You are giving your personal data to The Trustees of the General Assembly of the Church of Scotland as the Data Controller.
Your Personal Data
You are being asked to supply your: Full name and contact telephone number.
The purpose of processing the personal data we ask for is to assist with the NHS Scotland Test & Protect Strategy.
Under the Data Protection Act 2018 and GDPR, the legal basis for this processing is:
1) Article 6/1d – Processing is necessary in order to protect the vital interests of the data subject.
2) Article 9/2i – Processing is necessary for reasons of public interest in the area of public health.
Your personal data will not be used for any other purpose without your permission, except in the context of fulfilling a legal obligation to which The Church of Scotland is subject.
If you do not provide the personal data requested, we cannot register your attendance at the Church and will be unable to share your name with NHS Scotland if a relevant case of infection occurs.
Your personal data will be retained for up to 28 days and will then be disposed of securely.
Personal data processing is carried out for Church of Scotland congregation members, visitors, ministers and employees.
Sharing Your Personal Data
The purpose of the sharing is to assist with the NHS Scotland Test & Test Strategy. Your personal data will not be used for any other purpose or shared with a third party unless doing so is necessary in order to comply with a legal obligation or in order to protect your vital interests or those of another data subject.
Your personal data will not be transferred outside the EEA.
Under the Data Protection Act 2018 you have the following rights:
- The right to be informed.
- The right to access (your personal data).
- The right to rectification.
- The right to erasure.
- The right to restrict processing
- The right to object to processing.
- The right to data portability.
- Rights in relation to automated decision-making.
If you wish to invoke any of your rights, including for the purpose of a Subject Access Request (SAR), send your written request to: Data Protection Officer, Church of Scotland, 121 George Street, Edinburgh, EH2 4YN. Or email: firstname.lastname@example.org
You may also advise us of an incident involving personal data or a data breach using the same contact information.
You have the right to make a complaint about our processing of your personal data to the ICO as the regulator in the UK. You can contact the Information Commissioner’s Office (ICO) at:
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF