Privacy statement

Privacy Statement Stichting Onze Lieve Vrouwekerk (ENG)

In this privacy statement, you will read which personal data the parish processes and why it does so. This statement also informs you of your rights and where you can go with questions.

In the following situations, the privacy statement is provided by the parish (digitally) or clearly referenced on the used (registration) form to the privacy statement on the parish website:

  • To the parents of an infant at the registration for the sacrament of Baptism;
  • To adults at the registration of their admission to the catechumenate;
  • To the marriage candidate(s) if he or she is not registered in the membership administration of the R.C. Church;
  • To contact persons recorded in the bereavement and/or cemetery register (grave rights) if the contact person is not registered in the membership administration of the R.C. Church;
  • To the volunteer, if the volunteer is not registered in the membership administration of the R.C. Church;
  • To parishioners and/or other interested parties who register for a church activity

 

1.Name and contact details of the parish

  • Name: Stichting Onze Lieve Vrouwekerk
  • Postal address: Keizersgracht 218 B, 1016 DZ Amsterdam
  • Telephone number: 020 2400803
  • Parish board email: This email address is being protected from spambots. You need JavaScript enabled to view it.

2. Personal data processed by the parish

  • The membership administration contains various personal data about parishioners and their household members (partner, children), such as names and address details. In this document, the parishioners are referred to as "data subjects."
  • The financial system includes certain financial data about church contributions, and if you make church contributions, also your account number.
  • The parish magazine contains names and contact details of pastors and various volunteers. It also contains photos of parish activities in which individuals can be identified.
  • The website includes names and contact details of pastors and volunteers. It also features photos of parish activities in which individuals can be identified.
  • The church registers contain data about the sacraments (baptism, confirmation, marriage, ordination) performed in one of the parish's church buildings.
  • You can find the specific personal data registered above and in Article 5 of the General Regulation for the Protection of Personal Data Parishes 2018. This regulation can be found at www.rkkerk.nl/avg.

3. The purpose of processing personal data

  • The parish registers personal data to record in church registers which sacraments someone has received. This includes:
    • The registration associated with receiving the sacraments of Baptism, Confirmation, Holy Communion, Marriage, and Ordination.
    • The registrations required under Canon Law.
  • A parish is a community of parishioners, family of parishioners, and people involved with the parish. The parish must maintain an administration to ensure the organization of the parish community, such as:
    • Registering your contact details to send information and invitations about parish activities through communication channels.
    • Maintaining volunteer tasks and a registry of volunteers.
    • Keeping financial records related to church contributions, donations, and other fundraising activities, as well as financial records regarding grave rights and stipends.
  • A parish is part of the Roman Catholic Church. As a parish, we are always connected with other R.C. church institutions in the Netherlands. As a parish, we contribute to the maintenance and accuracy of the church membership administration and archives.
  • A parish has a parish archive. For example, the baptism register is kept in the parish archive. The parish can also store personal data in the archive as a source for historical, statistical, or scientific research, but only if it has an interest in the archive's purpose.

4. Authority to process personal data

  • The parish may process special personal data, such as religious beliefs, under the law (Article 9(2)(d) GDPR).
  • Other personal data may be processed by the parish based on the parish's legitimate interest in:
    • Registering its parishioners, their family members, and people who are not members of the parish but maintain contact with the parish.
    • Keeping the volunteer administration, financial administration, conducting fundraising activities, and maintaining church registers.
  • The execution of an agreement to which the data subject is a party.
  • Complying with a legal obligation of the civil (e.g., tax authorities, social service, police, or judiciary) or church authorities.
  • The consent given by the data subject (e.g., by joining a working group as a volunteer or subscribing to the parish magazine or parish meetings).

5. Retention Period

  • The parish retains personal data as long as a person is registered as a member of the parish. If you are no longer a member because you have moved to another parish, we will delete the personal data within one year from the parish's membership administration.
  • The parish cannot remove personal data from the church books (baptism book, etc.) because it is important to keep track of who has received church sacraments. The parishes follow Canon Law.
  • Personal data stored in other files, such as the volunteer file, the file for the newsletter and/or parish magazine, or the registration of contacts in the cemetery register, is not retained longer than necessary for the purpose of the file.
  • Sometimes, we cannot delete personal data because it would require an exceptional amount of work for the parish. Data that cannot be deleted without unreasonable effort includes personal data in printed issues of the parish magazine or information bulletin, or under certain circumstances, the parish archive.

6. Provision of Personal Data to Third Parties

  • Personal data is provided to - and mostly comes from - church institutions that are part of the R.C. Church in the Netherlands. Examples include other parishes, the diocese, IPAL (the interdiocesan platform for financial and membership administrations).
  • If you have an agreement with the parish, such as an employment agreement or a donation agreement, certain data must be provided to the Tax Authorities or another government agency based on a legal obligation. On a (model) donation agreement, you may be asked to fill in your BSN.
  • The parish may hire a payroll administration office. For some services, the parish may also engage an external party, for example, for managing the cemetery administration. In all these cases, the parish makes agreements with these third parties about the security of your personal data in a processing agreement.

7. Security of Stored Personal Data

  • The secure access to the membership administration system is limited to the membership administrators and the parish board members. Other individuals do not have access.
  • The secure access to the financial system is limited to the financial administrator(s) and the parish board members. Other individuals do not have access.
  • Volunteers can receive files with personal data as far as necessary for performing their duties (e.g., distributing the parish magazine or executing the Church Balance Action). They destroy these files as soon as they are no longer needed.

8. Right of Access and Correction

  • Every parishioner has the right to access the personal data stored about him/her. You can submit a request, accompanied by identification, to the parish board. The contact details are listed at the top of this privacy statement.
  • If you find an error, you can report it to the parish board.
  • More information about your rights can be found in the General Regulation for the Protection of Personal Data Parishes. You can find this document at www.rkkerk.nl/avg.

9. Deletion of Data

  • A request to delete contact details, financial, or other general personal data can be directed to the parish board. The contact details of the parish board are listed at the top of this privacy statement. The members of the parish board will handle your request.
  • If you wish to deregister as a parishioner, we ask you to follow the applicable procedure for registration and deregistration in the R.C. Church. Information about this procedure and the form can be found on the website www.rkkerk.nl. This form should be sent to the parish board. The contact details of the parish board are listed at the top of this privacy statement. The members of the parish board will handle your request.
  • More information about your rights can be found in the General Regulation for the Protection of Personal Data Parishes. You can find this document at www.rkkerk.nl/avg. On www.rkkerk.nl, you will also find more information about the church procedure for deregistration and the deregistration form.

10. Right to File a Complaint

Requests or complaints regarding the handling of personal data can be sent by the data subject to the parish board. The contact details are listed at the top of this privacy statement.

  • The data subject will receive a written notification about the result of the submitted request or complaint.
  • If the parish board does not or only partially honors the request or complaint, the data subject can file a complaint regarding the dispute with the parish with the Dutch Data Protection Authority:

Autoriteit Persoonsgegevens
To the complaint coordinator
P.O. Box 93374
2509 AJ THE HAGUE

11. Data Protection Officer

  • For questions or complaints about the processing of personal data in the R.C. Membership Administration, a Data Protection Officer (DPO) has been appointed.
  • If you have a complaint or a question about how your personal data is processed in the R.C. Membership Administration, please contact the DPO. You can submit your questions digitally via the contact form at: rkkerk.nl/avg.