THIS IS OUR PRIVACY POLICY

1. INTRODUCTION
We are Christian Revival Church (“CRC”, “we”, “us”), a religious organisation established by Pastors, Ps At and Ps Nyretta Boshoff, and we are passionate about building the church of Jesus Christ by winning the lost at any cost!

This privacy policy contains information on how we use, disclose, transfer, store or otherwise process your information in terms of laws that regulate our relationship. Please take the time to read this policy so that you fully understand the aim of our church and the rights that you have in relation to your personal information.

2. PURPOSE
CRC is a Christian church with Sunday services, held in our buildings and online, as well as homecell gatherings in the homes of our thousands of leaders across the country. Our aim is to see an ever-increasing number of people come into a relationship with Jesus Christ through personal salvation and thereafter, to care for people and their families throughout the journey of life. We are making disciples of Jesus Christ across the world.

We operate like a family, walking closely with each other to ensure our mandate is carried out and people are equipped for the work of the ministry in caring for and discipling our community. We will use your information to provide care through our staff and volunteers to ensure your spiritual welfare is looked after and in providing social relief to the community. Your information gives us context that allows us to cater better towards your individual needs so that we are effective in our caring for you.

All information provided to us is voluntary unless it is specifically required in terms of law, and we will only process your information as will be necessary in order for us to ensure we are effective in caring for you as a visitor, member, donor, contributor and/or volunteer of the church.

3. DATA PROTECTION
Any information about a living individual which allows them to be identified (“Personal Information”) relating to persons resident in South Africa acquired from or relating to such persons for any purpose will be dealt with in accordance with our policies and POPIA (the “Protection of Personal Information Act 4 of 2013”). We will adhere to the Principles of Data Protection as detailed POPIA. Your Personal Information will be:

• processed in a fair and lawful manner and only with your consent unless otherwise required in terms of law;
• collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
• adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
• complete, accurate, not misleading and, where necessary, kept up to date;
• kept secure against the risk of loss, unlawful access, interference, modification, unauthorized destruction and disclosure.

This policy keeps you aware of the purposes for which we collect your Personal Information, to which you provide your consent. This consent can be withdrawn at any time and you can request the correction and/or deletion from our records of your Personal Information.

Please note our church services and other media productions are broadcasted globally (live and recorded) on various platforms and we cannot guarantee the level of protection awarded to your Personal Information in other countries.

By providing your Personal Information to us, you provide us with your consent for us to contact you and to use, process and store your Personal Information according to this policy. If you disagree with any part of this policy, please do not provide Personal Information to us and do not use our products, services and websites.

4. DATA CONTROLLERS AND DATA PROCESSORS
We work together with our staff and volunteers to carry out our responsibilities as a church.

By providing personal data directly to us or through involvement at the church, or to staff or volunteers, you consent to this data being shared with our volunteers and third-party associations who may process such data on our behalf.

5. SCOPE OF THE POLICY
CRC takes your privacy very seriously and this Policy has been adopted as it recognises the right of people to keep their personal information private. By providing Personal Information, including via the use of our products, services and websites, you agree to allow us to contact you, including by mail, email, visitation, telephone, social media or SMS text message, in connection with our purposes:

• for our legitimate interests, in accordance with current data protection regulations; or
• on the basis of the consent you have given.

This consent extends to Personal Information of a child under the age of 18 years provided by a competent person such as a parent or guardian or where such competent person has consented to us receiving such information.

6. MODIFYING YOUR PREFERENCES
If at any point you would like to change your preferences and you do not wish to receive further communications from CRC or you wish to change the way you receive any communication, follow the procedure under Your Rights below.

7. HOW PERSONAL INFORMATION IS COLLECTED
Personal Information is collected each time you are in contact with our services, products, websites, staff and volunteers, for example, when you:

• visit our church, related facilities, outreaches or homecells;
• visit our websites (see the Cookies Policy);
• become a member;
• make a donation;
• request and/or receive counselling, prayer or advice;
• request and/or receive assistance from our social department CRC Cares;
• apply for a job or volunteer;
• provide your contact details, in writing or orally, to our staff or volunteers;
• purchase goods or services, through the website, or directly from a physical location and when you provide credit/debit card or banking details;
• register, attend or participate in Bible School, programs, trainings, workshops, ministries or conferences;
• participate in church activities and any of our media productions;
• request the officiating or conducting of weddings, funerals, baby dedications, baptisms or other events;
• contacting us personally or by other means such as email, text, letter, telephone or via social media;
• have face to face or online meetings with staff and volunteers;
• access and/or participating on our social media platforms such as Facebook, YouTube, WhatsApp, Twitter, Instagram;
• register with any of our online platforms.

You further consent to us using any of your Personal Information that has already been made public on any platform.

