Privacy Notice

Version History

Version 2.0
Last Updated: June 2026
Next Review Date: June 2027

1. Who We Are

This is the privacy notice of Life Community Church (LCC), subsequently referred to as (‘LCC’, ‘the church’, ‘we’, ‘us’ or ‘our’) in this document.

LCC collects and uses personal information to support its general administration and communication activities. The church understands the importance of handling personal data properly and is committed to treating all information—whether stored on paper or electronically—in line with the legal protections required by the United Kingdom (UK) General Data Protection Regulation (GDPR).

As a "data controller," LCC ensures that the UK GDPR is followed when handling your information. This means that we must disclose to you what data we collect, how we use it, with whom we share it, and your relevant rights.

1.1. Data Protection Contact

Life Community Church is the Data Controller for the personal information we process.

We have appointed a Data Protection Lead who is responsible for overseeing how we handle personal data and ensuring that we comply with UK data protection law.

If you have any questions about this privacy notice, how your personal information is used, or if you wish to exercise your data protection rights, you can contact our Data Protection Lead using the details below:

Data Protection Lead

Life Community Church
Email: info@life-cc.org
Address: Life Community Church, Charlotte Street, Leamington Spa, Warwickshire CV31 3EB
Telephone: 01926 338 488

The Data Protection Lead is responsible for ensuring that personal data is handled in accordance with UK GDPR principles and for responding to data protection enquiries and requests. This role may be supported by appointed trustees or volunteers acting under the direction of the Data Protection Lead.

Generally, this privacy policy explains:

What personal information we collect, and how we collect it
How we use your information
Who we may share your personal information with
How we store and protect it
How long we keep it
Your rights under data protection law
How to contact us

2. Information We Collect

LCC may gather data from you directly in person, through paper or online forms, or through the iKnow Church database system, which is used by the church. We mostly use the iKnow Church software for pastoral care, communication, and church management. More specifically, members who have access to user accounts on the iKnow Church software can book events, manage preferences, record attendance, update personal information, schedule events, and update their details.

2.1. Personal Information

Generally, we collect information when you fill in a form (paper or electronic), speak to us in person, attend services, groups, or events, join a team or rota, donate, use iKnow Church or visit our website (cookies may apply).

More specifically, we may collect the following information about you to meet our legal, statutory and contractual obligations. We do not intentionally collect more personal data than is necessary for the purposes described in this notice, and will not intentionally process your information in any way other than as specified. We collect personal information from you through:

Contact details (name, title, address, phone number, email)
Demographic information (age, date of birth, gender, marital status, education, employment, academic/ professional qualifications, family details)
Financial information (bank/payment details for donations or payments, including Gift Aid records)
Attendance information (services, groups, courses, events, training)
Church involvement (teams, ministries, roles, rotas, availability)
Pastoral care information (We may keep a record of pastoral care conversations where necessary to provide ongoing support, safeguarding, or church administration. We aim to record only information that is relevant and proportionate.)
Safeguarding information (DBS checks and results)
Audit information (login activity, pages visited on iKnow Church)
Photographs, videos, or other information you provide
IP addresses (a numerical label assigned to your device which may indicate approximate location)

2.2. Special Category (Sensitive) Information

Certain types of personal information require additional protection under the UK GDPR. These are known as "special category" data and may include information relating to your health, religious beliefs, racial or ethnic origin, sexual orientation, and criminal record information (such as DBS checks).

As a Christian church, we may process special category data where this is necessary for our legitimate activities as a not-for-profit religious organisation and relates solely to our members, former members, regular attendees, volunteers, or people who have regular contact with us. This processing is carried out in accordance with Article 9(2)(d) of the UK GDPR.

We may also process special category data where:

You have given your explicit consent (Article 9(2)(a));
Processing is necessary to protect your vital interests or those of another person in an emergency where consent cannot be obtained (Article 9(2)(c));
Processing is necessary for reasons of substantial public interest, including safeguarding children and vulnerable adults (Article 9(2)(g));
The information has been manifestly made public by you (Article 9(2)(e)); or
Another condition permitted by the UK GDPR or Data Protection Act 2018 applies.

We only collect and use special category data where it is necessary and proportionate. This may include:

Providing pastoral care and support;
Maintaining church membership and participation records;
Organising ministry activities and support services;
Assessing suitability for volunteer roles, including DBS checks where required;
Protecting children, young people, and vulnerable adults;
Meeting our legal and safeguarding obligations.

