****This information is not offered or intended as legal advice. Seek the advice of a qualified legal professional to help you with specific questions you may have about how data protection laws impact your lecture activities. The Mother Church is not equipped to give specific advice on your compliance situation, but we trust this information will lead you to helpful resources.****
Lecturers and hosting branches are encouraged to be mindful when collecting, processing, storing, or using personal data belonging to lecture attendees, whether gathered from in-person or online lecture events. Keep in mind that online lectures may attract attendees from countries other than your own.
There are two areas of law that may apply to your handling of personal data. You may be required to disclose to lecture attendees how you will store, secure, and use their personal data, at the time such data is collected. You may also need to obtain clear, written consent from attendees before you send promotional messages to email addresses that were gathered at a lecture event.
Privacy and data protection laws are rapidly changing in many countries around the world, including in individual states within the U.S. Many laws extend beyond borders to protect citizens who share information with an entity in another country or state.
Personal data regulated by law in some countries and states may include, among other things, name, email, mailing address, other contact information, birthdate, government identification numbers, physical attributes that are specific to an individual person, and religious affiliation. Personal data may broadly include any piece of information that, when combined with other data, is able to identify a “natural” person (versus a legal entity).
You may want to institute a system for collecting personal data from individuals, which ensures they understand how you will use their data and clearly gives you express permission to use their data in that way.
In addition, you may want to check your national and local data protection laws, as well as the laws in other jurisdictions if you are collecting data from individuals outside your jurisdiction.
Here are some suggested practices for collecting and using people's data that may help you comply with many of the changing standards and laws around the world:
Decide how you will collect, process, store, and use personal data and record your policies in writing.
At the time you collect personal data, be clear with individuals about how you will use their data and keep a record of what you have told them.
Consistently follow what you have told people you will do with their data.
The most respectful way to collect data is to ask an individual for express permission to contact them for specific reasons.
Only collect the data you need to accomplish the stated purpose.
Only keep data as long as it is needed for the stated purpose.
Ensure information is securely and responsibly stored and transmitted, both digitally and physically.
Be prepared to quickly respond to individual requests to be removed from mailing lists or databases.
Ensure the personal data you collect, process, store, and use is accurate.
Collect, process, store, and use data lawfully and in a way that is transparent and fair to individuals.
If you are sending promotional messages to email or address lists, you may need to obtain express opt-in consent from the people on your lists and keep copies as proof.
Here are some resources that may help you understand data protection laws, including laws that govern commercial email messages or marketing messages. Look for resources like these in your country:
General data protection
United States: There is no comprehensive federal privacy protection regulation, but:
The Federal Trade Commission enforces more than a dozen rules designed to protect the privacy and security of consumers’ personal information https://www.ftc.gov/news-events/blogs/business-blog/2021/05/updating-you-ftc-privacy-data-security-initiatives.
Also, a number of US states have enacted their own, such as: California Consumer Privacy Act (CCPA) https://oag.ca.gov/privacy/ccpa.
United Kingdom: https://ico.org.uk/
European Commission: https://ec.europa.eu/info/law/law-topic/data-protection_en
Sending commercial email messages