Privacy & Personal Data Policy

Last updated May 3rd 2021

The Congregation of Immanuel Church aims to take all possible measures to ensure that the protection of personal integrity is good within the Congregation. This includes both the use of personal information of the members and staff, as well as other individuals (participants, volunteers, contributors), who may be registered in the Congregations IT-system for the different activities and functions that the Congregation organises.  

All system development and operational development should happen with respect to one’s personal integrity and with the Swedish Privacy Protection Act in mind. 

To be able to reach a sufficient safety of privacy the Congregation of Immanuel Church will not only ensure that personal integrity is protected by modern and cost efficient technology, but also continuously work on awareness of the privacy policy and the organisation’s use of personal information. 

Responsibility
The Admin Director of the Congregation of Immanuel Church is responsible for the organisation’s use of personal information. The Admin Director is responsible for ensuring that the staff and volunteers within the Congregation have correct information concerning how their personal information is handled, as well as continuously educating themselves and the department heads among the staff. The department heads are then responsible to ensure that their staff as well as their volunteers handle personal information correctly. 

All staff within the Congregation of Immanuel Church who work with personal information are responsible to consult the Admin Director before changes in the use of personal information are made as well as when such changes are set to take place. 

Last updated May 3rd 2021
Privacy- & Personal Data Policy
Immanuel Church Congregational Members, volunteers and participants

This policy describes how the Congregation of Immanuel Church, org. no. 802001-5668, (“Congregation of Immanuel Church”, “Immanuel Church”, “we”, “the employer”) collects, uses and stores personal data for you as a member, volunteer or participant in Immanuel Church’s activities, from EU’s general Data Protection Regulation 2016/679 and other applicable Data Protection Legislation. 

1. Personal Data Controller 
2. What is personal information?  
3. Handling of personal information
4. Immanuel Church Membership
5. Non member of Immanuel Church 
6. Children
7. Personal identity number 
8. Photo and video within the Congregation’s communication channels 
9. For how long is your personal information stored? 
10. Disclosing of personal information
11. Protection of your personal information
12. Your rights
13. Personal Data Processor
14. Changes to this policy 
15. More information 

1. PERSONAL DATA CONTROLLER
The Personal Data Controller is Immanuel Church’s Congregation (Immanuelskyrkans församling) and therefore responsible for taking all plausible measures to ensure that the protection of the personal integrity is strong within the Congregation. This entails treatment of personal data of members and staff, as well as other individuals (volunteers, participants), who may be registered in the Congregation’s IT system for the Congregation’s different ministries and activities. 

2. WHAT IS PERSONAL INFORMATION? 

Personal information is all information that can directly, or indirectly relate to an individual who is living. Examples of personal information is a name, address, personal identity number, telephone number and email address. 

There is also some personal information that, according to Swedish law is classified as sensitive information. 

• race and ethnic background
• political views 
• religious or philosophical belief 
• membership in a union
• health 
• sexual orientation

This sensitive information based upon religious belief is a given for Immanuel Church’s ministries as it is the basis for the existence of the Immanuel Church’s Congregation.

3. HANDLING OF PERSONAL INFORMATION
In Immanuel Church we handle personal information in the Congregation’s membership register and also in lists of volunteer groups of the Congregation’s members as well as volunteers and participants who are not members of the Congregation. These lists could for example be choirs, camp participants, confirmands, small group participants, amongst other groups. The personal information that is collected and necessary in order to run the various programs.

4. IMMANUEL CHURCH MEMBERSHIP

As a member of Immanuel Church you are an important part of the joint corroboration between all members where the responsibilities which include intercessory prayer, volunteerism and financial obligations, are shared amongst its members.

The personal information that Immanuel Church needs in order to be able to manage your membership is: 

name, personal identity number, address, telephone number, e-mail address and whether or not Immanuel Church is your first Congregation, or if you are a new resident. Apart from this information, you may also submit other personal information on the membership form that may be registered, such as birth city, if you are baptised and have been confirmed, your profession and information concerning your family situation. 

Your membership in Immanuel Church is to be considered as though it were a contract. Due to this we are in possession of your personal information and use them for the Congregation’s various programs. Membership registration is processed in Immanuel Church’s electronic membership registry with the Ministry within the Congregation. The Ministry within the Congregation that has a need of its own registry in order to be able to run their programs, may handle this information separately (i.e. volunteer groups such as ushers, confirmation leaders, communion servers etc). Your membership card is archived in paper format on file in Immanuel Church’s main office. 

Till specifika verksamheter kan vi behöva inhämta information från dig om t.ex allergier eller annan viktig information för att möjliggöra din medverkan. Sådan information finns bara i det register som är aktuellt för den verksamheten och sparas inte i det elektroniska medlemsregistret. 

It may be necessary, for certain programs, to collect specific information from you, which is necessary for that particular program (i.e. allergies etc). This type of information is only stored for this particular program and is then properly disposed of at the conclusion of the activity. 

All department heads are informed that registration is solely for internal purposes and may not be shared outside of the Congregation’s programs. An exception to this rule would be when the Congregation cooperates with another Congregation for such programs as camps, choir and other activities. See more under paragraph 10, “Disclosing of Personal Information”. 

5. NON MEMBER OF IMMANUEL CHURCH    

Consent of use of personal information is required for those who are not members of Immanuel Church, but choose to be involved in Immanuel Church’s ministries. Consenting to this also includes information being shared with other participants within each ministry group.

