Omega Church Software and GDPR

You’ll no doubt be aware of recent changes within the EU to how companies deal with the collection and processing of personal data - known as the General Data Protection Regulation or GDPR.

The law came into force in May 2017 but companies and organisations were given a 12 month grace period to implement the changes before enforcement starts in May 2018. As charities, these changes apply to churches as well so we wanted to make you aware of some of these changes and how Omega can help with this.

But what about Brexit? As a church based in the UK, does this affect us?

Yes it does. The UK Government have confirmed they will be applying the laws as laid out by the GDPR, regardless of Brexit.

What is meant by personal data?

Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person - for example a name, photo or email address.

It also includes consent they’ve given to have their details used by you - e.g. opting in to communications with you.

If you capture, store or process personal data then GDPR applies to your church.

What are the main changes?

The main changes relate to:

  • How you capture consent, including providing a purpose for data processing when you capture consent
  • Keeping a full record of the consent you capture and providing evidence of this
  • Allowing your data subjects to be forgotten and / or allowing them to withdraw consent
  • Providing access to the data you store on a data subject in an electronic format

What personal data does Omega capture?

As well as contact details such as names, address, phone numbers etc., Omega also captures financial contributions and, depending on what features you use, also enables capture of pastoral notes and the details of members of youth and children organisations.

One thing Omega does not currently capture is consent for communications from the church, however you may be using categories for capturing information such as who wants to receive the church newsletter.

This is an area we are looking at as it may not be a specific requirement for Omega to do this, due to the nature of church communications - GDPR allows for an organisation to not require consent for communications, if there are “legitimate interests” for both parties for these communications.

How does GDPR affect our use of Omega in our church?

Whilst Omega is likely the main, or only, system you use to capture and process personal data, of greater importance is that you as a church understand the core concepts surrounding data protection and use of data. One of the key elements of GDPR is ensuring your “data subjects” (that is, any records that you store in Omega) understand what data you are capturing, and for what purpose.

If you haven’t already, we’d strongly recommend you seek out some training or a workshop in this regard, either independently or through your church’s governing body.

What are the next steps?

We’re currently in the process of identifying what areas of Omega need enhanced to satisfy the new GDPR laws. Any software update relating to this will be made available early in 2018, and we’ll be keeping this page on our website updated throughout as well.

We have recently upgraded to Omega after using another system for 25 years. Omega allows us to store membership and financial records for each of the 1000 families and 2500 members with instant recall and reporting of the data across our church network and via remote access by office staff from home.
  • Cliff McLoughlin
  • Knock Presbyterian, Belfast