messages by email, SMS, WhatsApp, or phone where you have chosen to receive them.
  • Contract where processing is needed for event registrations, store orders, digital fulfilment, or donations you request.
  • Legitimate interests for church administration, ministry coordination, and website operations.
  • Legal obligation and vital interests for safeguarding, financial recordkeeping, charity administration, and statutory duties.

People Records and Governance

We may maintain a central People record so authorised church administrators can connect contact details, ministry roles, attendance, first-timer follow-up, cell group membership, worker records, birthdays, anniversaries, and communication consent without creating unnecessary duplicate records. Finance, Gift Aid, store, testimony, and pastoral details remain in their own systems and are not broadly exposed through a general People profile.

We also keep audit logs, duplicate review notes, privacy action records, and retention review records to help us correct data, respond to privacy requests, and demonstrate responsible administration.

Self-Service Updates and Profile Photos

Where we provide a secure update link, it is time-limited and intended only for the person it was sent to. We record profile update submissions, processing outcomes, and review flags so authorised administrators can correct records and resolve conflicts without requiring member accounts or passwords.

Profile photos are optional. If you upload one, we store a reference to it on your central People record and record whether you consent to church use of the photo for internal administration and celebration purposes. Profile photos are not used to create a public member directory.

Payments, Orders, and Giving

Card payments on this website are processed by Stripe. We do not store full card details on our servers. Where you place a store order, register for a paid event, or make a donation, we keep the transaction details needed to fulfil the request, reconcile payments, respond to support queries, and maintain accounting records.

Gift Aid

If you submit a Gift Aid declaration, we collect the donor information required to support that declaration, including your name and home address. We retain Gift Aid records as required for charity and tax compliance.

First-Timer and Prayer Requests

If you complete the first-timer form, we use your details to welcome you, understand which service you attended, and contact you only through the channels you agree to. Prayer requests are optional and are treated as sensitive church-context information, visible only to authorised church administrators. Follow-up notes and contact history are kept separate from general people profile fields and are used for care and administration.

Workers and Departments

Where someone serves as a church worker, we may keep operational records about their department assignments, worker status, onboarding, and leadership roles. These records are separate from finance, Gift Aid, testimony, and pastoral follow-up notes.

Birthdays and Anniversaries

Where birthday or anniversary information is provided, we use it for church care reminders and optional greetings. General celebration views use day and month rather than broadly exposing full dates of birth. Automated birthday or anniversary messages are only sent where the relevant communication consent has been recorded, and you can ask us to update or withdraw that consent at any time.

Cell Groups

When you submit a cell group form, we use your details to assign you to a suitable group, keep a record of current or historical membership, and maintain the original submission for administration. Birthday day and month collected through cell group forms may also be used for church care reminders, but conflicting details are not automatically overwritten.

Retention

We keep personal data only as long as necessary for operational, legal, financial, and safeguarding purposes. Data is periodically reviewed and removed or anonymized when no longer required. Some records, such as finance, Gift Aid, safeguarding, and audit records, may need to be retained for legal or accountability reasons even if other contact or profile information is corrected, restricted, archived, or anonymized.

Your Rights

Subject to applicable law, you may request to:

  • Access your personal data.
  • Correct inaccurate or incomplete data.
  • Erase data where there is no lawful reason to retain it.
  • Restrict or object to certain processing.
  • Withdraw consent where consent is the legal basis.
  • Ask us to review retention, record a correction, or consider anonymisation where appropriate.

Data Sharing and Processors

We use trusted service providers for hosting, data storage, payment processing, newsletter delivery, and email communications, including Supabase, Stripe, Mailchimp, and our SMTP email provider. We do not sell personal data. Where processors are used, appropriate contractual and security controls are applied.

International Transfers

Some of our service providers may process data outside the UK. Where that happens, we rely on lawful transfer mechanisms and provider safeguards designed to protect personal data to UK GDPR standards.

Contact and Complaints

For privacy requests, contact the church office at info@rccglscderby.org or by phone on 07979 592862. You also have the right to raise concerns with the UK Information Commissioner's Office (ICO).