PRIVACY POLICY

Approval

This policy has been approved by the Senior Pastor and Leadership of King’s Church. References to the policy will be included in information we provide to visitors, church members and those we provide a service to in our community.

Privacy Officer

King’s Church has a designated Privacy Officer who is responsible for storing, correcting and giving people access to personal information collected about them. The Privacy Officer is also responsible for making decisions that could affect the privacy of individual church members and adherents.

Individuals who wish to discuss any known or suspected privacy breaches or to discuss any privacy-related issues should be directed to the Head of Reception who functions as the Privacy Officer.

If you have any further questions about our privacy policies please call us at 5593 4233 or send an email to: church@kingschurch.net.au

Privacy Policy

Introduction

King’s Church is committed to maintaining an environment and processes that protect the privacy of individuals associated with our church. We have chosen to use the National Privacy Principles (NPPs), as contained in the Privacy Act (1988), as a guiding principle for our church.

For more information about the Privacy Act (1988) please refer to the national Privacy Commissioner’s website at:  http://www.privacy.gov.au

Privacy Statements

1.     King’s Church will use the NPPs as a guiding principle for our church in dealing with personal information

2.     King’s Church will only use personal information for the primary purpose for which it is collected

a.     In most cases, the purpose will relate to the spiritual, pastoral, social, educational and administrative functions of the Church

b.     These functions include maintaining personal information for the purpose of analysing the role of the Church in society and recording the family histories of its members

c.     Information may, where properly authorised, be disclosed to scholars studying the Church and to relatives of Church members

3.     King’s Church will only use personal information about an individual for a secondary purpose (i.e. something beyond the scope of the primary purpose) if that individual has consented, or the use is otherwise provided for by the NPPs

4.     King’s Church will take reasonable steps to keep personal information secure and will, consistent with the NPPs, comply with any request from a person to correct or remove his or her information

5.     Personal information collected by King’s Church may be sensitive information for the purpose of the NPPs (e.g. information about a person’s religious beliefs)

a.     As a non-profit organisation, King’s Church is permitted to collect sensitive information without a person’s express consent

b.     We will endeavour to seek consent from a person if sensitive information is sought for something other than the primary functions of the Church described in clause 2 (above)

6.     The operating procedures (whether or not they are formalised in a manual) of King’s Church will comply with this policy

7.     King’s Church will appoint a Privacy Officer who will be responsible for storing, correcting and giving people access to personal information collected about them

Policy Background
While the essence of being a church is being involved in each others lives, caring for one another and creating a strong sense of community, we are also mindful of respecting and protecting the privacy of all who attend this church. We recognise that an individual’s privacy may be of utmost importance to them and that they have a right to control their personal information. We also recognise the individual’s need for appropriate protection and management of personal information that is shared with us.

This policy has been developed to assist the understanding of how we collect, use and safeguard the personal information that is provided to us. It is the intention of this church to regularly review this policy statement in accordance with new developments in State and Federal legislation, best business practices, technology and individual needs.

This church acknowledges that when individuals provide personal information about themselves, it is an act of trust. Unless the individual gives us explicit consent to act otherwise, this policy will govern how we handle an individual’s personal information and safeguard their privacy.

Collection and Use of Personal Information
King’s Church collects personal information when such information is provided to the church through the completion of documents such as

·     Church Survey Forms

·     Giving Forms

·     New Visitors Forms

·     New Christian Forms

·     Children’s Sign in Forms

·     Prayer and Praise Forms

·     Event Registrations

Information may be collected when individuals register for a particular course or event.  Personal information may also be collected when an individual accesses any of the services provided by the church to the general and church community.

Such information can be added to our church database, or to some other church list.

We will not collect any personal information unless such information is necessary for one or more of the church’s functions or activities.

Each person remains in control of their information.

We do not give, sell, rent or loan any identifiable information regarding members and adherents to any person or organisation without the consent of the person involved.

We will only use personal information for the primary purpose for which it is collected.

In most cases, the purpose will relate to the spiritual, pastoral, social, educational and administrative functions of the church. Those functions include maintaining personal information for the purpose of providing pastoral care within our congregation, and for the promotion of activities and functions associated with the church.