8. TYPES OF INFORMATION COLLECTED
8.1 Personal Information
The types of Personal Information collected by us include:

• personal details such as your title, name and date of birth;
• contact details such as postal address, post code, email, mobile and telephone numbers;
• when relevant to our mission, demographic information such as marital status, nationality, gender, ethnicity, education, employment/qualifications and family details;
• financial information such as donation history, bank reference details and means tests/needs analysis for social relief purposes;
• whether you are a tax payer in the place where the church is registered;
• spouse and family details when you jointly volunteer, register for events, and/or register your children for any reason at our church;
• registration information for children and youth such as parent/guardian contact details, allergies, special needs, school details, medical forms and reports of abuse;
• non-financial information such as identification documents and other documents required in terms of law (in the instance of registering marriages we may require photographs, decree of divorce, death certificate of previous spouse, letter from embassy if a non-South African citizen);
• for persons applying for jobs, employee and volunteer data such as qualifications, languages, experience and payslips;
• records of your contact with us;
• photographs, audio recordings or video footage provided by you or taken at our church services or media productions, homecells or events;
• visits to our online platforms to enable us to improve its effectiveness and better promote church services and events;
• IP addresses and locations when visiting our websites.

8.2 Sensitive/Special Category Personal Information
We may collect and store sensitive Personal Information such as:
• health information provided during pastoral meetings;
• health information to assist attendance at church services and events and as required in terms of law;
• religious information (for instance attendance at church, homecell and/or events/activities, personal faith decisions, baptism);
• religious affiliation;
• prayer requests which may contain various information of a sensitive nature.

9. HOW WE USE YOUR PERSONAL INFORMATION
We collect information about you for a variety of uses based on different reasons. For example, some of the information is disclosed in order to register for activities or events, sometimes we are required by law and regulations to collect and process information about you, and at other times we consider it is in our legitimate charitable interest to collect and process information.

Your Personal Information will be dealt with in accordance with POPIA. It is never sold, nor given away. It is only shared with others where you have given consent or where it is permitted legally. You also consent to us further processing your Personal Information when it is aligned to our purposes and when there is a threat to any person’s health or life.

Generally, uses of your Personal Information based on our legitimate charitable interests and on your consent may include:

• keeping you informed as to church services, homecell gatherings, activities, trainings, events, resources and conferences;
• to facilitate ceremonies such as marriages, funerals and baby dedications;
• to promote the interests of CRC, its Christian mission and its charitable objects;
• to manage job applicants, employees and volunteers;
• to fundraise and process donations and related statutory rights and obligations;
• to establish and maintain your involvement with us, events you have attended, what areas and activities of the church you have supported, record and acknowledge any donation, to provide the products or services you have requested;
• to create media productions which are broadcasted globally;
• to answer an inquiry or request for further information or complaint about us, our services, activities and events;
• to register you for trainings, events, conferences and provide the services requested;
• to carry out analysis and market research and improve our website and communications, for example by matching anonymised user’s data with social media sites such as Facebook to better understand people’s interests;
• to assist us to provide services and products more valuable to those involved;
• to improve our ability to assist the church and the wider community;
• to assist us with management and administrative purposes such as accounting, credit/debit card payments, anti-fraud measures, maintenance and development;
• for statistical purposes.

10. LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION
We will only process your Personal Information where we have a legal basis to do so. The legal basis will depend on the reason or reasons we collected and need to use your information. Under POPIA in almost all cases the legal basis will be:

• because it is in our legitimate interest as registered charitable organisations and Christian religious entities to use your Personal Information to operate and improve our service;
• to fulfil any contractual relationship we have with you in relation to provision of products or services, such as registration at events;
• because you have consented to us using your information for a particular purpose;
• because we need to use your Personal Information to comply with a legal obligation, such as protection and welfare of individuals;
• to protect the vital interests of you or another person, for example, in pastoral situations;
• to process sensitive/special category personal data that is relevant to us as a non-profit religious organisation;
• where you have given consent for us to contact you by email, phone, visitation, social media or SMS, to send you information and marketing communications.

11. DATA STORAGE AND WHO SEES YOUR INFORMATION
Information you provide orally, in writing or electronically, including through our websites, may be held physically on our premises and on computers and other electronic devices.

Information you provide in paper form, such as forms, consents, letters, applications, photographs or information recorded in meetings with staff or volunteers, may be transferred to secure virtual systems or stored in secure physical filing systems.

Subject to compliance with our data management policies and procedures, and in compliance with the above Data Protection Principles, information may be accessed, used and stored:

• on computers of staff and volunteers;
• in secured filing systems;
• by a limited number of staff or key volunteers under a duty of confidentiality and who act on our behalf/provide support services to us for the uses set out in this policy, or other purposes approved by you.

Third party service providers may process information, fulfil and deliver orders, process donations and credit card payments, and provide support services on our behalf. Where such details are shared, agreements in place restrict the use of your information to the purpose for which it is provided and ensure it is stored securely and in accordance with applicable data protection and privacy laws.