Criminal offence data, including DBS information, is processed only where authorised by law and in accordance with Article 10 UK GDPR and Schedule 1 of the Data Protection Act 2018.

2.3. Children’s Information

Under 13: For children who are below 13 years, parental consent is required for an iKnow Church account, and parents have full access to the account.
Age 13+: Young people who are above the age of thirteen (13) may have their own account, but we may inform parents where appropriate and lawful.

3. How We Use Your Personal Data

LCC respects your privacy and, unless mandated by law, will never reveal, share, or sell your information without your permission. We only keep your information for as long as is required and for the reasons or purposes listed in this notice. You are free to withdraw your consent at any moment if you have granted us permission to use your data.

We only process this information with your explicit consent, where legally required, or when it is needed to protect your (or someone else’s) interests, and you are incapable of giving your consent, or where you have already made the information public.

We have listed the possible legal bases below and the various information we are able to process per legal basis identified. This is because we use your information only when we have a lawful basis to do so, as stipulated in the GDPR.

3.1. Legitimate Interests

We use your information for purposes that support the running of the church, such as setting up and managing your iKnow Church account, recording attendance at services, groups, and events, providing pastoral care and support, organising volunteers and rotas, sending church‑related updates, events, and opportunities (unless you opt out).

3.2. Consent

We rely on your consent when sending optional marketing or promotional communications, using pastoral information for a specific purpose you request, adding you to WhatsApp groups, or using photos or videos of you. You can withdraw consent at any time.

3.3. Contract

We use your information when needed to fulfil an agreement with you, such as processing event bookings, administering access to iKnow Church, and informing you about changes to our website or systems.

3.4. Legal Obligations

We use your information when required by law, such as processing gift aid, preventing and detecting fraud, carrying out safeguarding procedures, and responding to lawful requests from authorities.

3.5. Sensitive Information

We may use sensitive information to provide pastoral care and support, administer church membership, assess suitability for volunteer roles (DBS checks), protect children and vulnerable adults, where needed in the public interest and in line with our data protection policy.

4. Your Data Protection Rights

We are always available to assist you in exercising your rights under the UK GDPR. Kindly contact us if you have any concerns about this privacy statement, the data we hold about you, or if you would like to exercise any of your rights.

4.1. Right of Access

If you would like to exercise your right to request access to your data, you can contact us by email on info@life-cc.org. Address: Life Community Church, Charlotte Street, Leamington Spa, Warwickshire CV31 3EB. Telephone: 01926 338 488

4.2. Right to Rectification

You can ask us to correct any inaccurate information we hold about you, or to complete anything you believe is incomplete. This right always applies.

4.3. Right to Erasure

You can ask us to delete your personal information where there is no longer a lawful reason for us to keep it. This right is not absolute and may be limited where we have legal or safeguarding obligations to retain information.

4.4. Right to Restrict Processing

You can ask us to limit how we use your information in certain situations.

4.5. Right to Object to Processing

You can object to us using your information when we are doing so as part of our public tasks or our legitimate interests.

4.6. Right to Data Portability

This is limited to the data that you have provided. You have the right to request that we either give you the information you provided or transfer it from one organisation to another. The right only comes into play when we process data with your consent or when we are negotiating a contract and the processing is automated.

4.7. Right to Withdraw Consent

Where we rely on your consent, you may withdraw it at any time. This will not affect processing already carried out before consent was withdrawn.

4.8. Handling Data Protection Complaints

If you have concerns about how we handle your personal data, we encourage you to contact us in the first instance so that we can try to resolve the issue directly.

We take all data protection complaints seriously and have procedures in place to investigate and respond to them promptly and fairly.

4.9. Right to lodge a Complaint

If you are unhappy with our response, you can request an internal review by using any of the contact details through email at info@life-cc.org. Address: Life Community Church, Charlotte Street, Leamington Spa, Warwickshire CV31 3EB. Telephone: 01926 338 488.

We aim to respond within one month as per the UK GDPR guide.

If you are still dissatisfied, you can contact the Information Commissioner’s Office (ICO) on 0303 123 1113 or at https://ico.org.uk/concerns/.

