Diocese of Norwich privacy & cookie policy
This privacy policy tells you how we deal with your personal data and privacy when you use or supply information with the Diocese of Norwich.
We are registered with the Information Commissioner, registration number Z6601898. Our nominated contact for the purpose of this policy is gdpr@dioceseofnorwich.org.
Who are we? Norwich Diocesan Board of Finance Ltd, referenced in this document as ‘the Diocese’, is the data controller (see contact details below). This means that we determine how, and why, your data is processed and stored.
Information we collect from you on our main website
We will collect and process the following data about you in the following ways:
- Information you give us. This is information about you that you give us by registering for an account or filling in forms on our site www.dioceseofnorwich.org or staff.diocesan.co.uk or by corresponding with us by phone, email or otherwise. It includes information you provide when you register to access our services, use any social media functions on our site, surveys campaigns and when you report a problem with our site. The information you give us may include your name, address, email address and phone number. If you chose not to provide your data at any point, it may mean we cannot provide the service required.
- Information we collect about you. With regard to each of your visits to our site we will automatically collect the following information:
- technical information, including your IP address, your login information, browser type and version, time zone setting, browser plug-in types and versions, and operating system and platform;
- information about your visit, including the URL, clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our customer service number.
Information we collect from you through third party websites
When you give us information through any other website we operate or other services we provide (e.g. Bright Map, Diocese of Norwich Grant Finder, Shopify (our online shop), Mail Chimp (eNews), PayPal, Eventbrite (event bookings)), we may share this data internally and combine it with data collected on our main website.
We also work closely with other Church of England bodies including The Archbishop’s Council, The Church Commissioners for England, the Church of England Central Services (“National Church Institutions” or “NCIs”), and the Diocesan Registry. We will only request data from these organisations when it is necessary to fulfil our role in providing a service to you.
Information you give us through other methods
Our Data Retention Policy outlines what personal data we hold and the reason for holding it. Examples include if you give us your contact details on a paper Data Protection Form, or if you give us your contact details when you became licensed as a Reader / Lay Minister. A copy of this can be requested from us.
Uses made of the information
Information you give us. We use information you give us for the purposes it was given, e.g. if you give us your email address to receive eNews, we will only use your email address for this purpose.
Information we collect about you (e.g. technical information about your website visit). We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- as part of our efforts to keep our site safe and secure;
- to make suggestions and recommendations to you and other users of our site about courses, and other events that we think may interest you.
Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
Further processing or use of your information. If we use your personal data for a new purpose then we will seek your consent to do so where and whenever necessary, prior to the new processing.
We will remove your personal data when we no longer have reason or consent to hold it. Our Data Retention Policy outlines how long we hold personal data for and the reason for holding it. A copy of this can be requested from us.
Disclosure of your information
You agree that we have the right to share your personal information with the offices of the Bishops of Norwich, Thetford and Lynn, the Diocesan Registry, Spire Property Consultants, the Archbishop’s Council and National Church Institutions. We will only share this data between offices where necessary to carry out the services we provide.
We will disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, other agreements; or to protect the rights, property, or safety of our users, or others.
Where we store your personal data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our providers. This includes staff engaged in, among other things, the fulfilment of your requests for services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and in compliance with all relevant UK data protection legislation.
All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These can be found on the ICO website.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
You have the right to access information held about you. You can exercise this right at any time by contacting data@dioceseofnorwich.org. You may be subject to a fee to meet our costs in providing you with the data we hold about you.
Cookies
Our website uses cookies to store small amounts of data on our visitors’ computers or devices. Cookies are small pieces of text data that can be placed on a visitor’s computer, normally to provide enhanced functionality and/or improved relevancy of information. For more information about cookies, visit www.aboutcookies.org
In order to comply with the e-privacy Regulations, we will from time to time audit our use of cookies and publish information here.
By using this website, you agree that we can place cookies on your computer unless you change your browser settings. We believe there is no reason for any concern over any of the cookies used on our website; however certain users may have privacy concerns or consider some cookies to be intrusive. Below we outline what cookies we use and why, to help you make an informed choice.
First-party cookies (created by ourselves):
- None
Third-party cookies (created by others):
- Google Analytics (to record statistics such as how many people visit our website)
- Cerber Security (to protect the website from hackers, cyber criminals, spammers and bots)
- Additional cookies are set only for administrators and staff who edit the website
The cookies in use on this website and their function is described within the table below:
Cookie | Function | Retention |
_ga | Google analytics – Statistics – stores and counts page views | 2 Years |
_ga_1Z5221DNHK | Google Analytics – Statistics – to identify and track an individual session with your device | 1 Minute |
_gat_gtag_UA_2057999_3 | Google analytics – Statistics – stores a unique user ID | 1 Minute |
_gid | Google analytics – Statistics – stores and counts page views | 1 Day |
charitable_session | Functional – Donation plug in – to help facilitate donations via the website | |
Cookie_notice_acceptance | Functional – to read if cookies can be placed | Persistent |
AEC | Functional – Ensures requests within a browsing session are made by the user, and not other sites | |
APISID | Google Analytics – | 2 Years |
CONSENT | Google Analytics – Functional – to store cookie consent preferences | 20 Years |
HSID | Google Optimisation – Functional – to provide fraud prevention | 2 Years |
NID | Google Optimisation – Marketing – to provide ad delivery or retargeting, store user preferences | 6 Months |
SAPISID | Google Optimisation – used to display personalised ads based on recent searches and enable Google to collect user information for videos hosted by YouTube | 2 Years |
SID | Google Optimisation – Marketing – to provide ad delivery or retargeting, provide fraud prevention | 2 Years |
SIDCC | Google Maps – Functional – to provide identification of trusted web traffic | 1 Year |
SOCS | Functional – Stores a users state regarding cookie choices | 13 Months |
SSID | Google Analytics – Used to identify if you are logged into your Google account on the browser you are using and to determine what interests you have. | 2 Years |
_GRECAPTCHA | Google reCAPTCHA – Essential – to provide spam protection | 6 Months |
_Secure-1PAPISID | Google Optimisation – Marketing – to build a profile of your interests to show you relevant and personalised ads through retargeting. Single Website. | 2 Years |
_Secure-1PSID | Google Optimisation – Marketing – Builds a profile of your interests to show you relevant and personalised ads through retargeting. Single Website. | 2 Years |
_Secure-1PSIDCC | Google Optimisation – Marketing – Used for targeting purposes. It builds a profile of your interests to display relevant and personalised Google ads. Single Website. | 2 Years |
_Secure-3PAPISID | Google Optimisation – Marketing – to build a profile of your interests to show you relevant and personalised ads through retargeting. Third party | 2 Years |
_Secure-3PSID | Google Optimisation – Marketing – to build a profile of your interests to show you relevant and personalised ads through retargeting. Third party. | 2 Years |
_Secure-3PSIDCC | Google Optimisation – Marketing – to build a profile of your interests to display relevant and personalised ads. Third party. | 2 Years |
Controlling and Blocking Cookies
We do not use cookies to collect personally identifiable information about you. However, if you wish to block cookies from this website (or any other), you can do so by modifying your browser settings. Your browser’s Help function should advise you on how to do this. If you would like more information on how to do this for your specific browser, please visit www.aboutcookies.org
If you use your browser settings to block all cookies, certain parts of our site may not function correctly.
Changes to our privacy and cookie policy
Any changes we make to our privacy and cookie policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.
Contact
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to data@dioceseofnorwich.org.
Useful References
The Information Commissioner’s Office
Policy last modified by the Diocese of Norwich on 02/01/23