There is a consent form that is used for this purpose and shall be signed by all non members. It is only the necessary personal information for the ministry that will be registered and stored. The individual responsible for the ministry shall make sure that there is a signed consent form for each non member, no matter which type of ministry it is. If it concerns children under 15 years of age, their legal guardian is responsible for signing the consent form. 

6. CHILDREN

The Swedish Authority for Privacy Protection’s general definition of children concerns all individuals under the age of 15. For children over the age of 15 a consent form needs to be filled out by their legal guardians in the case that the child is registered for any of the Congregation’s ministries. There are specific forms for this, and the individual responsible for the ministry is the administrator of said forms. 

7. PERSONAL IDENTITY NUMBER
Your Personal Identity Number is registered in the Congregation’s membership registry, partly to enable us to update your address via the Swedish Tax Agency. Your full Personal Identity Number is only used in the Congregation’s different ministries if it is completely necessary, and then, only during the time that the Ministry demands it. 

8. PHOTO AND VIDEO WITHIN THE CONGREGATION’S COMMUNICATION CHANNELS 

Immanuel Church communicates via different channels to inform of the Congregation’s ministries and to invite new people to join the community. Photos of our members as well as shorter videos are sometimes used on the website, social media and in print, for example. 

We inform that photography and filming may take place, via the informational signs that are hung on our premises. When photographing or filming a group of people, in a service, for example, it is possible to avoid being photographed or filmed. For photos and videos of children under the age of 15 consent is collected from their legal guardians before photos/videos are used in the Congregation’s communication channels.  

9. FOR HOW LONG IS YOUR PERSONAL INFORMATION STORED?
We store your membership details for as long as you are a member. If you are a member all your life your details will be removed after you have passed away. 

For the Congregation’s individual ministries, your personal information is stored for as long as there is a need within the context of that particular program. Personal information for volunteers and participants that are not members is removed as soon as possible after their involvement has ended. The information will be stored no longer than 24 months after it was collected. 

10. DISCLOSING OF PERSONAL INFORMATION
The Congregation of Immanuel Church may disclose your personal information to a third party, such as in a collaboration where Immanuel Church deems it necessary. This would only be necessary within the context of that particular program (For example: The Uniting Church of Sweden, the system Repet, the educational association Bilda and the email marketing tool GetANewsletter). Immanuel Church also transfers personal information to the supplier responsible for the IT-systems. 

11. PROTECTION OF YOUR PERSONAL INFORMATION
You should always be able to feel safe when you share personal information with the Congregation of Immanuel Church. Immanuel Church has put in place safety procedures to protect your personal information, so that unauthorised individuals can not access, change or delete them. Your personal information is administered by the Congregation’s office andmIT-systems that are protected through authorisation control and firewall. 

12. YOUR RIGHTS 
Immanuel Church is responsible for ensuring that your personal information is handled according to current laws. A goal for the Congregation is that all information that is collected and stored is correct. 

a) Correction
Immanuel Church will upon your request, or on our own initiative, correct, delete or complete information that is found to be incorrect, incomplete or misleading. We would be grateful if you would notify us if you notice that any of the information we have on you is incorrect. A correction will then be made without delay.

b) Deleting
If you deem your personal information no longer needed for the purpose it was originally collected, you have a right to demand that it be deleted. There may be a law stating that we can not immediately delete your personal information, for example in the case of laws on book keeping or taxes. If you no longer want to be a member we will remove you from our membership registry. You can then continue to receive information about the Congregation via the website and the Church Newsletter. 

c) Limitation
You can demand your personal information to be deleted only for some distinct purposes. For example, you can demand a restriction when you regard your personal information to be incorrect and you have a right to a correction (see a)). During the time that the correctness of the information is being investigated, the handling of them will be limited.  

d) Data Portability
Under some circumstances you have the right to get and transfer your personal information to another personal data controller. For example: When you switch congregations and we administer a certificate for you to be moved. We will also send your new congregation the information that you have provided us with on your membership card. 

e) Objection
You have a right to object to the handling of your personal information with a document stating conflict of interests. If you object to the handling of your personal information the Congregation will only continue to handle your information if there is a valid reason to do so that outweighs your objections.

f) Access
You have a right to access the information that Immanuel Church has registered concerning you. Once a year you have a right to gain access to this information without cost. 

If you need to know more about what is registered concerning you, you may contact us in writing. Your letter should include your First- and Last name, personal identity number and your signature. Specify what it is you would like to know, and if there is some specific information that you need. 

Your letter should be sent to the following address: Immanuelskyrkan, Personuppgift, Box 6588, 113 83 Stockholm. 

If you feel that the Congregation’s handling of your personal information goes against this policy or the current Data Protection Regulation, you have a right to hand in a claim to the Swedish Authority for Privacy Protection. 

13. PERSONAL DATA PROCESSOR
Personal Data Processor is a common word used in connection with the Data Protection Regulation. In this case, Personal Data Processor entails a company which assists Immanuel Church with the handling of personal information, such as; membership registry, digital signup sheets, etc. 

See paragraph 10 “Disclosing of Personal Information”. 

14. CHANGES TO THIS POLICY 
Possible changes to the Privacy & Personal Data Policy will be published on the Congregation’s website, immanuel.se. 

15. MORE INFORMATION 
Immanuel Church’s Privacy & Personal Data Policy can be found on the Congregation’s website, immanuel.se. 

On the Swedish Authority for Privacy Protection’s website, https://www.imy.se/en/ you can find the Data Protection Regulation in its entirety.