Privacy policy

Council for World Mission (UK) Privacy Statement

In carrying out our day to day activities Council for World Mission (UK) collects, processes and stores personal data relating to participants on our programmes, supporters and members. We are therefore required to adhere to the requirements of data protection legislation. We take our responsibilities under this legislation very seriously and promise to respect any personal data you share with us and keep it safe. We aim to be clear when we collect your personal data, and not do anything that you wouldn’t reasonably expect. Here we tell you what we will, and will not do, with your personal data.

Your personal data – what is it?

Personal data relates to a living individual who can be identified from the data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the GDPR) and the Data Protection Act 2018.

Who are we?

Council for World Mission (UK) is the data controller (contact details below). This means that we determine how your personal data is processed and for what purposes.

Our duty

We will comply with our obligations under GDPR and the Data Protection Act 2018 by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting data from loss, misuse, unauthorised access and disclosure by ensuring that appropriate organisational and technical measures are in place to protect personal data.

What sort of personal data do we collect?

We gather personal data from you when you apply for a programme, enquire about our activities, register for an event, make a donation, collaborate with CWM or otherwise provide us with your personal data for a specific purpose.

The personal data that we request when you engage with us might include your name, your age, gender, location, contact information like address, email and telephone number, your church or other organisation affiliation, as well as credit card or other financial information needed to process donations or event fees. If we need to arrange travel for you, we may ask for copies of your passport or visas. We may also ask if you are a UK tax payer so that we can claim Gift Aid. We will never request personal information about your health or the health of your family members without first informing you how that information will be used and receive your express consent for such use e.g. extensive overseas travel, pension provision.

If you are part of a CWM member church, a former missionary or have been involved in programmes with CWM, your personal data is automatically stored from when we first made contact with you.

Your personal data may be shared with us by your member church. These independent third parties will only do this when you have indicated that you wish to work with CWM and with
your consent. You should check their Privacy Policy when you provide your data to understand fully how they will process it.

How do we use your personal data?

We may use your personal data for a number of purposes, including the following:

  • To communicate with you, and to provide you with information about our work or activities that you have requested, e.g. sending e-newsletters, invitations to events, or letting you know about opportunities for collaboration;
  • With your permission, to use the story of your experience with CWM to promote our work;
  • To administer payments, donations, legacies or bequests, and to maintain our accounts;
  • To administer our programmes or events, including applications, travel arrangements, feedback and evaluations;
  • To communicate with our tenants in relation to the management of property owned by CWM;
  • To manage any feedback or complaints;
  • For internal record keeping, including the preservation of CWM’s archives for the purposes of historical research.

What is the legal basis for processing your personal data?

Under GDPR we are required to inform you of the legal basis for processing your personal data. Broadly, there are a number of grounds which CWM (UK) will use, including:

  • Consent – where you have given us explicit consent to use your personal data for a specific purpose, e.g. to keep you informed about news, events, activities and services, to process your gift aid donations, or to make use of images taken of you for the reporting and promotion of CWM’s work.
  • Contractual – where processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract.
  • Legal obligation – where processing is necessary for compliance with a legal obligation to which CWM is subject.
  • Legitimate interests – in specific situations, we may require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our organisation and which does not materially impact on your rights, freedoms or interests.

Who do we share your personal data with?

We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (e.g. to process payments and donations, to book travel flights, to store or archive records). When we use third party service providers, we only disclose information necessary to deliver that service and there will always be a contract in place to ensure your information is kept secure. We will not share or sell your data to third parties to use for their own purposes unless we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.

Although most of the information we store and process stays within the UK, some information may be transferred to countries outside the European Economic Area (EEA). This may occur if, for example, one of our other regional offices needs the information or one of our trusted partner’s servers are located in a country outside the EEA. These countries may not have similar data protection laws to the UK. However, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law. By submitting your personal information to us you agree to this transfer, storing or processing at a location outside the EEA.

How will we keep your personal information secure?

We endeavour to ensure that there are appropriate and proportional technical and organisational measures to prevent the loss, destruction, misuse, alteration, unauthorised disclosure of or access to your personal data.

Your personal data is stored in secure areas or on our systems, which are password protected, and is only accessible to authorised CWM staff, belonging to specific departments and regions across the organisation, and trusted subcontracted parties (see above).

How long will we hold your personal information for?

Council for World Mission (UK) considers its relationship with its members, colleagues and churches to be life-long, and we will keep hold of your contact details until you tell us you no longer wish to hear from us.

We will take into consideration our legal obligations, tax and accounting rules and legitimate business interests when determining how long we should retain your information, in accordance with our Retention Schedule. When we no longer need to retain your information, we will ensure it is securely disposed of, at the appropriate time.

Your choices

Where we rely on your consent to use your personal data, you have the right to withdraw that consent at any time. To opt out of communications, please use the contact details below.

If you choose not to receive communications from us, we will update our records to stop further communication as quickly as we can. Due to some communications already being in progress at the point you opt out, please be aware that it can take up to 6 weeks for your preferences to be fully implemented.

Your rights

Unless subject to an exemption under GDPR or the Data Protection Act 2018, you also have the following rights with respect to your personal data:

  • Right to be informed – you have the right to be told how your personal data will be used. This policy and other statements used in our communications with you are intended to provide you with a clear and transparent description of how your personal data may be used.
  • Right of access – you can ask us for confirmation of what information we hold on you and request a copy of that data. Provided we are satisfied that you are entitled to see the information requested and we have confirmed your identity, we have one month to comply.
  • Right to rectification – if you believe our records of your personal data are inaccurate, you have the right to ask for those records to be updated.
  • Right to erasure – you can ask for your personal data to be deleted from our records, where it is no longer necessary for us to retain such data.
  • Right to restrict processing – you have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate use.
  • Right to object – you have the right to object to the processing of your personal data in certain circumstances.
  • You have the right to raise a concern or complaint about the way in which your personal data is being used, including the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Contact details

If you wish to talk through anything in our privacy statement, withdraw your consent to receive information from us, find out more about your rights, or obtain a copy of the information we hold about you, please contact:

Council for World Mission (UK)
Ipalo House, 32-34 Great Peter Street, London SW1P 2DB, UK
Tel: +44 (0)20 7222 4214
Email: council.uk@cwmission.org

Download this information as a PDF