Hatfield Christian Church (“HCC”, “we”, “us”) is a vibrant church family in Pretoria East with a passion for Jesus Christ and bringing hope to the community.
We are a church that meets across the city and globe, both onsite and virtually, for our Sunday services and community life groups. We have a heart to equip each person for the work of the ministry in caring for and discipling our community. As a family that walks closely with each other, we will use your information to provide care, support and training for your spiritual growth and wellbeing through our staff and volunteers alike.
- “Data Controller” – Hatfield Christian Church is the data controller responsible for your personal data.
- “Mobile Membership Applications” – refers to the Planning Centre’s Mobile applications, i.e., Church Centre, People, Services, Check-ins, Music Stand and Calendar.
- “Personal Information” and “process/processing” bear the same meanings set out in the POPIA.
- “registered user(s)” refers to anyone registered on our Platforms and has provided us with a unique email address and password as well as other Personal Information.
- “Service” – refers to services we offer as a church, including registrations, membership and ministry support.
- “we”, “us”, or “our” refers to Hatfield Christian Church, hatfield.co.za (“Hatfield”).
- “you” and “your” refer to every person that accesses or uses our Platforms, also referred to as a user.
This policy applies to you if you are:
- a visitor to our website; or
- a member of Hatfield Christian Church.
2. Purpose and application
3. Data Protection
Any information about a living individual which allows them to be identified (“Personal Information”) relating to persons resident in South Africa acquired from or relating to such persons for any purpose will be dealt with in accordance with our policies and POPIA (the “Protection of Personal Information Act 4 of 2013”).
We will respect your data protection rights and aim to give you control over your own personal information.
We will adhere to the Principles of Data Protection as detailed in POPIA. Your Personal Information will be:
- processed in a fair and lawful manner and only with your consent unless otherwise required in terms of law;
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- adequate, relevant and limited to what is necessary, in relation to the purposes for which they are processed;
- complete, accurate, not misleading and, where necessary, kept up to date;
- protected and respected, kept secure against the risk of loss, unlawful access, interference, modification, unauthorised destruction and disclosure;
- used to help us understand and serve you better.
This policy keeps you aware of the purposes for which we collect your Personal Information, to which you provide your consent. This consent can be withdrawn at any time, and you can request the correction and/or deletion from our records of your Personal Information.
Please note our church services and other media productions are broadcast globally (live and recorded) on various platforms, and we cannot guarantee the level of protection awarded to your Personal Information in other countries.
By providing your Personal Information to us, you provide us with your consent to contact you and use, process, and store your Personal Information according to this policy. If you disagree with any part of this policy, please do not provide Personal Information to us and do not use our products, services and websites.
4. Data Controllers and Data Processors
Hatfield Christian Church is the data controller and is responsible for your personal data. We work together with our staff and volunteers to carry out our responsibilities as a church.
By providing personal data directly to us or through involvement at the church or to staff or volunteers, you consent to this data being shared with our volunteers and third-party associations who may process such data on our behalf.
5. Changes to this policy
Should you have any queries regarding the security or integrity of your Personal Information, you are welcome to contact us on (012) 368 2300 or email us directly at firstname.lastname@example.org
Acceptance of this policy
Our Service is not intended for or directed to persons under the age of 18, and we do not knowingly collect, maintain, or use Personal Data from children under 18 years of age. Any person who provides their information to Hatfield through any registration login page or any other part of the Service represents to Hatfield that they are 18 years of age or older. If you learn that your child has provided us with Personal Data without your consent, you may alert us at email@example.com. If we learn that we have collected any Personal Data from children under 18, we will promptly take steps to delete such information and terminate the child’s account.
You may only send us your own personal information or the information of another data subject where you have their permission to do so.
What kind of Personal Information is collected?
Hatfield collects Personal Information about your identity, how to contact you, information related to your spiritual journey, including prayer needs and all interactions with Hatfield. This could include information required for a course registration, child dedications, baptisms, salvations, weddings etc. Given the nature of Hatfield, Special Personal Information might also be collected.