We do not sell or pass any of your Personal Information to any other organisation and/or individuals without your express consent, unless required by law.

12. FINANCIAL RECORDS AND CARD DETAILS
All credit/debit card donations made online or by phone, are made securely through third party service providers and payment gateways, which comply with South African laws. Card details are not recorded and stored on our systems nor do we pass any information to third parties, except where we are legally required to do so, to assist fraud reduction, or to provide a service requested and minimise credit risks.

13. HOW LONG WE RETAIN YOUR INFORMATION
We will only keep your Personal Information for as long as it is required and in accordance with POPIA and other legal requirements.

If you have indicated that you no longer wish to hear from us or want your Personal Information deleted, we will keep the minimum information necessary to ensure that no future contact is made and no repeated addition of your Personal Information is made without your consent.

However, even after you modify your preferences, we may retain copies of information about you for a period of time that is consistent with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation, or legal process.

14. COOKIES
We use various technologies to collect information when you access or use our websites, including placing a piece of data, commonly referred to as a “cookie” on your device. Cookies are small data files that are stored on your hard drive or in your device memory when you visit a website or view a message. By using our websites, you permit us to collect and use your information from activity on devices you use in accordance with this Privacy Policy.

15. YOUR RIGHTS
15.1 Personal Information
Where you have provided your consent to us processing your Personal Information, you may withdraw this consent at any time. In addition, the law gives you the right, under certain circumstances:
• to request in writing and securely obtain copies of the Personal Information we hold about you;
• to correct or update your Personal Information held by us;
• to request us to stop using your Personal Information for marketing purposes or for any other purpose where there is no legal requirement for continued processing;
• to object to profiling activities based on our legitimate interest;
• to request to have all Personal Information deleted. To exercise any of these rights please contact our offices with the details provided below.

Please tell us as soon as any of your contact details change so that records can be kept up to date. We will also actively contact you to update your records to ensure accuracy.

We will take reasonable steps to correct any of your information, which is inaccurate, incomplete or out of date.

If you wish to have your Personal Information deleted, please contact us and wherever practicable that information will be deleted.

A request to access, amend or delete your Personal Information may be refused in certain circumstances. If refused, you will be provided with a reason for the decision and, in the case of amendment, will note with your Personal Information that its accuracy is disputed.

15.2 Modifying Your Preferences
You will have the opportunity to decline to accept communications at any time and discontinue receiving such communication by:

• following the instructions to “unsubscribe” on any email received from CRC;
• emailing us with the contact details provided below.

15.3 Security
Reasonable steps will be taken to keep secure any Personal Information which is held. Personal information, held electronically, is stored in a secure server or secure files. The Internet is not a secure method of transmitting information. Accordingly, no responsibility is accepted for the security of information you send to or receive from us over the Internet or for any unauthorised access or use of that information. Where we have given you, or where you have chosen security codes (username, password, memorable word or PIN), which enable you to use any online service, you are responsible for keeping these security details confidential. Security measures are taken to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage.

15.4 Links and Social Media
CRC websites may also include links to other websites or may provide social media buttons, permitting sharing web content directly to a social media platform, such as Facebook, Twitter, WhatsApp and YouTube.

We do not endorse social media website(s) and have no responsibility for the content unless posted by or approved by us nor are we responsible for the cookies such websites may contain.

Use of such buttons or links is at your own risk and you must verify authenticity of sites before posting or providing Personal Information on such sites.

Websites such as [Vimeo and YouTube] are used to embed videos on the website and service providers such as [MailChimp and Google Analytics] may send their own cookies via this site. Please look at the cookie and privacy policies on these third-party sites if you want more information about this.

CRC websites may also contain sponsored links and adverts, who may have their own detailed privacy policies.

15.5 Downloads
Any documents or files made available to download from our websites are provided at users’ own risk.

15.6 Reporting Concerns
Please contact us if you wish to raise a concern about handling of your Personal Information. You also have the right to lodge a complaint with the Information Regulator about how your data is managed at complaints.IR@justice.gov.za.

16. CHANGES TO THIS PRIVACY NOTICE
CRC may amend this Policy from time to time to reflect changes in best practice, security and control and to ensure compliance with any changes or amendments to POPIA or other applicable legislation in South Africa. Any amended version will be available on our websites. We suggest you visit regularly to keep up to date with any changes.

CONTACTING CRC
If you would like any further information, or have any queries, problems or complaints relating to the Privacy Policy or our information handling practices in general, please contact the appropriate person/s below:

CHRISTIAN REVIVAL CHURCH
Attention: Information Officer
Physical address: Cnr Witkoppen and Riverbend Road, Johannesburg 2188
Email: informationofficer@crc.org.za

CHRISTIAN REVIVAL CHURCH GEORGE Attention: Information Officer Physical Address: 1 Glaze Street, George Eastern Ext Email: admin@crcgeorge.co.za