Data Protection Policy

Statement of Data Protection Policy

Grace Stirk, Accredited Humanist Celebrant

 

  1. ABOUT THIS POLICY

In the course of my business as a Celebrant accredited by Humanists UK I am fully committed to compliance with the requirements of the General Data Protection Regulation, Data Protection Act 2018 and any successor legislation, and to protecting the rights and freedoms of individuals with respect to the processing of their personal data.

  1. WHY I COLLECT YOUR DATA

In order to perform my role as a celebrant – which involves creating a meaningful and bespoke ceremony tailored to the participants – I need to understand as much as I can about them. To that end I will spend time asking about their lives and the lives of those close to them, which inevitably means I will acquire and need to keep records of the personal data that they share with me. However, I will only do this with the consent of the people who share the data with me. I will also need to acquire and keep contact details of all those people I need to communicate with during the course of any celebration which they commission me to lead.

  1. WHAT DATA DO I COLLECT?

The data I will – with the consent of my clients – seek to collect and keep will include but not be limited to names, phone numbers, e-mail and street addresses, information about where and when people were born, lived, and worked, and extensive personal details of their lives and the lives of their friends and families and of any individuals who are involved in the celebration concerned, whether directly or indirectly. It may include highly personal data including an individual’s gender, sexual orientation, marital status, gender identification, race and religious beliefs or the absence thereof, and medical issues, all as may be relevant to the creation of a personal and meaningful ceremony.

This data may include written materials, copies of materials written or kept by anyone involved in any ceremony and provided to me, photographic and audio material, completed fact sheets used to gather information, emails, texts and other electronic messages, as well as the working and final scripts which I will write and/or assemble as the basis for the ceremony concerned

  1. WHAT DO I DO WITH THE DATA?

I use data that I acquire only for the creation and delivery of the ceremony concerned. This may include administrative purposes such as booking and billing, and organising aspects of the ceremony, but will centre on the writing of the script for the celebration itself.

I do not use data for any purpose connected with evaluating the data subject’s suitability for or entitlement to any product, service or facility.

  1. WHO DO I SHARE DATA WITH?

I am a sole celebrant and thus do not share data with any employees, subcontractors or agents, or with any other third party save as expressly set out in this paragraph. With my clients’ express written consent I will present the script for the ceremony – which may be recorded by the clients for their own purposes – so personal information contained in the script will be disclosed as agreed to anyone attending the ceremony concerned, whether in person or via electronic transmission. With client consent I may also:-

  1. i) share contact and organisational information – which may include details of the ceremony as required – with any third party also involved in the delivery of the ceremony concerned, including but not limited to funeral directors, people working at the relevant crematorium or burial ground, printers of any order of service, and other relevant professionals including but not limited to photographers, florists, and venue operators;
  2. ii) include unidentified photographs on my website as approved by the client concerned for marketing purposes;

iii) submit a copy of a finished script for retention in the Humanists UK archive;

  1. iv) share a copy of a finished script with another accredited Humanists UK celebrant for the purposes of peer review and/or continuing professional education.
  2. HOW I STORE DATA

I store data on electronic devices which may include but will not be limited to a computer, smartphone, and/or tablet computer, and I may also keep some data in secure cloud storage. All such devices and storage will be password protected and all such devices – if networked – will be protected by an up-to-date anti-virus software tool.

I will also create and use written records for the creation of a ceremony and will retain these in my secure home office until after the ceremony is concluded as detailed below.

  1. HOW LONG DO I RETAIN DATA?

I will retain core information relating to the client and the subjects of any ceremony, including contact information, any order of service, the full script for the ceremony and the longer working script, in electronic format for record keeping purposes and to enable me to review my professional output for as long as I remain a practising celebrant, subject to regular review. I will destroy hard copy information within three months of the delivery of the ceremony concerned.

If a client requests me to destroy any personal information I hold at any time I will do so on receipt of written notice duly executed by the client.

  1. ACCESS TO INFORMATION I HOLD ABOUT YOU

Clients may ask at any time for me to give them copies of all personal information I hold about them in the form of copies of any of the retained materials specified in paragraph 7. Non-clients may ask to see details only of personal information I hold relating directly to them, and I will extract and supply a list of such information within one calendar month of receipt of any such request to the extent it complies with any data protection legislation then in force and applicable to the personal data concerned. If any such information is incorrect I will correct it immediately on production of evidence to that effect, or will delete the information held.

  1. PROCEDURE IN THE EVENT OF A DATA BREACH

As a sole trader I act as the Data Protection Manager for my celebrancy activities. If I believe a data breach has occurred and that personal data may have been seen, stolen or accessed by any unauthorised individual or automated system I will immediately make a record of such event, and will assess the likely risk to any individual data subject, and the likely severity thereof. I will then follow guidance then in force as specified by the Office of the Information Commissioner (“ICO”) as regards potential notification of the ICO and of any affected individuals in order to help them to protect themselves from the effects of the breach.

  1. REVIEWING THIS PRIVACY STATEMENT

This privacy policy is dated 3rd July 2023. It will be reviewed every calendar year on or before 31st December, starting on or before 31st December 2024.