Search:

Regarding privacy law

This information is not offered or intended as legal advice. Seek the advice of a qualified legal professional to help you with specific questions you may have about how data protection laws impact your church services, lectures, and other activities sponsored by your Branch. The Mother Church is not equipped to give specific advice on your compliance situation, but we trust this information will lead you to helpful resources. 

Last updated April 19, 2023

Branches of The First Church of Christ, Scientist are encouraged to be mindful when collecting, processing, storing, or using personal data belonging to attendees at services, lectures, and other activities, whether gathered in-person or online. Keep in mind that online and hybrid services, lectures, and other activities may attract attendees from countries other than your own. 

There are two areas of law that may apply to your handling of personal data. You may be required to disclose to attendees how you will store, secure, and use their personal data, at the time such data is collected. You may also need to obtain clear, written consent from attendees before you send promotional messages to email addresses that were gathered at a service, lecture, or other activity.

Privacy and data protection laws are rapidly changing in many countries around the world, including in individual states within the U.S. Many laws extend beyond borders to protect citizens who share information with an entity in another country or state.

Personal data regulated by law in some countries and states may include, among other things, name, email, mailing address, other contact information, birthdate, government identification numbers, physical attributes that are specific to an individual person, and religious affiliation. Personal data may broadly include any piece of information that, alone or when combined with other data, is able to identify a “natural” person (as opposed to a legal entity).  

You may want to institute a system for collecting personal data from individuals, which ensures they understand how you will use their data and clearly gives you express permission to use their data in that

In addition, you may want to check your national and local data protection laws, as well as the laws in other jurisdictions if you are collecting data from individuals outside your jurisdiction. 

Here are some suggested practices for collecting and using people’s data that may help you comply with many of the changing standards and laws around the world: 

  • Decide how you will collect, process, store, and use personal data and record your policies in writing.

  • At the time you collect personal data, be clear with individuals about how you will use their data and keep a record of what you have told them.

  • Consistently follow what you have told people you will do with their data.

  • The most respectful way to collect data is to ask an individual for express permission to contact them for specific reasons.  

  • Only collect the data you need to accomplish the stated purpose.

  • Only keep data as long as it is needed for the stated purpose.

  • Ensure information is securely and responsibly stored and transmitted, both digitally and physically.

  • Be prepared to quickly respond to individual requests to be removed from mailing lists or databases.

  • Ensure the personal data you collect, process, store, and use is accurate.

  • Collect, process, store, and use data lawfully and in a way that is transparent and fair to individuals.

  • If you are sending promotional messages to email or address lists, you may need to obtain express opt-in consent from the people on your lists and keep records of consent as proof.

Here are some resources that may help you understand data protection laws, including laws that govern commercial email messages or marketing messages. Look for resources like these in your country: 

General data protection

Sending commercial email messages