The Congregation of Cooke Centenary Presbyterian Church, member of the Presbyterian Church in Ireland aims to comply fully with the General Data Protection Regulation (GDPR).
Below are a number of policies produced by the GDPR Team at Cooke and provisionally approved and adopted by the Kirk Session.
- Data Protection Policy – May 2018
- Data Privacy Notice – May 2018
- Data Breach Policy – May 2018
- Subject Access Request Policy & Form – May 2018
Subject Access Request
Under GDPR legislation individuals can access the personal data that an organisation holds about them. An individual is entitled to be:
- told whether any personal data is being processed;
- given a description of the personal data, the reasons it is being processed, and whether it will be given to any other organisations or people;
- given a copy of the information comprising the data; and given details of the source of the data (where this is available).
Individuals also have a number of other rights which we must comply with including the rights to:
- rectify personal data which is incomplete or inaccurate and if necessary inform third parties that this has been done.
- be informed of how personal data is processed in a transparent manner.
- have their personal data deleted unless if there is a valid reason not to do this.
- restrict processing of personal data for certain purposes.
- object to the processing of personal data in a certain way.
- have data transferred to a third party so it can be reused (data portability).
- have a say in whether automated decisions are being made using the personal data and insist on an actual person intervening.
If you would like to submit a Subject Access Request (SAR) please send an email to firstname.lastname@example.org. You should receive a reply confirming the receipt of your SAR within a few days. A completed SAR response will be returned to you within 30 days.