The International Evangelical church in Finland (IEC) is obliged by the Articles of the Association to keep a record of its members in the form of a membership database. In addition, IEC collects personal information (‘Personal Data’) from its members and non-members ('Involved People'), including from its website.
The IEC respects the privacy of its involved people and the community at large. IEC has and will continue to implement technical, administrative and physical measures to safeguard personal information that it collects. To comply with the regulations of General Data Protection Regulation of the European Union (GDPR), IEC has made a number of changes to how it collects, holds and uses personal data.
In light of IEC’s commitment to respecting your privacy and protecting your personal data, IEC would like to inform its members and others who have or may provide personal data of the following principles and actions IEC has and will put in practice to protect personal data.
10. Data Retention
What Types of Personal Data Does IEC Hold, Use or Otherwise Process?
In order to know and serve its members better, IEC stores data on members relating to the following categories.
A) Your Background:
Contact details (e.g phone number, email address)
Date of brith
Family connections (e.g names and ages of children)
Country of origin
Previous church affiliation
B) Data related to Church involvement.
Which IEC service do members attend
Membership information (ie. are you non-attending, member living abroad, newcomer, membership candidate)
Baptism details, if baptised in IEC
Current IEC community group you participate in, or an indication that you want to participate in a community group.
IEC roles you have participated in (e.g staff, administrator database, Missionary, treasurer, council, HR, Local leadership team.
C) Data relating to your Ministry activity
Which ministries your are involved in, or are you on a 3,6 or 12 months break from a ministry.
D) Key dates or events you participate in
We record if you have participated in IEC events, via your registration form to the events, they get recorded in the "Key dates" section of your contact card only visible to you and the administrators.
E) Spiritual Gifts
H) Digital media eg. photos, videos, sermons, & talks.
Why Does IEC Collect, Hold and Use Your Personal Data?
IEC collects personal data for specified, explicit and legitimate purposes. IEC collects data from members for the sole purpose of serving them better and helping them grow in your faith.
Your Background: - we collect this data to know you, and it is required by the association law in Finland. For families with children, we also keep a record of your children with their ages to know how many of them would potentially go to which Sunday school age bracket. Once your child turns 18, he / she should consent to their information being held in the database & he/she could apply for membership during which their information would be transferred to the active membership directory.
Data pertaining to your Church service: - we collect this data to know to which of the communities you most of the time attend, regardless of your address. Our purpose is to know if we can assist or help you find a live giving community, suggest discipleship programs, or offer relevant training and courses depending on your life stage. (for example - parenting, marriage, community groups etc.)
Data pertaining to your Ministry activity: - If you are currently serving in a ministry we keep data on which of it is, and which ministries you have been involved in previously. The purpose is to be able to connect you in a serving rota, or to be aware if you are taking a break for 3, 6 or 12 months. We aim to have regular training pertaining to different ministries and need your contact details as well as spiritual gifts and strengths in our database to offer relevant courses for you.
Spiritual gifts, strengths and skills: - We want that all our members would be aware of what their gifts, strengths and skills are in order for you to grow in your faith and for you to be involved in activities that add value to other’s lives and add value to your own. The information in this section is gathered by you sharing that information with us, (the administrators). We keep this information in your membership card on the database and it is only visible by the administrators. Data processors would use this information to contact you or to organise & arrange ministries.
IEC may also collect personal data from Involved People for the following purposes:
A) Conduct basic operations of an association, such up keeping of the members register and communication with members
B) Provide information, item or service a Involved People has requested from IEC;
C) Communicate with Involved People about services and events relating to IEC;
D) Improve IEC’s events, services and websites;
E) Verify the identity of Involved People to ensure security for one of the other purposes listed here;
F) Respond to a legitimate legal request from law enforcement authorities or other government regulators;
G) Investigate suspected or actual illegal activity; or
H) Conduct investigations to ensure compliance with legal obligations.
Who Has Access to Your Data?
IEC limits access to personal data of Involved People to those in IEC who need such data for the purposes outlined in this document. We have three categories A) Administrators, access to all data & edit rights, B) Data processor - access to some data with limited editing rights, limited to their ministry responsibility. C) Data integrity controller - limited administrator rights acts under guidance of the Administrator(s).
IEC will not sell or otherwise share your personal information outside IEC, subject to these limited exceptions:
A) Service providers IEC has retained to perform services on its behalf, with IEC ensuring via contract that the service provider must only use the information as necessary to perform services on IEC’s behalf or to comply with legal requirements;
B) Comply with legal obligations (e.g in response to a legitimate legal request from law enforcement authorities or a court).
