Privacy Notice & Cookies | Fareham Foodbank

Home
>
Privacy Notice & Cookies

For all General Data Protection Regulation (GDPR) purposes the Data Controller is Waypoint Church. The church is registered with the Information Commissioner’s Office (ICO) and our ICO registration number is ZA413556.

Who we collect personal information about:

For GDPR purposes, people we collect data about are called ‘Data subjects’.
Data subjects that we are likely to hold personal data about include:
a. church members;
b. regular attenders;
c. attendees of Waypoint Church groups, activities, events;
d. the people we care for and support, including Waypoint Hub guests;
e. our employees (and former employees);
f. consultants/individuals who are our contractors or employees or volunteers working for them;
g. volunteers;
h. tenants;
i. Trustees;
j. complainants;
k. supporters;
l. enquirers;
m. friends and family;
n. advisers and representatives of other organisations.

Why we collect personal information:

We process personal data in order to:

a. maintain and inform our lists of church members, regular attenders and others connected with our church, including The Hub;
b. provide pastoral support for church members, regular attenders and others connected with our church, including The Hub;
c. provide services to the community;
d. safeguard children, young people and adults at risk;
e. recruit, support and manage volunteers;
f. maintain our financial accounts and records;

g. maintain the security of property and premises;
h. adhere to legal requirements for weddings;
i. adhere to legal requirements for funerals;
j. manage rental of rooms on our premises;
k. organise mission trips;
l. provide a Foodbank service (exists under The Waypoint Hub)
m. provide marriage support;
n. promote our services;
o. fulfil statutory requirements.

In some cases we may process and hold special, or sensitive, personal data to:

a. document ethnicity, gender; religion, political opinions, sexual life;
b. accommodate dietary requirements;
c. accommodate health, medical and disability needs;
d. accommodate special educational needs.
We will not hold information relating to criminal proceedings or offences, or allegations of offences, unless there is an overarching safeguarding requirement to process data for the protection of children, young people and adults who may be put at risk in our church. This particular aspect of our data processing will only ever be carried out by the Waypoint Church Designated Person/s for Safeguarding.

Why we are allowed to collect this information:

Data Protection legislation allows Waypoint Church to collect and process this information as the church has a legal basis to do so. The legal bases that apply are: legal obligation, legitimate interest, vital interest and consent. Consent can be withdrawn at any time and if withdrawn, the processing will stop unless there is a statutory requirement to retain the consent.

In plain English:

Legal Obligation means: “Data processing is necessary for us to comply with a legal obligation to which Waypoint Church is subject.”

Legitimate Interest means: “We can use someone’s data if we have a genuine, reasonable purpose, we need the data to achieve it and it doesn’t unfairly impact the person”.

Vital Interest means: “Someone’s life is at risk, there is a serious risk to their safety and they cannot give their consent”

Consent means: “a freely given, specific, informed and unambiguous indication that a person agrees to the processing of their personal data.” Importantly if a person withdraws their consent to their personal data being processed then that processing will be stopped immediately.

The types of organisations we may share personal information with:
Waypoint Church is allowed to share personal data with another organisation only when:
• There is a lawful basis such as legal obligation, legitimate interest or consent.
• The sharing is necessary for a defined purpose.
• The individual would reasonably expect the sharing (unless safeguarding or vital interests apply).
• The receiving organisation is trusted and compliant with data protection law
In some cases we are legally obliged to share personal data and do not need the data subject’s consent (eg: DBS checks, local authority Safeguarding team, Police).
In other cases consent is required (eg: Insurance companies, professional advisors, community charities, emergency services).
Only authorised and properly instructed Designated Data Protection Persons are allowed to share personal data. We will keep records of information shared with a third party, which will include recording any exemptions which have been applied, and why they have been applied. Legal advice will be sought as required.

How long do we keep personal data for, and why

We will not keep personal data longer than is necessary for the purposes that it was collected. We will comply with official guidance issued to charities and churches about retention periods for specific records. In most cases records will be kept for seven years after the last contact with the Data Subject although, if there have been safeguarding concerns, then they will be retained for 75 years. The full Waypoint Church Data Retention schedule is included in the Church GDPR Policy.

For further information, please read our GDPR Statement of Intent.

Use of Cookies

Cookies are pieces of information that a website transfers to your hard drive to store and sometimes track information about your activity on a website. Most web browsers automatically accept cookies, but if you prefer, you can change your browser to prevent that. However, you may not be able to take full advantage of a website if you do so. First party cookies are specific to the server that created them and cannot be accessed by other servers, which means they cannot be used to track your movements around the web. Third party cookies are added by scripts added to the website, examples include Facebook, Twitter and YouTube. Although they do identify a user’s computer, cookies do not personally identify customers or passwords. Credit card information is not stored in cookies.

Cookies We Use and Why

Necessary
CookieConsent: Stores the user’s cookie consent state for the current domain

Statistics
_dc_gtm_UA-#: Used by Google Tag Manager to control the loading of a Google Analytics[2] script tag.

_ga: Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

_gat: Used by Google Analytics to throttle request rate

_gid: Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

Marketing
ads/ga-audiences: Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behaviour across websites.

Collect: Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.

PREF: Registers a unique ID that is used by Google to keep statistics of how the visitor uses YouTube videos across different websites.

VISITOR_INFO1_LIVE: Tries to estimate the users’ bandwidth on pages with integrated YouTube videos

YSC: Registers a unique ID to keep statistics of what videos from YouTube the user has seen.

How do I change my cookie settings?

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org

Our website contains links to the sites of third parties. When you visit these sites, we suggest that you read their privacy policies. [Insert foodbank name here] is not responsible for the privacy policies or the content of such sites.

To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout

Social Media

Fareham Foodbank also maintains a presence on social media channels including Facebook & Twitter.

If you share content from one of Fareham Foodbank social media websites, a cookie may be used by the service you have chosen to use to share that content. Fareham Foodbank does not control these cookies. You should check the relevant third party main website for more information.

Data Subjects’ Rights and How to Complain

A Data Subject has the right to ask to see any information we hold about them by submitting a ‘Subject Access Request’ to either the Hub Coordinator or the Waypoint Church Data Protection Trustee. They also have the right to object to how we use their information and ask for information which they believe to be incorrect to be rectified. If a Data Subject feels that we should no longer be using their data or that we are illegally using it, they can request that we erase the data we hold. When we receive that request we will confirm whether the data has been deleted or the reason why it cannot be deleted (for example because we need it for our legitimate interests, statutory requirements or regulatory purpose(s)).

Any Data Subject has the right to complain to the Information Commissioner’s Office.

April 2026