Data Protection Policy and Procedure

The United Reformed Church’s Data Protection Policy outlines its commitment to handling personal data lawfully, fairly, and transparently, in compliance with the UK Data Protection Act 2018 and GDPR. It defines personal data and special categories, emphasizes data subject rights, and details procedures for secure data processing, storage, and breach notification. The policy assigns a Designated Officer for oversight, mandates training, and enforces accountability for employees, volunteers, and contractors. Regular reviews ensure ongoing compliance, with clear retention and reporting requirements, all aimed at safeguarding individual privacy and meeting legal obligations.