Even an initial site for your supporters might be set up to collect information. Most church websites offer some or all of the following data collection forms:
- Email newsletter signup
- Contact us
- Online donation
If someone signs up for your newsletter, do you make it plain what you’re going to do with their email address? Do you set a cookie on their browser (even ethically) so that they’ll see your online ad before a big event you’ll promote?
I’m a little torn on this – on the one hand it sounds a little over-the-top for small, startup, volunteer organizations to go to this kind of trouble. My first reaction was, “For real?!?”
Which is maybe a little contradictory because personally I’m pretty security and privacy cautious. I’m not prone to hand out my own info willy-nilly. And there are even mobile apps I won’t use because they grant themselves way too much access to every bit of sensitive info on my phone.
But let’s take it a step further – do you encourage everyone to fill out a connection card (paper or electronic) and then get that information into a church database? Would guests be creeped out to know you even have a church database that isn’t disclosed anywhere?
Resources for Creating Your Own
- FreePrivacyPolicy.com which I used to create mine
- Better Business Bureau
On May 25, businesses and organizations around the world that collect personal data of individuals that live in the EU must comply with the new General Data Protection Regulation (GDPR). I poked around the EU website source material and came to my own conclusion:
If a US church’s:
- email list
- church database
- online campus
…contains any personal data of an EU citizen who lives in an EU state, the US church should comply with the GDPR requirements.