ChurchConnect is committed to protecting personal data and supporting compliance with the UK GDPR, the Data Protection Act 2018, and, where relevant, the EU GDPR.
We understand that churches and ministries often process personal data relating to members, visitors, volunteers, donors, staff, and other individuals. We therefore aim to provide a platform and operating approach that supports responsible data handling, access control, transparency, and security.
In many cases, the church or organisation using ChurchConnect will be the data controller for the personal data it enters into the platform, because it decides why and how that data is processed. ChurchConnect will typically act as a data processor in relation to that customer data, except where we process personal data for our own business purposes such as account management, billing, support, compliance, security, and website analytics, in which case we act as a controller for those activities.
We respect applicable rights of access, rectification, erasure, restriction, objection, portability, and complaint. Where a request relates to customer-controlled data, we may direct the request to the relevant church or organisation unless we are legally required to handle it ourselves.
We may use carefully selected third-party service providers to support hosting, infrastructure, payments, communications, analytics, customer support, and related business functions. Where required, we implement contractual and organisational safeguards designed to protect personal data and support lawful processing.
We maintain measures intended to reduce the risk of accidental or unlawful loss, destruction, alteration, unauthorised disclosure, or access. Where a personal data breach occurs, we will assess it promptly and take appropriate action in line with our legal obligations and contractual commitments.
For GDPR or data protection enquiries, please contact admin@churchconnecthub.co.uk.
Effective date: 22 March 2026 | Last reviewed: 22 March 2026