GDPR

1. Who is responsible for handling your data?
The Episcopal office in Copenhagen, Bishop Alsted and administrative assistant Kirsten Hastrup are responsible for handling personal data in accordance with the GDPR. We do not use external data processors.
2. Which personal data do we handle, and what is the purpose of keeping records? 
We keep records and process personal information about employees, board and committee members and official representatives of the UMC Nordic & Baltic Area such as name, address, email and telephone. We also keep record of emails with these persons for general communication purpose.
Furthermore, we keep records of bank details for representatives who are entitled to travel reimbursements.
We occasionally post photographs or video taken at church events on our website (umc-ne.org and facebook nbarea). No personal information is published or shared with third parties without consent.
3. Consent
Employees and elected representatives on boards and agencies have given their consent to publish their names, email and phone numbers. We do not publish recognizable photos of persons without their consent.
4. How is personal data stored? /Security and Retention
All digital files and emails are stored on our computer drivers and on the Itadel Hosting back-up server. All files are protected by passwords. Paper-based records of employees are kept in a safe or in a locked cabinet when not in use.
5. How long do we keep records?
When board and committee members are replaced, all personal records are deleted
We keep emails until they are no longer relevant for general communication purpose. Emails are reviewed once a year in August.
Information about employees and annual performance reviews are deleted immediately after resignation.
6.  Access to your personal data/Subject Access Request
You have the right to verify that our use of your data is lawful, and that the data we hold is accurate. If you would like to access the data we process about you, please write to us at office@umc-ne.org.