Public Prayer
Due to the often sensitive nature of prayer requests, and taking into consideration the dire need often represented by a prayer request, we have endeavoured to implement a process which will protect the privacy of individuals and yet still allow those in our church to be prayed for should they desire it. For those who strongly identify with a congregation, there can be a sense of great comfort knowing that their church is aware of their situation and praying for them. Therefore, when the Church is asked to publicly pray for any prayer request, the following guidelines will apply.

When praying for any person or prayer request publicly, every effort will be made to ensure that the person who is the subject of the request is aware of, and has agreed to, the prayer. Full names can be used in prayer requests if written consent is first gained from the person who is the subject of the prayer request. This request will take the form of a signed Prayer Request Form or other written request (e.g. email) if an official form is unavailable.

If the person who is the subject of the prayer request is a member of our church and is incapacitated, so that they are unable to provide a written request to us, we will accept a written request from immediate family. This written request may take the form of a fax, email or SMS message from the family member.

If we are unable to receive a written request, then only first names will be used, as long as there is no reasonable chance that the person who is the subject of the prayer request could be identified.

These guidelines will apply to all prayer within the church that could be considered public, including any prayer requests submitted to the Emergency Prayer Chain.

Counselling and Pastoral Care
It is understood that a large part of pastoral care is the use and transmission of information relating to those in the congregation. Information must be treated as confidential and with great care.

Church Database
The pastoral care database is protected by a password and this password should only be available to staff or authorised volunteers. A list of these people is available from the Privacy Officer.

Counselling
Counselling, on behalf of the church, will be conducted only by pastoral staff or authorised team members.

Records made during the counselling process will be kept secured.

Where records are on paper, these will be kept in a locked office and/or filing cabinets.

Electronic files will be password protected, accessible only to the person authorised to create that file.

Access to these files, by persons other than those who created the file, should only occur in cases where pastoral care is being provided by another authorised staff member and the information contained in the file is necessary for effective pastoral care.

Care will be taken to ensure the integrity of the information contained in files. Personal opinions should not be reflected as facts.

When statutory requirements dictate that files are required to be kept for seven years after the file is closed, the church will ensure the file is held securely for that entire time.

When files are no longer needed, all information is to be shredded or electronically deleted.

Breaching Confidentiality
You need to be aware that confidentiality can be legally breached by issues relating to subpoenas or mandatory reporting. Over and above subpoenas and mandatory reporting, a decision to breach confidentiality may also be taken in the following situations:

1.     Suspected abuse and neglect

2.     Actual or possible overdose situations

3.     Where an individual issues substantive threats of intended violence or harm either to themselves or to others

Apart from the above, confidentiality will be regarded as a sacred trust by any minister or counsellor. It would be advisable that such breaches of confidentiality are made only after the pastor/counsellor have consulted with their supervisor or professional associate.

In response to any subpoena, only the material specifically requested will be provided, in whatever form it may be held. Legal advice is recommended.

Released material must only be delivered to official individuals (e.g. to the Clerk of the Court) and an official receipt obtained.

Breach of any confidentiality could be grounds for a church to dismiss the offender and such matters are to be clearly stated in appropriate job descriptions or contract.

Accessing Counselling Records
Should a person wish to access pastoral information about them, they may apply in writing to the Privacy Officer. Access to the file, in the first instance, should be done in the presence of a pastor, who can provide explanation for terminologies used.

Cookies

When you visit this website a record of your visit is logged. The following data is supplied by your browser:

Your IP address and/or domain name;
Your operating system (type of browser and platform);
The date, time and length of your visit to the website; and
The resources you accessed and the documents you downloaded.
This information is used to compile statistical information about the use of our website. It is not used for any other purpose. If you do not want ‘cookies’ to be used please adjust your browser settings to disable them.

Links to other websites

Our website may contain links to third party websites, and third party websites may also have links to our website.

Our privacy policy does not apply to external links or other websites. The operators of other websites may collect your personal information.

We encourage you to read the privacy policies of any website you link to from our website.

