Summary & Purpose

LifeHouse Church Inc (“Church”) appreciates that privacy is very important. The Church has adopted this Privacy Policy as we recognise the right of people to keep their personal information private. This Privacy Policy covers the Church’s treatment of personally identifiable information that we collect or hold. Like many other organisations, the Church must comply with the Australian Privacy Principles (“APP”) contained in the Australian Privacy Act and the EU General Data Protection Regulation (“GDPR”) when dealing with personal information or personal data.

Interpretation

Whenever “We”, “Our” or “us” is used in this Policy it is referring to your relationship with and an obligation or right with the Church.

“Data Controller” is the entity that determines the purpose for which personal data is collected and processed.

“Data Processor” is the entity processing personal data on behalf of the Data Controller.

“Local Church” is the church referred to at the end of the Policy.

“Personal Data” is any information relating to an identified or identifiable natural person.

Data Protection

This Policy explains how we comply with laws and regulations in our respective countries and the GDPR and the APP (jointly and severally, “Privacy Laws”). We will adhere to the Principles of Data Protection as detailed in the GDPR. Your information will be:

• Processed lawfully, fairly and in a transparent manner;
• Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
• Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
• Accurate and, where necessary, kept up to date;
• Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
• Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage using appropriate technical or organisational measures.

Data Controllers and Data Processors

Although the Church and the Local Church are in separate locations, they work together and may need to share personal data so that each can carry out their responsibilities as churches, support the church community and provide products and services you request.

Whilst this Privacy Policy is posted on the website by the Church as a Data Controller, it is on the section of the website managed by the Local Church where the Local Church is also a Data Controller of personal data you provide.

If you provide personal data directly to the Local Church or through involvement at the Local Church, or to staff or volunteers, the Local Church is the Data Controller responsible for complying with its legal obligations under the GDPR. Where consented or permitted, this personal data is shared with the Church and the Church may either process such data on behalf of the Local Church, or as a joint Controller use for its own purposes.

Where the Church and the Local Church are joint Controllers, both are responsible for how your data is processed.

EU Representative

As the Church is a Data Controller based in Australia, each Local Church in the EU is the country representative for the Church in the jurisdiction in which the Local Church is established to assist the Church with the collection, storage, use and transfer of information and compliance with all applicable data protection laws.

How We Collect Your Information

We collect personal information each time you are in contact with us. For example, when you:

• Visit our website or use our app;
• Register your details and your family details at our website or our app;
• Make a donation;
• Register for a conference or other church event;
• Provide your contact details, in writing or orally, to church staff or volunteers;
• Purchase goods or services, including when you provide credit or debit card details;
• When you attend church services or participate in other church activities;
• Communicate with the church by means such as email, letter, telephone;
• Face to face meetings with staff and volunteers;
• Access social media platforms such as Facebook, YouTube, Whatsapp, Twitter, Instagram, Vimeo, iTunes, Google Plus

Where practicable, the purpose for which we collect personal information will be made clear at the time of collection. If you do not provide us with certain information we may be unable to provide you with access to some of our services or the assistance you have requested.

Types of Information Collected

The types of personal information collected by us include:

• Personal details such as your title, name and date of birth;
• Contact details such as postal address, post code, email, mobile and telephone numbers;
• Demographic information such as marital status, nationality, education, employment/qualifications and family details;
• Financial information such as donation history and your bank details;
• Spouse and family details when you jointly volunteer, register for events, and/or register your children for any reason at the Church or the Local Church;
• Non-financial information such as passports, driving licences and other identification documents for the purpose of volunteer checks.
• Employee and volunteer data such as qualifications, languages and experience;
• Records of your contact with us;
• Photographs provided by you or taken at the Church or Local Church services or events;
• Visits to the website and app to enable the Church to improve its effectiveness and better promote church services and events.

We may also collect and store sensitive personal information (special category information under the GDPR) such as:

• Health information provided during pastoral meetings;
• Health information to assist attendance at the Church or Local Church services and events;
• Religious information;
• Prayer requests.

How We Use Your Information

The Church will use the personal information we collect for the purpose disclosed at the time of collection, or otherwise as set out in this privacy policy. We will not use your personal information for any other purpose without first seeking your consent, unless authorised or required by law. Generally, we will only use and disclose your personal information as follows:

• to maintain and establish your connection with the Church, including by providing you with newsletters;
• to provide the products or services you have requested from the Church; to answer your inquiry;
• to register you for events, conferences or promotions;
• to assist in making the Church’s sites, services and products more valuable to our community;
• for direct promotion of products or services and to keep you informed of new developments that the Church believes may be of interest to you;
• to third parties where we have retained those third parties to assist us to operate the Church and provide the products or services you have requested, such as religious education instructors, catering and events coordinators, promotions companies, transport providers, health care providers, website hosts and IT consultants, and our professional advisers such as consultants, lawyers and accountants. In some circumstances we may need to disclose sensitive information about you to third parties as part of the services you have requested; and
• to different parts of the Church to enable the development and promotion of other products and services and to improve our general ability to assist Church attendees and wider community.

Access to Your Information

You may gain access to the personal information that the Church holds about you by contacting the Church’s Privacy Officer and lodging an information request as set out below. The Church will provide you with access to your personal information unless we are legally authorised to refuse your request.

If you wish to change personal information that is out of date or inaccurate at any time, please contact the Church’s Privacy Officer. After notice from you, we will take reasonable steps to correct any information which is inaccurate, incomplete or out of date. If you wish to have your personal information deleted, please let us know and we will delete that information as required by the Privacy Laws.

