Privacy Policy

Effective Date: 15/01/2026
Last Updated: 15/01/2026

Thank you for visiting https://www.whipton.church (“we”, “us”, “our”, “the Church”). This Privacy Policy explains how we collect, use, share, and protect your personal data when you interact with our website, services, or ChurchSuite system.

1. Who We Are

Whipton Church is part of the Church of England. We are the data controller for personal information you provide to us, unless otherwise stated.

2. What Personal Data We Collect

a. Data You Provide Directly

We may collect personal information you provide when you:

  • Sign up for events, courses, newsletters or contact us.
  • Use ChurchSuite to register, update your details, or manage your profile.
  • Contact us by email, forms, or in person.

Typical personal data may include:

  • Name, address, email, phone number
  • Date of birth
  • Contact preferences
  • Church membership or ministry involvement
  • Any additional info you choose to provide

b. Automatic Data Collection (Website)

When you visit our website, we may automatically collect:

  • IP address
  • Browser type and version
  • Operating system
  • Pages you visit
  • Time spent on pages
  • Referral source

This data is usually anonymous or aggregated for analytics and service improvements.

3. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience and to collect information about how the site is used. Cookies are small text files stored by your browser.

Types of Cookies We Use

  • Strictly Necessary Cookies: Required for basic site functions.
  • Analytics Cookies: Used to understand visitor behaviour (e.g., pages visited, session length) and improve our site.
  • Optional/Marketing Cookies: May be used for tracking effectiveness of communications or adverts.

You can manage or disable cookies via your browser settings. Disabling some cookies may affect website functionality.

Note: Cookie use on websites is regulated under the UK’s Privacy and Electronic Communications Regulations (PECR) and UK GDPR principles. We will ensure appropriate consent mechanisms where required.

4. Data Collected Through ChurchSuite

We use ChurchSuite, a church management platform, to manage congregation data, event registrations, communications, and other church functions.

What Data ChurchSuite May Hold

ChurchSuite may contain:

  • Contact details (name, email, phone, address)
  • Membership status and group involvement
  • Event registrations and attendance
  • Communication preferences

ChurchSuite is designed to help us comply with data protection best practices. ChurchSuite also provides tools to record consent and manage data securely.

How ChurchSuite Uses Your Data

Data in ChurchSuite is used to:

  • Administer church activities (events, groups, ministries)
  • Communicate with you (newsletters, updates, pastoral contact)
  • Manage your account and consent preferences

You can manage your own ChurchSuite account details (e.g., update contact info or communication preferences) where enabled by the system.

5. Lawful Bases for Processing

We process personal data under one or more lawful bases, including:

  • Consent — where you agree to receive communications or provide personal data.
  • Contract/Performance of a service — to fulfil commitments like event participation.
  • Legitimate interests — for administration, security, and improving church services.
  • Legal obligations — to comply with law where applicable.

6. How We Share Your Data

We will never sell your personal information. We may share data:

  • With ChurchSuite as a data processor to help administer church activities.
  • With service providers that support our operations (e.g., email platforms, analytics).
  • Where legally required (e.g., safeguarding, law enforcement).

Other third parties (like social media platforms) may collect data under their own privacy policies if you interact with their content.

7. Data Retention

We keep your personal data only as long as necessary for the purposes it was collected and in line with legal obligations. If you stop engaging with the church, we will delete or anonymise your data after a reasonable period, unless retention is required for legal or safeguarding reasons.

8. Security of Your Data

We implement technical and organisational measures to protect personal data against unauthorised access, loss, or misuse. However, no system can guarantee 100% security.

9. Your Rights

Under UK GDPR and data protection law, you have rights including:

  • Access to your personal data
  • Rectification of errors
  • Erasure (right to be forgotten)
  • Restriction or objection to processing
  • Data portability
  • Withdrawal of consent

To exercise your rights, please contact us (details below).

10. Contact Information

If you have questions about this policy or want to exercise your data rights:

Email: info@whipton.church
Address:
St. Boniface Church, Brookway,
Whipton,
Exeter.
EX13JH

If you have unresolved concerns, you can also contact the Information Commissioner’s Office (ICO) in the UK.