Personal information includes:
- certain information we automatically collect when you visit our website (see Cookies);
- certain information collected when registration required (see below);
- certain information collected on submission; and
- optional information that you provide to us voluntarily (see below);
- information that has been made anonymous so that it does not identify a specific person;
- permanently de-identified information that does not relate or cannot be traced back to you specifically;
- non-personal statistical information collected and compiled by us; and
- information that you have provided voluntarily in an open, public environment or forum, including any blog, chat room, community, classifieds, or discussion board (because the information has been disclosed in a public forum, it is no longer confidential and does not constitute personal information subject to protection under this policy.
Types of personal information
Common examples of the types of personal information which we may collect and process include your:
- identifying information – such as your name, date of birth, or identification number of any kind;
- contact information – such as your phone number or email address;
- address information – such as your physical or postal address; or
- demographic information – such as your gender or marital status.
Sensitive personal information
We may also collect sensitive personal information, including your:
- financial information – such as your bank account details;
- sensitive demographic information – such as your race or ethnicity; language, country of birth;
- medical information – such as information about your physical or mental health;
- criminal information – such as information about your commission or alleged commission of any offence or about any related legal proceedings;
- employment information – including your current employer, if applicable;
- beliefs – including your religious beliefs. As a Christian church, this is core to our mission;
- media – photographs, audio recordings or video footage provided by you or taken at our church services or media productions, community groups or events.
Personal Information does not include information that is collected for statistical purposes and which cannot be linked to you or used to identify you.
Special Personal Information (SPI) is a special category of Personal Information, which includes information about your religious beliefs, ethnic origins and race where applicable.
The purpose for collecting your data
We collect and use personal data, including optional information that you provide to us for the purposes as indicated when you agreed to provide it to us.
We collect and process your personal information for various purposes, including: 1) being able to provide appropriate pastoral care to monitor and assess the quality of our ministry support, 2) registration for training and courses, 3) Conferences, and 4) Outreach programmes to fulfil our purposes as a church and to comply with the law. In legal terms, this is called ‘legitimate interests. When required, we may also ask you for your consent to process your data. We do not share your information with others except as described in this notice.
Hatfield uses your Personal Information to ensure that you can have a personal relationship with us and ensure that Hatfield can provide appropriate support to you at whatever stage of your spiritual journey you may find yourself.
In addition to this, your Personal Information is used for statistical and research purposes to ensure that Hatfield provides relevant ministry to the community.
From time to time, you may receive communication from Hatfield regarding events or changes
How do we collect?
Your Personal Information is collected through the following interactions with Hatfield: When you
- visit the church, sign up as a volunteer, go on outreach, ministry opportunity or connect with a community group;
- visit our websites (see Cookies), or by providing your Personal Information on the Hatfield Church website, via a form or through the use of the Mobile Membership Applications.
- become a member;
- make a donation;
- request and/or receive counselling, prayer or advice;
- request and/or receive assistance from a ministry related to Hatfield;
- apply for a job or volunteer;
- provide your contact details, in writing or orally, to our staff or volunteers;
- purchase goods or services, through the website, or directly from a physical location and when you provide credit/debit card or banking details;
- register, attend or participate in training programmes or short courses including those linked to the Hatfield Leadership Academy, workshops, ministries or conferences;
- participate in church activities and any of our media productions;
- request the officiating or conducting of weddings, funerals, baby dedications, baptisms or other events;
- contacting us personally or by other means such as email, text, letter, telephone or via social media;
- have face to face or online meetings with staff and volunteers;
- access and/or participating on our social media platforms such as Facebook, YouTube, WhatsApp, Twitter, Instagram;
- register with any of our online platforms;
- interact electronically via email or telephonically with our Hatfield staff or volunteers;
- engage with us in terms of pastoral care, ministry support and training and development;
- interact with us such as via our reception desk, emails, letters, telephone calls and surveys.
The third parties from whom we may collect your personal information include, but are not limited to, the following:
- your spouse, dependents, partners, employer, and other similar sources;
- people you have authorised to share your personal information, like a personal friend or colleague.
When will we process your personal information?
We will only process your personal information for lawful purposes relating to our church business if the following applies:
- if you have consented to the processing;
- if a person legally authorised by you, the law or a court has consented to the processing;
- if it is necessary to conclude or perform under a contract we have with you;
- if the law requires or permits it;
- if it is required to protect or pursue your, our or a third party’s legitimate interest.
