Data Privacy Notice
1. Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the possession of the Association. The processing of personal data is governed by the General Data Protection Regulation (the GDPR).
2. Who are we?
The Board of the Association Eglise Anglicane de Lyon - 1901 is the data controller. This means it decides how your personal data is processed and for what purposes.
3. How do we process your personal data?
The Association complies with its obligations under the GDPR by keeping personal data up-to-date; by storing and destroying it securely; and by protecting personal data from loss, misuse, unauthorized access, and disclosure.
Technical Processing: To process your inquiries, we use a technical workflow involving Squarespace (website hosting), Google Ireland Ltd (data storage), and Make.com (automation). This allows us to route your inquiry efficiently to the correct team member.
We use your personal data for the following purposes:
To enable us to provide a voluntary service for the benefit of the public.
To offer pastoral care and information when you first express an interest or attend one of our events.
To inform you about news, events, and activities at the church.
4. What is the legal basis for processing your personal data?
Legitimate Interest: We process your data to provide initial pastoral care and information when you first contact us.
Explicit Consent: We rely on your consent to keep you up-to-date about news or to share your contact details within the church team.
Special Category Data: As a not-for-profit body with a religious aim, we process sensitive data (such as your religious beliefs) provided that the processing relates only to those who have regular contact with us and there is no disclosure to third parties without consent.
5. Sharing your personal data
Your personal data will be treated as strictly confidential and will only be shared between the relevant members of our team for purposes connected with the church. We do not share personal data outside the Association except for the technical service providers mentioned above or where there is a legal obligation to do so.
6. How long do we keep your personal data?
We retain your contact data for as long as is necessary to process your request. Specifically:
General Inquiries: Up to 2 years after the last contact.
Church Registers (Baptisms, Marriages, etc.): Permanently.
7. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights:
The right to request a copy of the personal data we hold about you.
The right to request that we correct any inaccurate or out-of-date data.
The right to request your data be erased where it is no longer necessary.
The right to withdraw your consent to the processing at any time.
The right to lodge a complaint with the CNIL (French Data Protection Authority).
8. Contact Details
To exercise your rights or ask questions, please contact our administrator at https://www.lyonchurch.org/contact.