Safeguarding Hubs are provided by Clearly Simpler to make safeguarding simpler.
A PCC can choose to use their Safeguarding Hub to help them fulfil their legal obligation to comply with the Church of England's safeguarding requirements,
A Safeguarding Hub contains personal information about church volunteers and employees. This includes:
- The church roles that a person undertakes
- The date that safeguarding training was completed
- The date and certificate number of DBS checks
- The steps that were undertaken when safely recruiting a new volunteer
Collecting, storing, and analysing this information is called data processing, and the Parochial Church Council (PCC) must ensure that it is carried out in accordance with the UK's General Data Protection Regulation (GDPR).
What is the lawful basis for processing personal data?
A PCC has a legal obligation to comply with the Church of England's safeguarding requirements.
Does a PCC need a Data Privacy Notice?
Yes.
Whether or not your PCC uses their Safeguarding Hub, it must display a Data Privacy Notice. This tells church members why and how their personal data is being processed - not just for the purpose of safeguarding, but for all church purposes.
If your PCC chooses to use thier Safeguarding Hub, this should also be mentioned in your Data Privacy Notice.
Does a PCC need a Data Processing Agreement?
Yes.
A PCC that choose to use their Safeguarding Hub is called the data controller, and Clearly Simpler is the data processor.
According the the GDPR, there must be a legally binding agreement between a data controller and a data processor.