When will we process your special personal information?
We may process your special personal information in the following circumstances:
- if you have consented to the processing;
- if the processing is needed to create, use or protect a right or obligation in law;
- if the processing is for statistical or research purposes and all legal conditions are met;
- if the special personal information was made public by you;
- if the processing is required by law;
- if racial information is processed, and the processing is required to identify you.
How we use your personal information
We may use your information to:
- remember your information so that you will not have to re-enter it during your visit or the next time you access the website;
- monitor website usage metrics such as total number of visitors and pages accessed; and
- track your entries, submissions, and status in any activities in connection with your usage of the website;
- to market relevant church or conference events that endeavour to support your spiritual growth and engagement on your whole life discipleship journey;
- to communicate with you via electronic channels such as social media, message systems, i.e. WhatsApp, SMS and email.
A cookie is a small piece of data (text file) sent from our websites or applications to your computer or device hard drive or Internet browser where it is saved. The cookie contains information to personalise your experience on our websites or applications.
We may place these small text files called ‘cookies’ on your device when you visit our website. These files do not contain personal information, but they do contain a personal identifier allowing us to associate your personal information with a device, like a computer or a smartphone.
These files serve a number of useful purposes for you, including:
- tailoring our website’s functionality to you personally by letting us remember your preferences;
- improving how our website performs;
- allowing third parties to provide services to our website; and
- helping us deliver targeted advertising where appropriate in compliance with the applicable laws.
By using our websites or applications, you agree that cookies may be forwarded from the relevant website or application to your computer or device. The cookie will enable us to know that you have visited the website or application before and will identify you. We may also use the cookie to prevent fraud and for analytics.
Our website may contain electronic image requests (called a single-pixel gif or web beacon request) that allow us to count page views and to access cookies. Any electronic image viewed as part of a web page (including an ad banner) can act as a web beacon. Our web beacons do not collect, gather, monitor or share any of your personal information. We merely use them to compile anonymous information about our website.
9. Sharing Disclosure
We may share your personal information with:
- other Hubs and Teams in our organisation, to which we belong, e.g. Go Missions or Community Pastors, so as to provide joint content and services like registration, membership and ministry support, to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about our products, services, and communications (they will only use this information to send you marketing communications if you have requested their goods or services);
- banking partners as required by credit card association rules for inclusion on their list of terminated merchants (in the event that you utilise the services to make or receive payments and you meet their criteria); and
- other third parties who provide us with relevant services where appropriate.
We may disclose your personal information as required by law or governmental audit.
We may disclose personal information if required:
- by a subpoena or court order;
- to comply with any law;
- to protect the safety of any individual or the general public; and
- to prevent violation of our customer relationship terms.
We may disclose aggregate statistics (information about our membership in general terms) about the personal information to our ministry partners.
We may need to disclose personal information to our employees that require the personal information to do their jobs. These include our responsible management, educators, human resources, accounting, audit, compliance, information technology, or other personnel. In certain situations, volunteer workers, not in our employ but vetted by us, will be entrusted with personal information as required in the performance of specific duties and subject to their agreeing to our policies on data protection.
We will not share your information with third parties without your consent unless the law requires us to do so.
For further information on how your information is used, how we maintain the security of your information and your rights to access the information we hold on you, please contact us at firstname.lastname@example.org, and we will get back to you
If you have a concern about the way we are collecting or using your personal data, you are welcome to raise your concern with us in the first instance or directly to the Information Regulator at https://www.justice.gov.za/contact/contact_list.html
You have the right to have your Personal Information processed lawfully. Your rights include the right:
- to request confirmation that we hold your personal information;
- to request a copy or description of the record containing your personal information; and
- to request the identity or categories of third parties who have had access to your personal information;
- to request us to correct or delete the personal information we have about you if it is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, obtained unlawfully or we are no longer authorised to keep it;
- to request us, where necessary, to correct, destroy or delete your Personal Information;
- to be notified that your information is being collected or that your information has been accessed or acquired by an authorised person, e.g. where a hacker may have compromised our computer system;
- to object, on reasonable grounds, to the processing of your Personal Information;
- to object to the processing of personal data that is likely to cause, or is causing, damage or distress;
- to object to the processing of your Personal Information for purposes of direct marketing, including by way of unsolicited communications;
- not to be subject, in certain circumstances, to a decision which is based solely on the automated processing of your Personal Information;
- to submit a complaint to the Regulator if you believe that there has been interference with the protection of your Personal Information or if you believe that an independent adjudicator who may be resolving your complaint against us has not decided the matter correctly; and
- to claim compensation for damages caused by a breach of the Data Protection regulations;
- to institute civil proceedings against us if you believe that we have interfered with the protection of your Personal Information.