The 10 National Privacy Principles

Introduction
King’s Church is not required by law to comply with the private sector provisions of the Privacy Act 1988, however, because of our commitment to privacy, we have voluntarily chosen to use the follow National Privacy Principles (NPPs), as contained in the Act, as the guiding principles for our Church and they are applied within the Church in the following practical ways:

1.     Collection

a.     We collect personal information from members of our congregation and visitors to our church for a variety of pastoral reasons. Usually we collect information in order to be able to provide pastoral care and follow-up, as well as being able to notify members and visitors of upcoming events

b.     We collect information on Pastoral Care slips, Visitors Slips and other departmental paperwork

c.     In line with the NPP, we will include a statement such as follows when we collect information:

i.     “King’s Church believes in being a caring community, and constantly endeavours to improve our pastoral care. The information gathered on this form will be provided to a member of our pastoral team or church leadership, who may make contact with you. This is done to ensure we are able to suitably care for you. You are free not to complete any part of this form, but by doing so you may limit our ability to make contact with you. If you wish to access any personal information held about you, or want to find out more about the church’s privacy policy, please contact the church’s Privacy Officer.”

2.     Use and Disclosure

a.     We provide personal information to church staff and lay leadership as related to the area of ministry in which the lay leader is involved. It is reasonable to expect that pastoral care cannot be thoroughly done without the use of lay leaders, and therefore, the information collected will be disclosed to them for the purposes of pastoral contact

b.     When there is a reasonable need to provide contact details of church members to other church members who are involved in a team ministry together, pastors or staff may disclose those details

c.     We do not sell, rent or disclose personal information to any other persons outside of our church congregation

3.     Data Quality

a.     The use of tools such as weekly prayer and praise forms allows congregation members the opportunity to update information on a regular basis

b.     Our database will be regularly updated with new details obtained via such methods

4.     Data Security

a.     Our church database is password protected

b.     Printed address lists will be kept out of public sight (e.g. in folders or desks) and destroyed when no longer required

c.     Phone messages are emailed to staff. Any details written down will be kept out of public sight until emailed and will then be destroyed

d.     When sending emails to multiple recipients, addresses will be placed in the BCC (blind carbon copy) field

5.     Openness

a.     King’s Church has a privacy document outlining our information handling practices. This is available in our guest lounge and reception. It is also available on request

6.     Access and Correction

a.     An individual has the right to make a written request to allow them to access the personal information that the Church holds about them

b.     When a written request is received by the Privacy Officer, they record details of the request in a privacy register and determine if an exception applies. An exception may apply if:

i.     it is unlawful to provide the information; or

ii.     the request poses a serious and imminent threat to the life or health of any individual; or

iii.     the request has an unreasonable impact on the privacy of other individuals; or

iv.     the request is frivolous or vexatious

c.     If the privacy officer determines that an exception applies, they are required to notify the person making the request and give their reasons for the exception

d.     If an exception does not apply, the request is acknowledged by the Privacy Officer and a time is arranged to view the information within the next14 days

7.     Identifiers

a.     The church will never use an identifier that has been issued by a Commonwealth government agency

8.     Anonymity

a.     While we recognise the importance of pastoral care in church life, those who attend this church and do not wish to provide any personal information are free to do so

b.     It should be recognised that anonymity will restrict the ability of the church to contact and provide any care for the person

9.     Trans-Border Data Flows

a.     The Church regularly communicates with missionaries overseas

b.     Some missionaries are in countries where the practise of Christianity is illegal. The church has the highest responsibility to protect these missionaries and must ensure that any personal information transferred to a recipient in a foreign country has adequate protection for the circumstance

c.     No personal information will be sent without the individual’s consent, and only in the manner that the individual prescribes

10.     Sensitive Information

a.     The church regularly has cause to deal with sensitive information, particularly with regard to praying for individuals who are in crisis or have a medical need

b.     When receiving sensitive information, the church should make all reasonable effort to ascertain if the individual concerned has given permission for this information to be used (e.g. on a prayer chain)

c.     Where the individual or next-of-kin has given permission, the information can be used

d.     Where permission cannot be obtained, the information can only be used if any identifying details are removed (e.g. if the friend of a congregation member is taken to hospital and permission to pray cannot be obtained from them, the prayer request will be framed similar to ”Please pray for the friend of one of our members who has been admitted to hospital with a serious illness”