I. Data Protection (UK GDPR)
Q9.1 Do churches need to comply with UK GDPR?
A. Yes. Since May 2018 (retained after Brexit), churches must lawfully collect, store, and process personal data such as names, emails, addresses, and more.
Churches must:
- Have a GDPR policy
- Clearly communicate data use
- Collect only necessary data
- Keep data secure
- Allow people to access and correct their data
Resources: