YWAM Bridges of Life Data Protection Policy

With Youth with a Mission (YWAM) foundational values such as Be Relationship Oriented, Value the Individual and Communicate with Integrity, protecting any data that we collect is essential! In order to keep to our values and existing data protection regulation, (while very wordy, so sorry about that,) below is what you can expect from us as YWAM Bridges of Life (which we are going to call YWAM Bridges for the rest of this article) in regards to the data protection…
 
If data protection is supposed to protect me, what is actually considered “personal data”?

We’re glad you asked! Personal data is defined as your name, any location data that you send us, your email address if it contains a name, identification numbers (such as your IP address), your racial or ethnic origin, political opinions, religious beliefs, sexual preference, biometric information (biological data that is specific enough to identify you), or health information. Anything basically that can identify that the data came from you, and specifically you. Please note however, that that photos and videos are not covered by GDPR unless attached to any of the above. We have a separate form to cover these.
 
Now as family at YWAM Bridges, much of this is completely irrelevant to us (we do not need to know the length of your eyelashes!) and so, unless you tell us specifically, or if you manage to make it into things like the (as of yet very empty) First Aid book (which has it’s own data protection regulations!), you can be sure that we won’t have a record of it!
 
Ok, so what data do you guys collect, and why?
Well, if you are a staff member, guest, have come to do a DTS or to volunteer in the various ministries here, you’ll see we ask a good number of questions during our application process. We do this in order to prepare for you guys, pray for you, make sure we don’t feed you anything that would hurt you, as well as to be intentional with areas you want to grow in. We also keep data in order to have legally regulated financial record keeping and to process any complaints that we receive with integrity, openness and honesty. Lastly, in
order to come and stay with us, by law, we have to have you join our association. This means that we have to keep your name and email address on record for as long as you are a part of our association. As an association
member, we want to keep in touch, and so might use your email and name to contact you concerning things that impact us as an association, or to say hello and ask how you are (unless you ask us not to, which is OK!).
 
Who gets to see the data?
Only relevant parties, say for instance you’re a DTS student, your staff will have access to relevant information. We do not distribute your information to any third parties outside of those mentioned below, and certainly not for marketing purposes… we enjoy spam email as much as you do. 

 
What if I want to change the data I already sent, or maybe want to have it deleted?
We love to keep up to date and stay in contact with the ones that we have the privilege of doing life with, but we force ourselves on no-one! So if you are updating your email address, or want to tell us you’ve been healed from something, sweet! Please do! If you don’t want us to keep your data, while it’s
sad for us to say “see you later,” we will ensure we delete all your personal data that we have from our systems, unless there is a really, really good reason (legal reasons) that we have for keeping it.
 
OK… But I want to see the data you have before I decide to do something.
Absolutely fine! Send us an email to media@ywambridges.com titled “Access to Information” letting us know what it is you would like, then, after an identity check, we will make sure you to inform you of what personal data we have. 
 
What are you doing to protect my data?
If we were glad you asked the first question, now we're ecstatic! In order to keep your data safe, all of our staff have had a data protection training and have chosen to agree to follow our YWAM Bridges Code of Conduct - Data Protection Guidelines. This means that if there’s a device on which your data is stored, it has password security surrounding it and up to date firewalls and anti-malware protecting it. What if I thought … “I think this is good, but you could do better”… While also a good way of keeping our tech team humble and dependant, you have the right to object to the way that we protect and use your data, or how we have done so in the past. Should this be the case, we will stop processing your information in that way if it calls us to a higher legal standard. If you’re not satisfied with that, again, we love people and we honour choice, so feel
free to drop that email titled “Access to Information” to media@ywambridges.com asking us to delete your information.
 
So I heard there was a thing about automated processing?
That’s right! And we are way too behind the times technologically to achieve processing of information and profiling in an automated fashion! Our Tech team would love an AI to play with, but are far too relationally orientated to use one to process your data… we’d much rather try to beat it at good data protection policy creation!
 
Phew… That’s a lot of information!

That is the truth! But hey, we value the individual, are relationally oriented and fight to communicate with integrity. However if you disagree, if you have a complaint or are concerned at all, please contact media@ywambridges.com with your concern, complaint or disagreement. Honestly, we’d rather walk through it with you and have a bit of confrontation that comes to resolution than treat a person that we believe is made in the image of God poorly; we are however fallen humans. Should our attempt to reach a resolution not be satisfactory to you, you can contact the Commission nationale de l'informatique et des libertés (the French data protection regulatory body): 
 

CNIL 
Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy
TSA 80715
75334 PARIS CEDEX 07
France
Tel: +33 (0)1.53.73.22.22
Fax: +33 (0)1.53.73.22.00
 

We’ve never had the pleasure of chatting with them, but we are confident that they will help as much as they can to achieve a resolution.
 
Wait, you mentioned earlier some third parties that personal information could be passed to…
We send information to the University of the Nations, which has its own data protection policies. We would send them your name if it is relevant for you getting a qualification, (i.e. graduating DTS) and your email so they can create a log in for you (specifically DTS and staff… it’s useful for staffing in the future or for secondary schools), nothing more! If there is anything else, we will ask you directly for your permission beforehand. 
Last but not least, we may pass on your information in order to obtain travel arrangements for you… however if you are uncomfortable with this, please just say! 
 
Facebook - The family here at YWAM Bridges uses a number of Facebook pages (our main page as well as pages for our different events etc, plus some of our group may use closed Facebook pages to communicate with team members).  Facebook Inc. has certified to the EU-US Privacy Shield Framework.  For more information see Facebook global privacy policy.
 
PayPal - We use this 3rd party to process some of our payments. Funnily enough, security and data protection is part of the backbone of their business which is registered in the EU. More information about their privacy policies can be found here: https://www.paypal.com/gr/webapps/mpp/ua/privacy-full.
Quickbooks – Is a financing software that we like to use. They are registered within the EU, and, like PayPal, are very careful with their security and data protection. More information and access to their privacy policies can be found here: QuickBooks and GDPR (intuit.com)

 
Our Website - That’s right, we have our own website, powered by Wix. We use their analytics services to monitor site activity (i.e. how many pages are visited per day) to help us improve the site. For more information about how Wix processes personal data, click right here!. You should also bare in mind that
there may be links to other websites on our site, and we have zero control over how they do their data protection.

Google – We use the Google suite and Google cloud packages on our base, who have their data protection policy accessible here: Data Protection Law Compliance - Business Data Responsibility (safety.google)
 

Slack – A useful program for us and our base communications; their data protection policy can be found here: Privacy Policy | Legal | Slack
 

Instagram – Is a relative of Facebook at the time of writing, and as such is subject to the same data protection regulation. There page describing it in detail can be found here: Data Policy | Instagram Help Centre
 
So, almost done… You may or may not notice, all the questions you’ve been asking have been quite on point with recent updates to data protection regulation… Pretty nifty huh? If you want more information, please contact us at media@ywambridges.com, or check out the websites here and here which hosts a whole wealth of information about data protection in the UK and the EU… trust us, it’s a treasure trove for this kind of thing.

Thanks!

​