Carbury Parish Data Privacy Notice
The document provides a policy statement regarding the data protection obligations of our Parish,
thus ensuring that we comply to Data Protection Regulations within Irish Legislation. This policy
applies to all personal data collected and stored in the course of its’ activities.
What is Personal Data?
Personal Data relates to a living individual and from this data an individual can be identified. This
policy covers both personal and sensitive personal data held in relation to data subjects of the
Parish. This policy applies to personal data held in manual and automated form. The processing of
personal data is governed by the General Data Protection Regulations (GDPR).
Who we are and How we Process your Personal Data?
Carbury Parish is the Data Controller. The Parish complies with its obligations under GDPR by;
Obtaining and processing the information fairly
Keeping it for one or more specified, explicit and lawful purpose
Using and disclosing the information only in ways that are compatible with these purposes
Keeping the information safe and secure
Keeping the information accurate, complete and up-to-date
Ensuring that the information is adequate, relevant and not excessive
Retaining the information for no longer than is necessary
Give a copy of the personal information to an individual following the Data Subject Access
What do we use your Personal Data for?
Data is collected from parishioners, employees, volunteers and contractors. CCTV cameras are also
in operation for security purposes and there are clear signs outlining their use.
What is your Personal Data Used for?
To administer records held by us on members of the congregation e.g Baptismal,
Confirmation and Marriage Records.
To fundraise and promote the interests of the parish
To manage our employees and volunteers
To manage rotas for altar servers, ministers of the Eucharist etc.
To maintain our accounts and records including the processing of donations and tax
To inform you of any news, events and activities that are running in the Parish
What is the Legal Basis for Processing your Personal Data
Explicit consent of the data subject so that you can be informed about news, events,
activities and services, for processing your donations and keep you informed about events
in the Diocese.
Processing of personal data is necessary for carrying out obligations under employment
law, financial laws and other legal requirements.
Processing is carried out by a not-for-profit body with a religious aim provided that the
processing relates to congregation members or former members (or those who have
regular contact with the Parish in connection with those purposes) and
There is no disclosure to a third party without consent.
P003-1 Parish Data Privacy Notice Date of Issue: 08/10/2018
Sharing your Personal Data
Your personal data will be treated as strictly confidential and will only be shared with other clergy
or staff of the parish for the purposes connected to the Parish. We will only share your data with
third parties outside the parish with your consent. Service providers have remote access to our
web cams to report only on the number of views during broadcasted liturgies and there is a
service provider agreement in place.
How long do we keep your Personal Data?
We retain data in accordance with the guidance set out within Irish Data Protection Legislation.
Specifically, records of donations and associated paperwork are retained for 6 years after the
calendar year to which they relate. Parish registers such as Baptisms, Marriages, Confirmations are
Your Rights and Your Personal Data
Under the Data Protection Regulations, you have the right to request access to the personal
information held about you. Any requests should be addressed to the Parish Priest (contact details
below). Requests should be dealt with, within 30 days of receipt, unless there is a reason for the
delay, which is justifiable. You have the following rights;
Right of Access – You have the right to access information we hold about you.
Right of Correction – You have the right to correct information that is inaccurate or
Right of Erasure – In certain circumstances you can ask for data that we hold about you to
be erased i.e. the right to be forgotten.
Right to Restriction of Processing – Where certain conditions apply, you have the right to
restrict processing of your personal data
Right of Portability – Subject to certain circumstances, you have the right to have any data
that we hold about you transferred to another organisation where we hold it in electronic
Right to Object – You have the right to object to certain types of processing of data.
The Right to lodge a complaint with the Data Protection Commissioner’s Office.
To exercise any relevant rights, queries or complaints please contact:
Parish Priest: Fr John Fitzpatrick
Phone: 046-9553355 E-mail: [email protected]
You may also contact the Data Protection Commissioner Office on 00-353-57-8684800 or Lo-call
1890-252-231 or by e-mail [email protected] or by Post to; Data Protection Commissioner,
Canal House, Station Road, Portarlington R32 AP23 Co. Laois or their Dublin Office, 21 Fitzwilliam
Square, Dublin 2 D02 RD28.