We are moving! Please transfer your account now.

Parish Pump is moving to a new website. You should transfer your account as soon as you can.

Transferring your account will keep all your account details and expiry date as they are, and you will be able to use your account straight away. Just click the button below to start the process - we will give you full instructions, and it will take about 5 minutes.

No time to transfer now? That's okay! You can use this current site as normal during May 2018, but future content will only be available on the new site.

N.B. If you've already made the transfer, then you don't need to do it again, just click here to go to the new site! https://new.parishpump.co.uk

General Data Protection Regulation

Has anyone started to consider the implications of GDPR in relation to a church magazine. They come into effect in May this year.
we are looking at the list of names of people who subscribe to the magazine - ie our distribution list
As well as our distribution lists for our magazine subscribers, I am considering how to apply the new regulations with regard the advertisers in the magazine. I keep an Access database of their names and addresses and when they should have and actually paid etc. It also has personal contact details for some, which may well not be included in their public advert, but which helps me get payment made. Any ideas anyone?
The rules of our church magazine are, that if you submit an article for publication your name will be placed at the bottom of the article so readers know who has submitted it. Articles "about people" are followed up by email back to the sender/writer of such article asking them to confirm they have permission from the person identified to submit and publish the article. No such confirmation results in the article not being published.
Our magazine has a circulation of 15 people, is no longer published on a website and contains no advertising. We mention the sick in pastoral concerns by forename only but that is now cast into doubt. We also mention full names on the flower rota. Also - now a problem. Members will need to be informed at the next church meeting that we cannot continue to do this without their written permission to mention their names. A big discussion began yesterday on the URC FB page about the new laws. People seem to feel that names should not be mentioned without written, explicit consent. So Pastoral concerns would be limited to "please pray for sick members and friends, those on holiday etc etc - very very general. Church meeting minutes have been more contentious with old school people insisting that minutes should be a true reflection of the meeting and so if names were mentioned, they should be minuted. Printed prayer lists should be destroyed immediately after worship and I daresay the prayer request book should be used only for oneself and not for a third party who might need prayer. As for record keeping - well I, as elder, treasurer, Facebook manager, Website manager, Gift Aid co-ordinator, minuting secretary, magazine editor and maintainer of the church address book really have a problem. I have stuff on my computer, on CDs, on floppies, in the cloud, on paper..... Apparently I have to determine where the cloud storage occurs and stop using it if it is not in the European Union area. And I have 20 odd years of floppies to somehow dispose of safely. I'm also supposed to encrypt everything and I don't know how..... Sigh. More research to do. Our denomination, the URC, has produced template documents now, and there is a three page document we have to display in the church stating our policy. There is also a consent form template which I suppose everyone will need to complete. And I might need to clear all photos older than two years from our Facebook page as it is suggested they might constitute "out of date" personal information. It's going to be hard work from here on out, not to breach the law.
I would be interested to know what other people are doing regarding magazine lists of subscribers - we have a circulation of about 350 in our town, delivered to their home addresses by a team of about 20 people. I keep a database (spreadsheet) of all these names and addresses which is held on my home computer - accessible by password. Do I need to tell all those people that I have this? And like Madeditor I also keep a spreadsheet of our advertisers with all their contact details. And we print the rotas in the magazine for readers, intercessors, cleaning, coffee shop, lay assistants etc. I've thought of just using initials - would that be OK do you think? Any ideas would be welcome.
I have been wandering through a website which may answer some of our queries and which you might find of interest if you haven't seen it already. https://ico.org.uk/for-organisations/resources-and-support/data-protecti... It is still not easy but the best thing I have found so far. Having read Sara Pass's comments above about the URC advice I am still worried this is yet another item of legislation made overly complicated and with an expectation that everybody does everything online and with armies of clever people to manage it all! I cannot see how minutes of a meeting, especially where actions by someone are required, can work without names being recorded, or specific prayer requests for someone else can be impersonal. I think I am going to create a notice to advertisers I will send with their invoices each year, telling them how we use their data ie for invoices, for mailing about village events but not shared elsewhere, and how we will keep it and why an asking them to confirm how we can contact them. I will also put an item in our next magazine, and another just before the annual household subscriptions become due, saying that for delivery purposes we keep records of their names and addresses and if they have paid their annual subscription. I hope this is sufficient and will be workable. My only consolation is, that as we are like the proverbial church mice, people will realise we are doing our best and not worth taking to court in future!