Personal data refers to information about a living individual, who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The data controller is the person or organisation who determines the how and what of data processing. The processing of personal data is governed by the General Data Protection Regulation (the GDPR). ‘Processing’ refers to anything done with/to personal data, including storing it.
Peasum is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.
Peasum complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes: -
| PURPOSE | LEGAL BASIS |
|---|---|
| Managing our contractual and/or employment relationship with you. | Necessary for the performance of a contract to which you are a party. |
| Recruitment | Justified on the basis of our legitimate interests for ensuring that we recruit the appropriate employees. |
| Facilitating communication with you (including in case of emergencies, and to provide you with requested information). | Justified on the basis of our legitimate interests for ensuring proper communication and emergency handling within the organisation. |
| Operating and managing our business operations. | Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations. |
| Complying with legal requirements. | Necessary for the compliance with a legal obligation to which we are subject. |
| Monitoring your use of our systems (including monitoring the use of our website and any apps and tools you use). | Justified on the basis of our legitimate interests of avoiding non-compliance and protecting our reputation. |
| Social listening (Identifying and assessing what is being said about Peasum and our clients on social media (only publicly accessible content) to understand sentiment, intent, mood and market trends and our stakeholders’ needs and thereby improving our services. We do this through key-word searches and our goal is to gain insights in conversation trends over a specified period and not to identify an individual. To achieve this, we analyse and monitor conversation streams and monitor publicly available opinions, statements or other interactions on social media channels.) | Justified on the basis of our legitimate interest of protecting our assets and our brand on social media. |
| Improving the security and functioning of our website, networks and information. | Justified on the basis of our legitimate interests for ensuring that you receive an excellent user experience and our networks and information are secure. |
| Undertaking data analytics, i.e. applying analytics to business operations and data to describe, predict and improve business performance within Peasum and/or to provide a better user experience. (more details on how we run analytics on our website can be found in our cookie policy). | Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations. |
Where the above table states that we rely on our legitimate interests for a given purpose, we are of the opinion that our legitimate interests are not overridden by your interests, rights or freedoms, given
(i) the transparency we provide on the processing activity,
(ii) our privacy by design approach,
(iii) our regular privacy reviews and
(iv) the rights you have in relation to the processing activity.
If you wish to obtain further information on this balancing test approach,
Please contact us at contactus@peasum.com
• Explicit consent of the data subject so that we can keep you informed about news, events, activities and services related to Peasum.
• Processing is necessary for carrying out legal obligations in relation to employment, contract, social security or social protection law, or a collective agreement.
Peasum has a duty to ensure your information is kept safe. All information you provide to us is stored on our secure servers. We only allow people who work for us and need to know your personal data to see it and these individuals will be continuing regular training about how important it is to keep your personal information private and safe. Keeping your information private is very important to us and we have rules to make sure that no-one shares your information in the wrong way. Our security technology is updated and tested regularly and we use strict procedures and security features with the aim of preventing unauthorised access.
Your personal data will be treated as strictly confidential and will only be shared with other members of Peasum, to carry out a service to other church members or for purposes connected with the church. We will only share your data with third parties outside of Peasum with your consent. We will share your personal information to third parties if we are under a duty to disclose or share your personal data to comply with any legal obligation, or to protect the rights, property, or safety of our congregation, or others.
Your personal data is stored by us on our servers, and on the servers of the cloud-based database management services that we engage. We retain data for the duration of the relationship with us. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at contactus@peasum.com or by post.
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
• The right to request a copy of your personal data which Peasum holds about you;
• The right to request that Peasum corrects any personal data if it is found to be inaccurate or out of date;
• The right to request your personal data is erased where it is no longer necessary for Peasum to retain such data;
• The right to withdraw your consent to the processing at any time;
• The right to lodge a complaint with the Information Commissioners Office.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Over time, the way we look after your information may change and, if it does, inevitably this document will change too. If we wish to use your personal data for a new purpose that is not covered by this Data Privacy Notice, then we will make the new notice available on our website, explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. You should check our site regularly to see the newest document that is being used and any changes that have been made. The information about how we collect, use, share, save and keep your personal information private in the newest (changed) document will take the place of any in the old documents.
To exercise all relevant rights, queries or complaints please in the first instance contact Peasum at contactus@peasum.com
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.