IEC will not publish in any public form, any photo or video of an individual without their specific consent, or in the case of children, without the consent of the child’s legal guardian. Should an event (e.g. church service) be live streamed, those participating in the event will be informed at the beginning of the event by a sign displayed at the entrance informing of the live stream recording. An area will be available that is outside the visibility of the live stream recording. Public form does not include closed groups, e.g. Whatsapp or similar apps, where photos/videos may be shared between the members of that group.
IEC maintains as limited personal data on children as possible. The data is limited to the child’s name, gender, date of birth, baptism details including godparents, event involvement, and financial data as required by law pertaining to events, and a link to the child’s parent/s. At times during event sign-up, more details may be given to facilitate event practicalities and safety, e.g. food allergies or other health data. This will be retained for the duration of the event period and will be removed in accordance with the IEC data retention policy.
How Can You Access or Delete the Personal Data that IEC Holds About You?
Most of the personal information about members that IEC has in its databases can be accessed by members via the church app ("churchsuite" - username & password required). Membership information, as well as information of those resigning from membership, will be made available in a machine readable form to members upon their request from IEC. Information of those who have resigned from IEC will within the shortest reasonable time after the person has resigned, be removed from IEC’s databases permanently.Furthermore, Involved People have the right to obtain from IEC confirmation as to whether or not your personal data concerning them being processed, where and for what purpose. Furthermore, if asked IEC will provide you a copy of the personal data, free of charge, in an electronic format.
People also have the ‘right to be forgotten’. This means you have the right to have IEC delete your personal data, to stop further spreading of your personal data, and potentially have third parties stop processing of your data. The conditions for deleting your personal data include the data no longer being relevant to original purposes for processing, or if you withdraw your consent. If you want to exercise your right to obtain or delete your personal information, please send an email to firstname.lastname@example.org
You can also call (050 569 5936) Mondays & Thursdays between (9:00 - 11:30 & 13:00 - 16:00).
Does IEC Use Web Cookies or Other Tracking Technologies on its Website?
What Other Principles Does IEC Follow While Protecting Your Personal Data?
A) Information collected by IEC is relevant and limited to what is necessary.
B) IEC holds and processes only the personal data absolutely necessary for the completion of its duties.
C) We ask members and those regularly attending do use the ChurchSuite application and keep their information up-to-date.
D) IEC will not store information any time longer than required by law, and only as long as it is required for the purposes as detailed in this document.
E) IEC aims to update the membership directory on an ongoing basis, and encourages its members and those who received an invitation to the “My Churchsuite" application to update their information regularly. IEC believes data informs decisions, data doesn't determine decisions. A member who lives abroad still have active communication with us and actively update their membership details would be kept in the membership database until the member decides otherwise.
What Happens if there is a Breach Involving Your Personal Data?
If a breach of your personal data is likely to ‘result in a risk for the rights and freedoms of individuals’, IEC will inform the appropriate government authorities within 72 hours of first being aware of the breach. IEC will also advise the Involved People whose data was breached without undue delay after becoming aware of the breach. If you suspect or know that your personal data that is held by IEC has been breached, please send an email to email@example.com
How Does IEC Ensure the Security of Your Personal Data?
Your personal data is valuable to you and to us and must be protected against unauthorised access. Personal data is protected using organisational and technical measures. The council of the IEC chose a software system with very tight security protocol. You can read about it here: https://churchsuite.com/tour/security
IEC will ensure that it communicate to administrators of its membership database to periodically change their passwords, not to save their passwords in their browser. Statistical data will never reveal personal information.
IEC keeps records for the duration required by Finnish law in respect of financial details, gifts, bequeaths, support, etc. All other data containing personal information is destroyed after a period of three years, unless a request for data removal is requested earlier by an individual.
Withdrawing Your Consent for IEC to Collect, Hold and Use Personal Data About You
At any time, you are entitled to request access to, and make corrections to, your personal data we have collected via the IEC website. If you no longer wish for IEC to process your personal data in accordance with your application to become a member, you can contact IEC and request that IEC remove your personal data from its databases.
You can opt-out from receiving information from IEC that you previously requested or agreed to receive. If you want to withdraw your consent, please send an email to firstname.lastname@example.org
Questions about this IEC’s policy on privacy and data security
If you have questions, comments, or concerns regarding this privacy notice, please please send an email to email@example.com, or write a written letter to:
International Evangelical Church in Finland r.y.