We may refuse your request to access, amend or delete your personal information in certain circumstances. If we do refuse your request, we will provide you with a reason for the refusal and, in circumstance of amendment, we will note with your personal information that you have disputed its accuracy.

Data Storage

Information you provide electronically, including through this website, may be held on computers in the Church and Local Church locations and on servers in Australia and Europe.

Information you provide in paper form, such as consents, letters or recorded in meetings with staff or volunteers, may be transferred to secure virtual systems or stored in secure physical filing systems. The information may be accessed, used and stored in compliance with the Privacy laws.

Third party service providers may process information, fulfil and deliver orders, process donations and credit card payments, and provide support services on our behalf. Where such details are shared, agreements in place restrict the use of your information to the purpose for which it is provided and ensure it is stored securely and in accordance with applicable data protection and Privacy Laws.

We do not sell or pass any of your personal information to any other organization and/or individuals without your express consent, unless required by law.

Retention of Information

We will only keep your personal information for as long as it is required and in accordance with Privacy Laws and other legal requirements.

If you have indicated that you no longer wish to hear from us, we will keep the minimum information necessary to ensure that no future contact is made.

However, even after you modify your communication preferences, we may retain copies of information about you for a period of time that is consistent with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation, or legal process.

Where we hold sensitive category personal information (as defined in the GDPR), unless we have evidence of your regular contact with us or we are required by law to retain, the sensitive information will be deleted after a period of two (2) years.

Cookies

We use various technologies to collect information when you access or use lifehouse.com.au or lifehouse.global or flourishconference.com.au, including placing a piece of data, commonly referred to as a “cookie on your device. Cookies are small data files that are stored on your hard drive or in your device memory when you visit a website or view a message. By using lifehouse.com.au or lifehouse.global or flourishconference.com.au, you permit us to collect and use your information from activity on devices you use in accordance with this Privacy Policy. For more information and to learn how to block or delete cookies used on lifehouse.com.au, lifehouse.global or flourishconference.com.au, please see our Cookies Policy.

Your Rights

Where you have provided your consent to us processing your personal data, you may withdraw this consent at any time. In addition, the Privacy Laws give you the right, under certain circumstances:

• to request in writing and securely obtain copies of the personal information we hold about you;
• to correct or update your personal information held by us;
• to request us to stop using your personal information for marketing purposes or for any other purpose where there is no legal requirement for continued processing;
• to object to profiling activities based on our legitimate interest;
• to request to have all personal data deleted (in the EU only). To exercise any of these rights please contact the Data Protection Officer (contact details set out at the end of the Policy).

Please tell the Church or the Local Church as soon as any of your contact details change so that records can be kept up to date.

We will take reasonable steps to correct any of your information, which is inaccurate, incomplete or out of date.

If you wish to have your personal information deleted, please contact the Privacy Officer at the Church or the Local Church you attend (or previously attended if you no longer attend a LifeHouse Church) and where required by the Privacy Laws, that information will be deleted.

A request to access, amend or delete your personal information may be refused in certain circumstances. If refused, you will be provided with a reason for the decision and, in the case of amendment, will note with your personal information that its accuracy is disputed.

Security

The Church will take reasonable steps to keep secure any personal information, which we hold, and to keep this information accurate and up to date. Personal information is stored in a secure server or secure files.

The internet is not a secure method of transmitting information. Accordingly, the Church cannot accept responsibility for the security of information you send or receive from us over the internet or for any unauthorised access or use of that information.

Links and Social Media

This website may also include links to other websites or may provide social media buttons, permitting sharing web content directly to a social media platform, such as Facebook, Instagram, Twitter, WhatsApp, Vimeo, iTunes and YouTube.

We do not endorse social media website(s) and have no responsibility for the content unless posted by or approved by us nor are we responsible for the cookies such websites may contain.

Use of such buttons or links is at your own risk and you must verify authenticity of sites before posting or providing personal information on such sites. We do not ask for passwords or personal details on social media.

Websites such as Vimeo and YouTube are used to embed videos on the website and service providers such as Fluro, Asana, Office365, Elvanto, Blurry, MailChimp and Google Analytics may send their own cookies via this site. Please look at the cookie and privacy policies on these third-party sites if you want more information about this.

This website may also contain sponsored links and adverts. These may typically be through related LifeHouse Churches, partner ministries or service providers, who may have their own detailed privacy policies.

Downloads

Any documents or files made available to download from our website are provided at users’ own risk.

Reporting Concerns

Please contact either the Church or the Local Church if you wish to raise a concern about handling of your personal information through this website or directly to the Local Church if it involves information provided by other means.

You also have the right to lodge a complaint with the relevant data protection authority office in your jurisdiction about how your data is managed

Changes to this Privacy Policy

The Church may amend this Privacy Policy from time to time by having the amended version available at the information counters at the Church. We suggest that you visit our website regularly to keep up to date with any changes.

Contacting Us

If you would like any further information, or have any queries, problems or complaints relating to the Church’s Privacy Policy or our information handling practices in general, please contact our Privacy Officer by writing to The Privacy Officer, LifeHouse Church, 9 Western Avenue, WESTMEADOWS, VIC 3049, AUSTRALIA.

Local Church:

LifeHouse North

9 Western Avenue, Westmeadows VIC 3049

+61 1300 720 470

church@lifehouse.global

LifeHouse East

9 Western Avenue, Westmeadows VIC 3049

+61 1300 720 470

church@lifehouse.global

The following are the nominated representatives of the Church in each country;

LifeHouse Poznan

+48 535 949 900

poznan@lifehouse.global