Privacy Statement

Data Privacy Policy / Notice

Effective Date: December 1st, 2023

About This Privacy Policy

The Kingston Church of Christ (“KCOC”, "we," "us," "our," or "church") takes your privacy and your trust in us very seriously. This Privacy Policy (“Policy”) provides you with information about how we collect, use and disclose your personal information. The Policy identifies the types of personal data we collect, how we collect it, and how we use it in accordance with the Jamaica Data Protection Act, 2023. 


This Privacy Policy applies when you visit or use our websites, physical and digital forms or applications, or other services that we provide for your benefit, including events and benevolent outreach programmes that refer or link to this Policy (each, a “Service”). 


The Policy explains how we limit our access to, and use of, your personal data to ensure that we only do so in keeping with the purposes for which you give us your consent.


This Policy may be supplemented by additional privacy statements, terms or notices that would be provided to you regarding any of the Services that we own and administer and to which you subscribe.


We encourage you (as a member or non-member) to read this Policy carefully to understand how we handle your personal data.


Information We Collect

At KCOC, we may collect the following categories of your personal data:

  • Contact Information: This may include your name, home and/or work addresses, email address, phone number, and other contact details.
  • Consent Information: This would include a record of the Services to which you subscribe and the purposes for which you would have given us permission to use your data.
  • Demographic Information: We may collect information about your age, gender, marital status, and other demographic details to help us to identify and minister to your needs and possible interests.
  • Dependent Information: This may include the names, gender and ages of your children or other dependents under your care or supervision for similar reasons mentioned immediately above.
  • Spiritual Information: We may collect information related to your spiritual interests, religious beliefs and involvement with the church, including your baptism, restoration, reinstatement dates, volunteer activities, attendance to events, and other involvement with the church.
  • Financial Transaction Information: If you make donations or contributions, we may collect financial transaction information, such as payment details.


How We Collect Data

We may collect your personal data in the following ways or channels:

  • Directly from You: We may collect information directly from you when you provide it to us through in-person interactions or physical or digital forms, surveys or online applications.
  • From Third Parties: In some cases, we may receive information from authorized third party data processors, such as event organizers, affiliated organizations or via online technology solution providers with whom agreements would have been established to ensure their activities are compliant with this privacy policy.

The Services we provide in publicly accessible locations may present opportunities for you to post and/or share your personal information, comments, materials and other content. Please be careful when disclosing your personal information in these public settings to ensure that you are using our official data collection channels - if in doubt, please do not hesitate to verify our data collection channels directly with us via our Contact Information that is provided below in this Privacy Policy.


How We Use Your Data

We may use your data for the following purposes:

  • Membership Administration: To manage your church membership and related activities.
  • Communication: To send you privacy statements, terms or notice updates, newsletters, event schedules, invitations, and other relevant information in accordance with your preferred services, channels and consent.
  • Donations and Contributions: To process donations and contributions made to the church.
  • Spiritual Services: To provide spiritual guidance and support, and to be able to identify, plan and implement new or improved services to meet your needs. This may include us contacting you in accordance with your preferred services, channels and consent.
  • Outreach Programmes: To identify unmet or under-met physical, spiritual and financial needs of church members or non-members, ensuring that those in need are included among the beneficiaries of our various outreach programmes. This includes providing assistance, support, and resources to individuals facing various challenges.
  • Legal Obligations: To comply with legal and regulatory requirements.


Storage of Physical Data Records

We maintain physical data records in secure facilities to protect them from unauthorized access, damage, or loss. Below is a list of facilities where physical data records may be stored:

  • Church Office: We maintain a secure office space within our church premises where physical data records related to church activities and membership are stored.
  • Designated Archives: Certain historical or archival records may be stored in designated archival facilities, ensuring their long-term preservation and protection.
  • Offsite Storage: To further safeguard important records, we may utilize secure offsite storage facilities equipped with appropriate security measures.

We have implemented access controls and security measures at these locations to restrict access to authorized personnel only. All individuals handling physical data records are trained on data protection and confidentiality.


Storage of Digital Data Records

KCOC recognizes the importance of secure storage and management of digital data records to protect your privacy and the confidentiality of your data. We utilize modern technology and best practices to ensure the safety and integrity of digital data. Below is an overview of the facilities and measures used to store digital data records:

  • Secure Servers: We maintain secure and regularly updated servers to store digital data records, including membership information, financial data, and communication records.
  • Cloud Storage: In some cases, we may use trusted cloud storage providers to securely store digital data records. These providers are chosen for their commitment to data security and compliance with relevant data protection regulations.
  • Access Controls: Access to digital data records is restricted to authorized personnel only. We employ access controls and user authentication mechanisms to ensure that data can only be accessed by individuals with proper authorization.
  • Data Encryption: We implement encryption protocols to safeguard the confidentiality and integrity of digital data records both in transit and at rest.
  • Regular Backups: We perform regular backups of digital data records to protect against data loss due to unforeseen events, ensuring data can be restored in the event of a data breach or system failure.
  • Security Audits: Our digital data storage facilities undergo periodic security audits to identify and address vulnerabilities and maintain a high level of data security.
  • Data Retention Policies: We have established data retention policies to govern the storage and disposal of digital data records, ensuring data is kept only for as long as necessary and in compliance with applicable laws.

