Our Data Privacy Statement

Table of Contents


All Saints Church Centre and Community Building (ASCC) is a facility which is part of All Saints Church, Four Oaks. It provides accommodation for church-based activities and community based activities such as children’s groups, groups for elderly people, exercise and dance groups. It is also available for hire by members of the public for celebratory events.

We have updated our privacy policy to reflect new regulations and to explain how we collect, store and use data securely. We seek to follow best practice and treat our users respectfully, in keeping with our beliefs and values and according to their expressed preferences.

Our Privacy Pledge

  • We store your personal data securely.
  • We ensure your data’s security when dealing with banks and the postal service.
  • We won’t share your details with anyone else.
  • We will only hold your details for as long as is necessary
  • If you have any questions, comments or want to change your mailing or contact details we can be contacted at allsaintsfouroaks@yahoo.com or by phone at 0121 308 6869


Personal information is collected directly from you when you interact with us by for example

  • Making a booking or booking enquiry;
  • Being a bar member;
  • Entering our employment;
  • Any area where we have a face to face relationship with you;

Information may be collected in person, over the phone, through our websites, social media, email or from something you’ve posted to us.


The information we hold will typically include some or all of the following:

  • Your name
  • Postal address
  • Email address
  • Phone number
  • Banking details


We may use the personal data we collect to contact you in relation to enquiries about use of the Church Centre facilities, your booking of accommodation, or invoicing you, or renewing your membership. We may also keep records of your feedback to us or complaints.

If you are an employee we will keep information in relation to employment issues.


Your settings or the privacy policies for social media and messaging services might give permission to access information from these sources. If we do access this data, for example to assess the effectiveness of our communications, we will not add this to your personal details that we hold. We advise you to check the privacy settings on your social media provider to ensure you are happy with the level of privacy you have chosen.


We will process your personal data on the basis of the consent you provide us with. You are free to change your contact preferences at any time by contacting us by telephone, post or email.

Contract Performance
This means we will send you only information you have asked for or which we are required to send by statute.

Legitimate Interest
If you are an existing client , as at 25 May 2018, we will continue to contact you by email, phone or post to you in relation to your booking enquiry, booking or bar membership GDPR calls this legitimate interest.
We may also contact you by post or telephone where we have a legitimate interest to do so – for example, to follow up a request you have made.

Where you have previously asked us not to contact you in this way, we will continue to respect your contact preferences.

You can amend your preferences at any time by contacting us by via telephone, post or email.


If you apply for a job with us, and you provide personal and sensitive personal data such as the information on your CV or Application Form, we will process and store the personal data we collect to:

  • Support the recruitment and selection process
  • Answer any questions you may have
  • Use third parties to provide services such as references, qualifications, verification of information you have provided, health screening and psychometric evaluation or skills tests
  • Undertake checks on criminal convictions
  • Provide anonymised data to monitor compliance with equal opportunities policy.

If you work for ASCC via an agency that we have a contract with, we commit to ensure that the agency is also compliant with GDPR regulations.

If you submit your personal information to a job board, online recruitment tool, social media platform, headhunting agency etc. your details could then be passed to ASCC. We recommend that you ensure you have given your consent to that organisation who may share your data. If we receive your details via a third party and are unclear about consent, we may either check with you before using your data further or fully delete the information.

If you do not join us as an employee or volunteer for any reason, your data will be stored for a proportionate length of time to ensure compliance with best practice, fairness and legislation.


We will keep your personal information only for as long as we consider it necessary to carry out each activity and to take account of legal obligations and accounting and tax considerations as well as considering what would be reasonable for the activity concerned. For example, we will retain details of payments to us to meet tax and accounting obligations.


We ensure that we have appropriate technical controls in place to protect any personal data you provide. For example, we ensure that any information you pass to us online is password protected and routinely monitored. Despite all our efforts, the internet cannot be guaranteed to be 100% secure, and there is always a risk when you submit data. We commit to do all we can to protect your data.

We ensure that access to personal data is restricted only to those staff members or volunteers whose job roles require such access and that suitable training is provided for these staff members and volunteers.

Credit / Debit card security
If you use your debit or credit card to make a payment to us or purchase something from us, whether online, over the phone, by mail, or in person, we will process your information securely in accordance with the Payment Card Industry Data Standard.

We do not store your debit or credit card details once your transaction has been completed.

We will only hold bank account details for the purpose of collecting direct debits in accordance with direct debit mandate rules or for returning deposits or money owed or if there is a legal requirement to do so.


The data we process and store is held within ASCC.  We will take all reasonable steps to ensure that your data is stored and processed securely. By submitting your personal data you agree to us storing and processing of your information.


We do not share or swap your information with any other charities or organisations as this would conflict with our core values and desire to treat supporters with respect.

Legal Duty
We may need to pass on information if required by law or by a regulatory body. For example, a Gift Aid audit by the HMRC, or if asked for details by a law enforcement agency.

Our service providers and third parties
We may provide third parties with general information about users of our site, but this information will be both aggregated and anonymous. However, we may use IP address information to identify a user if we feel that there are or may be safety and/or security issues or to comply with legal requirements.


We do not use cookies. We may however use websites such as YouTube to embed videos about us and you may be sent cookies from these websites. We do not control the setting of these cookies, so we suggest you check the third party website for more information about their cookies and how to manage them.


Data on children or vulnerable adults will be held in accordance with the Churches “Safeguarding Policy”.

We do not actively seek to collect data on children or vulnerable adults and will do so only if it comes to our attention in respect of safeguarding issues


You can change the information you permit us to hold about you or how you wish us to contact you. You can do so by mail, phone or email.

Updating your details
We want to communicate with you effectively. It’s much easier if your details are up to date, so we really appreciate it if you let us know when your details change. You can do so in the same way as updating your preferences.


For any of the following areas, please contact:
Data Protection Officer,
All Saints Church Centre,
64 Belwell Lane,
Sutton Coldfield
B74 4TR

Telling us to stop processing
You have the right to ask us to stop using your personal information where there is no legal requirement for continued processing.

How to request a copy of the information that we hold about you, otherwise known as a Subject Access Request
You have the right to ask for a copy of all the information related to you that we hold.

How to ask us to amend or delete your information
If your information is out of date, or if there is no longer justification for us to hold it, you can ask for it to be updated, removed or blocked by contacting the Data Protection Officer in writing.

How to request your information
You can ask for a copy of any personal information that you have provided to us. We will provide it in a clear and easy to follow format.


This policy was last updated in May 2022. We may amend this policy from time to time to take account of changes to our processes or changes to data protection or other associated legislation. If we make any significant changes to this policy we will show this clearly on our website, and/or by contacting you directly.