5. Third Party Links

Our website may contain links to third-party organisations. Please be aware that these external websites have their own privacy policies. Since we have no control over these third parties, we cannot accept responsibility for how they collect or use your personal information. We recommend reviewing their policies before sharing any personal information.

5.1. Sharing and Disclosing Your Personal Information

LCC will never sell or rent your information to third parties, and we do not share your information for marketing purposes without your consent.

We may share your information with your consent, with:

Other LCC members (for support or prayer)
Other churches (if you request a transfer of details)
Churches or charities running joint events, you volunteer for
Support services such as local authorities or healthcare professionals
Suppliers who help us deliver services (e.g., iKnow Church, email providers, cloud storage, website hosting, payment processors, event ticketing)
Analytics, software providers and search engine providers
Law enforcement agencies, when required by the law

Additionally, we work with organisations including:

iKnow Church software provider (Edit Websites Ltd), Pulsant, SendGrid (for sending emails), HMRC (for claiming Gift Aid), WorldPay (for processing secure online card donations), Text Marketer (sending of text messages), Mailchimp (for sending church emails), Microsoft 365 / OneDrive/ Google Drive (for cloud-based secure storage), HostPapa (website host), Eventbrite (ticketing supplier for events), WhatsApp (for group and team-based communication), and various email providers such as Hotmail/ Outlook, Yahoo! Mail, Gmail, AOL Mail, iCloud Mail, Fastmail used by some volunteers to send and receive emails.

5.1.1. International Transfers

Some of the organisations that help us provide our services may process personal information outside the United Kingdom. This can include providers such as WhatsApp, Google Drive, Gmail, Mailchimp, SendGrid, and other cloud-based services.

Where personal data is transferred outside the UK, we check, where possible, that appropriate safeguards are in place, such as:

Countries recognised by the UK Government as providing an adequate level of data protection;
The UK International Data Transfer Agreement (IDTA);
International data transfer addendums or standard contractual clauses approved for UK use; or
Other lawful safeguards permitted under UK data protection law.

We take reasonable steps to ensure that any organisation processing personal data on our behalf protects that data appropriately and only uses it for the purposes we have authorised.

5.2. Emails

If you choose to send us information via email, we cannot guarantee the security of this information until it is delivered to us. Also, we cannot guarantee the security of any information sent to other volunteers who use third party email providers such as Gmail accounts.

5.3. WhatsApp Groups

We use third party messaging systems such as WhatsApp, for group and team-based communication. If you want to join such a group, then you can only do so once you have given us your consent verbally or electronically, as other people in the group will see your name, telephone number and picture. WhatsApp uses end-to-end encryption to keep your messages secure.

6. Security of Your Personal Information

We are committed to protecting your personal information and take appropriate technical and organisational measures to prevent unauthorised access, loss, misuse, alteration, or disclosure of personal data.

These measures include:

Restricting access to personal information to authorised staff and volunteers who need it for their role;
Using password-protected systems and secure cloud-based services;
Applying appropriate security settings and access controls to church systems and databases;
Providing data protection guidance and training to staff and volunteers where appropriate;
Regularly reviewing our procedures for handling personal information.

Whilst we take reasonable steps to protect personal information, no method of electronic transmission or storage can be guaranteed to be completely secure. If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will respond in accordance with our legal obligations under UK data protection law.

7. Retention

We keep personal information only for as long as necessary to fulfil the purposes for which it was collected, including meeting legal, accounting, safeguarding, and administrative requirements.

The length of time we retain information depends on the nature of the information and the reason we hold it. For example:

Church membership and attendance records are normally retained while you remain actively involved with the church and for a reasonable period afterwards;
Gift Aid and financial records are generally retained for at least 6 years to comply with HMRC requirements;
Safeguarding records may be retained for longer periods in accordance with safeguarding guidance and legal obligations;
Event registration and enquiry information is normally deleted when no longer required.

We regularly review the information we hold and securely delete or anonymise personal information that is no longer needed. You may also ask us to delete information we hold about you, although we may need to retain certain records where we have a legal or safeguarding obligation to do so.

8. Cookies

We use cookies to collect information automatically. A cookie is a small file of data which our website places on your computer’s hard drive, to give us standard internet log information, such as details of your visits to our website. They allow websites to respond to you individually and tailor your visit by gathering and remembering information about you, providing a better experience. For further information visit www.aboutcookies.org or www.allaboutcookies.org.

You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function properly as a result.