If you have any questions or concerns regarding the storage of physical or digital data records or data security practices, please do not hesitate to contact us using the information provided in this Policy.


Data Processor Agent Roles and Access

At KCOC, we have designated specific roles within our church community to handle and process your data securely. These roles are essential for various church functions and operations. Access to your data is granted to church-appointed agents on a “need-to-know” basis, and such access is limited to only what is essential for them to fulfill the responsibilities of their designated roles.


All church-appointed agents who serve in data processor roles are duly appointed members in good standing, who have proven themselves to be trustworthy and reliable. Additionally, a Data Processor Privacy Agreement has been established with each data processor role agent as a demonstration of their understanding and commitment to protecting the privacy rights and confidentiality of all members and visitors to our church.


Below are the identified Data Processor roles and their responsibilities regarding access to your data:

  • Elders: Elders may access your data as part of their pastoral and leadership responsibilities. They use this information to provide spiritual guidance, make informed decisions, and offer support to members. Elders are bound by strict confidentiality obligations.
  • Deacons: Deacons may access member demographic data to assist with planning, management and execution of charitable and benevolent efforts and initiatives within the church, such as providing support for, and meeting other specific needs of, our members. They are dedicated to maintaining the privacy and dignity of those they serve.
  • Small/Family Group Leaders: Small/Family group leaders may be granted access to the data of the members of their designated small/family groups to be able to effectively serve and foster their spiritual growth and community building. They handle member information with care and respect for individual privacy.
  • Church IT Administrators: IT administrators are responsible for maintaining the security and functionality of digital data storage facilities. While they may have access to digital data records, their access is strictly controlled, and they are bound by confidentiality obligations.
  • Special Purpose Member Groups: Subject only to your consent/authorization, your contact details may be shared with specific members to contact you to meet your spiritual needs which may include prayer, bible studies and other services provided by the church.
  • Third Party Channels: Subject only to your consent/authorization, your information may be collected via designated third parties such as event organizers, affiliated organizations or via online technology solution providers with whom agreements would have been established to ensure their activities are compliant with this privacy policy.


All individuals in these Data Processor roles are required to undergo training on data protection, confidentiality, and ethical handling of your data. They are also aware of their legal obligations under the Jamaica Data Protection Act.


We have implemented access controls and monitoring mechanisms to ensure that your data is accessed only by individuals with specific roles and permissions, in a manner consistent with our Privacy Policy and applicable data protection regulations.


If you have any specific questions or require further information regarding the access and responsibilities of Data Processor roles within our church, please do not hesitate to contact us using the information provided in this Policy.


Your Rights

You have the following rights regarding your personal data:

  • Access: You can request access to your personal data held by us.
  • Rectification: You can request corrections to inaccurate or incomplete data.
  • Erasure: You can request the deletion of your personal data under certain circumstances.
  • Restriction: You can request restrictions on the processing of your data.
  • Data Portability: You can request a copy of your data in a structured, machine-readable format.
  • Consent: You have the right to withdraw your consent at any time. If you have provided consent for the processing of your personal data, you can request the withdrawal of that consent.

How We Respond to Breaches

At the Kingston Church of Christ (KCOC), we take data security and privacy seriously. In the event of a data breach, we follow a comprehensive response plan to address and mitigate the impact of the breach. Our response consists of four key steps:


  1. Contain: Our first priority is to contain the breach to prevent further unauthorized access or exposure of personal data. This involves identifying and isolating the affected systems or areas where the breach occurred.
  2. Assess: Once the breach is contained, we conduct a thorough assessment to determine the extent of the breach, the types of data affected, and the potential risks to individuals. This assessment helps us understand the nature and scope of the breach.
  3. Notify: If the breach poses a risk to the rights and freedoms of individuals, we will notify the relevant authorities, including the Office of the Information Commissioner and affected individuals, as required by law. Our notification will include details of the breach, the potential consequences, and recommended actions for affected individuals to protect themselves.
  4. Review: After the breach has been addressed, we conduct a post-incident review to identify the root causes, vulnerabilities, and lessons learned. This review helps us improve our data security measures and prevent similar incidents in the future.


We are committed to transparency and accountability in our response to data breaches. Our goal is to minimize the impact on individuals and take proactive steps to prevent future breaches. In the unfortunate event of a breach, rest assured that we will take all necessary actions to protect your personal data and uphold our obligations under the Jamaica Data Protection Act.


Contact Information

If you have any questions or concerns regarding your data privacy, wish to exercise your rights, or need to contact us for any other reason, please reach out to us at:


Address: Suite 11, Oxford Place, 22g Old Hope Road, Kingston 5, Jamaica 

Telephone: +1 (876) 920-4220

Email: kcocinja@gmail.com

Website: https://www.kingstonchurchofchrist.org 


Back to top

Share by: