Site search

Last updated 2nd August 2018

General Data Protection Regulation 2018 (GDPR)

The General Data Protection Regulation 2018 (GDPR) comes into effect on 25 May 2018 and will impact on all parishes in relation to the personal data they hold.

This page will be updated as and when more information is available, but we strongly recommend that you begin the process of identifying a Parish Data Officer and carrying out a data audit as soon as is practicable.

In the meantime read this introductory article on our news pages which is also featured in the March edition of the Diocesan magazine 'The See' sent to most parishes in the Diocese.

A copy of our Data Consent form is available here.

More information (including full Q and As; checklists and audit forms) can be found on the Church of England Parish Resources website.

GDPR Awareness for PCCs and Parishes


A comprehensive suite of GDPR e-learning courses is now available for anyone within the Church of England structure (dioceses, cathedrals, parishes and other CofE organisations).

The courses, delivered by specialist training provider Me Learning, cost £10 + VAT (£12) per course.

The Church of England’s Parish Buying team has negotiated a substantial discount with Me Learning for a period of three years from May 2018. (This type of course usually starts at around £25 and can cost up to £395).

Background

Training is considered by the Information Commissioners Office (ICO) to be one of the measures organisations should take towards compliance with the new data protection regulation.

This training has been made available to help ensure that your parish is taking the steps to comply with GDPR. It is recommended that in parishes at least one person, other than the incumbent, takes one of the courses.

The courses:

  • Core (level 1): This level that will be appropriate for the vast majority of staff, clergy and those holding church offices. This course includes three modules that will take around 30 minutes each to complete.
  • Marketer (level 2): This involves detailed and extended modules for those who are involved directly in fundraising, stewardship, planned giving, pastoral or evangelism activities. This course includes six modules and will take about 3 hours to complete.
  • Foundation (level 3): This level is for those people who have significant responsibility for data protection within a department or organisation, who are not acting as Data Protection Officers. This course includes seven modules and will take 3 hours and 30 mins to complete.
  • Practitioner (level 4): For those who work closely with GDPR, such as Data Protection Officers. This course includes 10 modules and will take 5 hours to complete.
  • Board (level 5): For chief officers, trustees, and senior people who need to understand their accountability responsibilities, but do not need detailed understanding of GDPR. This course includes three modules and will take 1 hour and 30 minutes to complete.

For more information, including how to access the training, please read this guidance