Introduction

Restore Enterprise Ltd is committed to protecting individual’s data and privacy in accordance with the provisions of the Data Protection Act 1998 and the General Data Protection Regulations (GDPR) 2018.

This privacy policy tells you what to expect when we collect your personal information. It tells you how we will use the information and the rights you have in relation to this.

1. Who looks after your personal data?

Your personal data will be held by Restore Enterprise Ltd. You can find more information about us and about our work in about us.

2. Who are we?

Restore Enterprise Limited is a UK registered company limited by guarantee.

Within the organisation are office holders who work together to deliver its mandate, such as:

  • Directors
  • Employees
  • Ministers
  • Community Elders
  • Deacons/Deaconesses

As part of our mission, we may need to share personal data we hold with the office holders above, so they can carry out their responsibilities. This means we are responsible to you for how we process your data. Under the GDPR, we each are your data controller.

Each of the data controllers has their own tasks within the organisation and a description of what data is processed and for what purpose is set out in this Privacy Policy. In the body of this Privacy Policy, we use the word “we” to refer to each data controller, as appropriate.

3. Your personal data: What is it?

It is information about a living individual who can identified from that data or any other available data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (GDPR).

4. What data do we collect?

Your name, email address, contact details, IP address, information from cookies, information about your computer or device (e.g. device and browser type), information about how you use our website (e.g. which pages you have viewed, the time when you view them and what you clicked on, the geographical location from which you accessed our website (based on your IP address), company name or business name (if applicable), VAT number (if applicable) and whether you have participated in our webinars or events (and if so how long you were on each webinar call for and / or what dietary requirements you have)

Where they are relevant to our mandate, or where you provide them to us, we may collect demographic information such as gender, age, date of birth, marital status, nationality, education/work histories, academic/professional qualifications, hobbies, family composition, and dependants;

Where you make donations or pay for activities such as fee paid to attend any of our fee-paying events, financial identifiers such as bank account numbers, payment card numbers, payment/transaction identifiers;

The data we collect is likely to constitute sensitive personal data which may be suggestive of your religious beliefs. Where you provide this information, we may also process other categories of sensitive personal data: racial or ethnic origin, sex life, mental and physical health, details of injuries, medication/treatment received, political beliefs, labour union affiliation, genetic data, biometric data, data concerning sexual orientation and criminal records, fines and other similar judicial records. 

5. Why we process personal data?

We process personal data for some or all of the following purposes:

  • To enable us to meet all legal and statutory obligations;
  • To deliver our mandate to our community and to carry out other activities for the benefit of our users as provided for in the constitution;
  • To minister to our users and provide them with pastoral and spiritual care;
  • To administer membership records;
  • To fundraise and promote the interests of the organisation;
  • To maintain our accounts and records;
  • To inform individuals of news, events, activities we provide;
  • To process a donation that you have made (including Gift Aid information);
  • To update our users on, products and services, news and events, webinars and courses;
  • To find out what our users think of our products and services, events, webinars and courses.
  • To understand our users’ motivation and behaviour to improve our digital estate.
  • To send communications which have been requested for and that may be of interest to our users.

6. How do we collect your data?

We collect your data when you provide it to us (e.g. by contacting us via our website, registering for one or more of our events or to subscribe to receive emails). We also collect data from your use of our website, using cookies and occasionally from third parties.

7. What is the legal basis for processing your personal data?

Under the GDPR, Restore Enterprise Ltd processes your data on the basis of:

  • Legitimate interest – in relation to performing our ecclesiastical duties to our members.
  • Legal obligation - in relation to meeting all our legal and statutory obligations as required in our constitution.
  • Contract – in relation to an agreement which the person has entered into or because the person has asked for something to be done so they can enter into a contract or agreement with us
  • Consent – in relation to informing users of our products and services about our activities and events.
  • Special category data – Restore Enterprise Ltd also has a legitimate interest in processing information about your religious beliefs to administer membership or contact details under Article 9(2)(d) of the GDPR. We will first obtain your consent where this is required.

8. Who do we share your personal data with?

Your personal data will be treated as strictly confidential. It will only be shared with third parties where it is necessary in relation to the provision of our products and services or where you have given us prior consent.

Part of our business activity requires using third parties to perform certain business-related functions which involves processing your personal data on our behalf. These organisations include our event booking agencies, data analysis service providers, email service providers, social media network sites and others. When we engage these organisations to perform such functions, they provide us with information, including Personal Data, in connection with their performance of such functions. 

Whenever you use the services of our third-party providers you have the option to provide or withhold your personal information in accordance with this privacy notice. However, we will not be able to provide you with any of our products and/or services if you do not provide the required information as requested. For more information about our third-party providers’ privacy policies, click on the relevant links below:

Eventbrite.com privacy policy

Facebook privacy policy

Google + privacy policy

Google survey privacy policy

Instagram privacy policy

Mailchimp privacy policy

Meetup privacy policy

Soundcloud privacy policy

Twitter privacy policy

Youtube privacy policy

Zoom privacy policy

Restore Enterprise Ltd is not responsible for the privacy practices or the content of these websites. Users should be aware of this when they leave our Service to review the privacy statements of each third-party website. This Privacy Policy applies solely to information collected by Restore Enterprise Ltd.

9. How long do we keep your personal data?

We will keep some records permanently if we are legally required to do so. We may keep some other records for an extended period of time. For example, it is current best practice to keep financial records for a minimum period of 7 years to support HMRC audits. In general, we will endeavour to keep data only for as long as we need it. This means that we may delete it when it is no longer needed.

Information security

We use appropriate organisational and technical measures such as storing your information on secure servers, using only encrypted payment providers, to protect the personal data we have under our control (having regard to the type and amount of that data), from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss.

We will ensure that your information will not be disclosed except if required by law or when requested to by regulatory bodies or law enforcement organisations.

We will only grant access to your information where necessary.

Use of cookies

We use cookies on our website including essential, functional, analytical and targeting cookies. For more information, please visit our cookies policy

Transfers of your information outside the European Economic Area

Our websites are hosted outside of the European Economic Area with TTPWholesale. In order to ensure your information is safeguarded our hosting provider’s datacenter complies with required data security regulation. For more information see the privacy policy and terms and conditions.

Use of automated decision making and profiling

We do not make use of automated decision making and/or profiling decision-making software.

10. What are your rights?

If at any point you believe the information we process about you is incorrect you may request to see this information, and have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact our office and we will investigate to resolve the matter.

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).

Under the General Data Protection Regulation (GDPR), you have a number of rights in relation to your personal information including:

  • The right to access the personal information we have about you. Individuals can find out if we hold any personal information by making a ‘subject access request’ (SAR) under the GDPR;
  • The right to ask us to correct personal information that is wrong or incomplete;
  • The right to ask us to stop using or delete your personal information;
  • The right to receive any personal information we have on you including: our purpose for processing your personal data, our retention period for that personal data, and who it will be shared with. This is called ‘privacy information’.

11. Further processing

If we wish to use your personal data for a new purpose, not covered by this Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.  Where and whenever necessary, we will seek your prior consent to the new processing.

12. Changes to this privacy notice

We will keep our privacy notice under regular review. This privacy policy is effective from 25 May 2018.

13. How to contact us?

If you want to request information about our cookie policy, you can email or write to:

Restore Enterprise Limited
Kemp House,
160 City Road,
London, England,
EC1V 2NX