Data Protection Policy

Data Protection Policy

Breakthru Church uses personal data of living individuals for the purpose of general church administration and communication. Brentwood Foodbank uses personal data of individuals for the purpose of general administration and processing orders or applications submitted by Foodbank users to carry out research and demographics of Foodbank customers.

Breakthru Church and Brentwood Foodbank hereafter referred to as “the Charity” recognises the importance of the correct and lawful treatment of personal data. All personal data, whether it is held on paper, on computer or other media, will be subject to the appropriate legal safeguards as specified in the General Data Protection Regulations 2017 (GDPR).

The Charity fully endorses and adheres to the eight principles of the GDPR. These principles specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transportation and storage of personal data. Employees, volunteers and any others who obtain, handle, process, transport and store personal data for the Charity must adhere to these principles.

The Principles

The principles require that personal data shall:

  1. Be processed fairly and lawfully and shall not be processed unless certain conditions are met.
  2. Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose.
  3. Be adequate, relevant and not excessive for those purposes.
  4. Be accurate and where necessary, kept up to date.
  5. Not be kept for longer than is necessary for that purpose.
  6. Be processed in accordance with the data subject’s right.
  7. Be kept secure from unauthorised or unlawful processing and protected against accidental loss, destruction or damage by using the appropriate technical and organisational measures.
  8. Not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

How we collect information about you.

The Charity collects personal information at certain times when you are in contact with us. For example, when you:

  • Contact us through our websites: and
  • Register your details and your family details at any of our services or meetings (including Toddler Group)
  • Complete a gift aid form for any donations made
  • Provide donations by cheque or bank transfer
  • Complete a signed Foodbank food voucher
  • Provide your contact details in writing or orally to the Charity staff or volunteers
  • Communicate with the church by means such as email, letter, text, telephone
  • Face to face meetings with staff and volunteers
  • Access social media platforms such as Facebook, YouTube, WhatsApp

Maintaining Confidentiality

The Charity will treat all your personal information as private and confidential and not disclose any data about you to anyone other than;

  • the leadership and ministry overseers/co-ordinators of the charity, in order to facilitate the administration and day to day ministry of the church and foodbank
  • third party suppliers who provide services to us.

All Charity staff and volunteers who have access to Personal Data will be required to agree and sign a Confidentiality Policy and a Data Protection Policy.

There are four exceptional circumstances where data may be required to be shared to the above which is permitted by law:

  1. Where we are legally compelled to do so.
  2. Where there is a duty to the public to disclose.
  3. Where disclosure is required to protect your interest.
  4. Where disclosure is made at your request or with your consent.

Use of Personal Information

The Charity will use your data for the following purposes:

  1. The day to day administration of the charity; e.g. pastoral care and oversight including calls and visits, preparation of ministry rotas, maintaining financial records of giving for audit and tax purposes.
  2. Contacting you by phone/text or email to keep you informed of church activities and events
  3. To register you for events or activities
  4. For promotion of services that we believe may be of interest to you

Who Sees Your Information

The information that you provide to us will be held on computers and electronic devices in the UK. Information may be accessed by the Charity staff, volunteers and the Leadership Team or Small Group Leaders who have secure and authorized access. However, we may disclose your personal information to third party suppliers who provide services to us or where we are required to. 

Example #1 Gift aid donations for both the church and Foodbank are administered by the Assemblies of God (AOG) Great Britain Finance Team for any new donors the name and address of the donor is required to be provided to AOG for HM Revenue and Customs purposes. However, once the gift aid donor is established for security reasons donor’s addresses are not utilised and donors are only referenced in gift aid submissions by the use of a unique donor ID number and name. 

Example #2 Foodbank customer details (name & address, number and age range of dependants etc) which are included on food vouchers via referral agencies are kept following collection of the food parcel as certain details are required to be reported onto a secure website for statistics and demographic purposes. Other than the above we do not sell or pass any of your information to other organisations and/or individuals without your express consent.

Sensitive Personal Information. The Charity may collect and store sensitive personal information such as health information, religious information (church attendance) when you and/or your family attend or register for church events. Your personal information will be kept strictly confidential. It is never sold, given away, or otherwise shared with anyone, unless required by law.

Keeping Details Up to Date.

Please tell us as soon as any of your contact details change so that we can keep our records up to date. You can change the way we contact you or unsubscribe from receiving emails or texts by letting us know either by email or text to remove you from our lists.

Access to Your Information

You can request access to the personal information that the Charity holds about you by contacting the Charity’s Privacy Officer, using the standard letter which is available online from

If you wish to change personal information that is out of date or inaccurate, please contact us. The Charity will take reasonable steps to correct any of your information which is inaccurate, incomplete or out of date.

The Charity aims to comply with requests for access to personal information as quickly as possible and will ensure that it is provided within 30 days of receipt of a request, unless there is good reason for delay. In such cases, the reason for delay will be explained in writing to the individual making the request.


The Charity will take reasonable steps to keep secure any personal information, which we hold and to keep this information accurate and up to date. Personal information, held electronically, is stored in secure files.

The internet is not a secure method of transmitting information. Accordingly, the Charity cannot accept responsibility for the security of information you send to or receive from us over the internet, or for any unauthorised access or use of that information. We take security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. Your information will be held for a reasonable period or as long as the law requires or permits.

Social Media

The Charity uses social media such as Facebook, WhatsApp and YouTube. Users must verify authenticity of the sites before posting or providing personal information on such sites. Our websites may provide social media buttons, permitting sharing our web content directly to a social media platform. Use of such buttons is at your own risk. Unless it is material supplied or officially posted by the Church, we do not endorse social media websites and have no responsibility for the content nor for the cookies they may contain. The Charity does not ask for passwords nor personal details on social media.


Any documents or files made available to download from our website are provided at users own risk.

Changes to Policy

Breakthru Church may amend this Privacy Policy from time to time to ensure compliance with changes or amendments to the law of the UK.

Contact Details

If you would like any further information, or have any queries, problems or complaints relating to this Privacy Policy, please contact the Charity’s Data Protection Officer:

Data Protection Officer: Dean Kitchener
Address: 250 Ongar Road, Brentwood, Essex CM15 9DX
Tel:- 01277 229189

GDPR glossary of terms