Conflicts between GDPR and Church Rules

There may be times when church doctrine seems to contradict the requirements of GDPR. This is not the first time UK or European law may have been at odds with internal church rules. Most of these contradictions will be eased by other aspects of the legslation.

For example, the Right to Erasure does not mean that an individual can ask for details of their previous marriage or baptism to be erased from the Parish Register. These details form part of the historical archives of the church, and so there is a legitimate reason to keep them. However, the Right to Object means that the individual could ask the church not to publicly display those parts of the Register which contain their personal information.

Another example could be that someone reveals details of another individual’s life during a counselling session with their pastor. The pastor makes notes. The named individual could not ask to be shown these notes under the Right to Access, due to the pastor's obligation to maintain the first person's privacy.

The GDPR does state in Chapter IX that member states can apply derogations for, amongst other things, churches. However, the Data Protection Bill (2017) currently moving through Parliament makes no mention of this. Our conversations with the ICO have led us to believe that if there is no provision in that bill, then none should be expected. However, the Bill is not finalised until it becomes an Act (currently expected on 25th May, the same day as GDPR).

For more information, see Article 23 and Chapter IX of the GDPR, or the ICO’s explanation on the website.
 




Terms and Conditions | Our Privacy Policy | Disclaimer