“Syro-Malabar Catholic Church of Cork, Ireland” (The “Church”) is in communion with the Apostolic See of Rome and is in the authority of the Syro- Malabar Major Archiepiscopal Church. We are supported and guided by the Diocese of Cork & Ross and governed by the Syro- Malabar Apostolic Visitation of Europe. We are a legally approved charitable organization, registered with ‘The Charities Regulator, Ireland’. RCN: 20204848)
The Church is a data controller of certain personal data for the purposes of the General Data Protection Regulation 2016/676 (the “GDPR”). The Church is committed to ensuring that personal data is properly and securely managed in accordance with the GDPR and the Data Protection Acts 1988 to 2018 (the “Acts”). This policy is to inform you how the Parish will treat your personal data.
What information do we collect?
Data is collected from members, volunteers and employees. The personal data which the Church may collect includes the following: –
Name, baptism name and contact details;
Gender, age, date of birth, nationality, marital and family status;
Information about your family members;
Information about your original parish, Diocese and rite.
PPS number, where you donate to the Church;
CCTV recordings and photographs;
Images obtained through streaming of our services, where applicable;
Data relating to Garda vetting applications.
We may also collect and process special category personal data, including data about your race, ethnicity, religious beliefs or health.
How we collect the data we hold about you
Most of the personal information we process is provided to us directly by you in one of the following ways:
You using the “contact us” facility on our website;
You contacting the Church by phone, email or letter and providing data to us;
You completing forms for the Church;
Through face-to-face meetings with you;
If you have attended or registered to attend an event with the Church;
If you have applied for a job or volunteered with the Church;
When you use the vetting service;
When you attend our Church services and your image is captured on the CCTV system or streaming service.
Why we process your data and the lawful basis for processing your data
We must have a lawful basis for processing your data. The lawful basis will vary depending on the circumstances and the type of data involved. One lawful basis is where you have given your consent to us processing your data. (This consent can be withdrawn by contacting us.) Other examples are where the processing is necessary for one of the following reasons: –
Our legitimate interests;
The performance of a contract to which you are a party;
Compliance with a legal obligation to which the Church is subject;
In order to protect your or another person’s vital interests (e.g., to protect your life).
We must have an additional lawful basis for processing special category data, here are some examples: –
You have given us your explicit consent to processing the information;
Processing is necessary for the purposes of our or your obligations and rights in employment, social security and social protection law;
Processing is necessary to protect your or another person’s vital interests (e.g. to protect your life);
Processing is carried out in the course of our legitimate activities where the processing relates solely to our members or to former members and the personal data is not disclosed outside the Parish without your consent;
Processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
What we do with the information we have
We use your information for a number of purposes including:
To provide pastoral and spiritual care and to administer sacraments;
To promote the Church, to keep you up to date with news and events in the Church and, where appropriate, other Catholic organisations and Dioceses.
To administer and maintain records and accounts;
To respond to queries and to process application forms;
To fundraise for the Church, to process donations and to administer applications under the Charitable Donations Scheme;
For auditing, statistical, archiving or historical research purposes;
In the case of CCTV images, for safety and security reasons;
To manage employees and volunteers of the Parish, including managing rotas for altar servers, Choir, Ministers of the Eucharist etc.
To obtain and retain a Garda vetting disclosure, where required;
To stream our services;
To process safeguarding complaints in accordance with legal requirements.
The Church does not use automatic decision-making software and does not engage in profiling.
Who we share your data with?
Your personal data will be treated as strictly confidential and will only be shared with third parties outside the Church with your consent or, as otherwise permitted by law.
We may share your personal data with the following:
Entities who provide services to the Church or with our professional advisors e.g. IT consultants, accountants and/or solicitors, where the appropriate data sharing agreements are in place;
An Garda Síochána in relation to the detection or prevention of a crime;
Other Governmental departments or statutory agencies as required by law;
The Revenue Commissioners in relation to applications under the Charitable Donation Scheme;
Where we stream services, your image may be shared on the appropriate streaming platform;
We may post photos or videos to our social media pages, where appropriate, with your consent.
How we store your information
We store your information in a confidential manner and use appropriate technical and organisational measures to protect your personal data.
We retain data for as long as is necessary in accordance with data protection legislation. For example, records of donations and associated paperwork are retained temporarily. Church registers such as Baptisms, Marriages and Confirmations are kept permanently.
Your data protection rights
You have a number of rights under the GDPR and the Acts. These include the following: –
Informed – you have the right to be informed about any personal data that we hold relating to you, including information as to the accuracy of the data and the purpose for which it is used;
Access – you have the right to be given a copy of your personal data on request;
Rectification – you have the right to have any inaccurate data held by us rectified free of charge;
Restriction – where there is a dispute in relation to the accuracy or processing of your personal data, you can ask for a restriction to be placed on further processing;
Withdraw – where we rely on your consent to process your personal data, you can withdraw your consent;
Object – you have the right to object to the processing of your personal data;
Erasure – you have the right to request us to delete your personal data, this is known as the “right to be forgotten”;
Data portability – you have the right to request us to provide you or a third party, with a copy of your personal data in a structured, commonly used machine-readable format.
The above rights are subject to certain exceptions and may be restricted in certain circumstances.
Rights may only be exercised by the individual whose information is being held by the Church or with that individual’s express permission. We may request proof of identity for verification purposes before you can exercise any of these rights.
Changes to Policy