In support of the above, we will require
- proof of identity when enforcing your rights;
- you to inform us when your personal information changes.
For more information on how to exercise your rights around your Personal Information, please refer to our Promotion of Access to Information Act (“PAIA”) manual.
10. Storage and Security
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. We hold your data for varying lengths of time depending on the type of information in question, but in doing so, we always comply with Data Protection legislation. Details of retention periods are available in our Data Retention Policy which you can view online or request by contacting us directly at email@example.com.
We take the security of personal information very seriously and always do our best to comply with applicable data protection laws. Our website is hosted in a secure server environment at our hosting company. A firewall and other advanced security measures and tools are used to prevent interference or access from outside intruders. Authorised access to personal information is only provided for those employees who require it to fulfil their job responsibilities. Disaster recovery procedures are implemented where appropriate.
How do we secure?
- We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees or trustees who need to know. They will only process your personal data on our instructions. We have put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Office where we are legally required to do so;
- keeping our systems secure (like monitoring access and usage);
- storing our records securely;
- controlling the access to our buildings, systems and/or records; and
- safely destroying or deleting records;
- Ensure compliance with international ISO security standards;
- You can also protect your personal information – please visit the website of the relevant business you have established a business relationship with for more information.
We will only retain your personal information for as long as it is necessary to fulfil the purposes explicitly set out in this policy, unless:
- retention of the record is required or authorised by law; or
- you have consented to the retention of the record.
During the period of retention, we will continue to abide by our non-disclosure obligations and will not share or sell your personal information. A more detailed guide can be found in our HCS Data Retention Policy document.
We may retain your personal information in physical or electronic records at our discretion.
Take note: We may keep your personal information even if you no longer have a relationship with us for the historical data that may be required by your employer or employee.
11. Financial Records and Card Details
All financial pledges made in support of our annual Faith Promise drive are stored behind lock and key if a pledge is made on a physical paper form or on our IT systems if done electronically. This is applicable to all personal financial information provided for either EFT, Debit or Credit Card deductions.
All credit/debit card donations made online through third-party service providers and payment gateways comply with South African laws. Card details are not recorded and stored on our systems, nor do we pass any information to third parties, except where we are legally required to do so, to assist fraud reduction, or to provide a service requested and minimise credit risks.
12. Accuracy of data
We will try to keep the personal information we collect as accurate, complete and up to date as is necessary for the purposes defined in this policy. From time to time, we may request you to update your personal information on the online database. You are able to review or update any personal information that we hold on to you by accessing your account online, emailing us, or phoning us. Please note that in order to protect you better and safeguard your personal information, we take steps to verify your identity before granting you access to your account or making any corrections to your personal information.
13. Updating or removing
You may choose to correct or update the personal information you have submitted to us either by phone or email to firstname.lastname@example.org.
We are not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of linked or any third-party websites.
16. Changes to this policy
Changes may apply to this policy from time to time, and you are requested to review this policy at least once annually.
The information contained in the email and any files transmitted with it are confidential and intended for the addressee only. No other person is authorized to copy, forward, disclose, distribute or retain in the email in any form. If you have received this email in error, please notify the originator. This email and any associated attachments have been scanned for viruses prior to dispatch, however, Hatfield Christian Church will accept no liability for any losses resulting from infected email transmissions. Please note any views expressed may be those of the originator and do not necessarily reflect those of this organisation. Please consider the environment before printing this email and/or any related attachments. In line with the Protection of Personal Information (POPI) Act 4 of 2013. all information contained in this email will be treated with the strictest confidentiality.