Why your Church needs a Privacy Statement
Tired of political groups filling up your U.S. snail mail box with letters to your 12 year old daughter? Irritated with self-employed church members spamming you with the latest gift-basket craze? If so, then perhaps your church is lacking a privacy statement to protect contact information you submitted to the church’s sunday school enrollment or pictoral directory.
Last week, the North Carolina Republican Party asked members to send their church directories to the party. The result were complaints from groups whose demographics would normally be supportive of the GOP – including this barb by Rev. Richard Land, head of the Ethics and Religious Liberty Commission of the Southern Baptist Convention:
“Such a request is completely beyond the pale of what is acceptable …”
I agree – for two reasons. First, it can potentially endanger a church’s tax-free status by involving it in a political campaign; especially if a directory or mailing list was forwarded by a well-meaning staff member.
The Rev. Richard Byrd Jr. of Cornerstone Baptist Church in Greensboro addresses my second point when he said anyone sending in a directory:
“[it] would be betraying the trust of the membership …”
And this is why your church needs a clear and concise privacy statement that either in whole or in part should be conspicuously published on the introduction page of any hard-copy directory and as a user-agreement form on any electronic directory.
Now not being a lawyer, I went about and did a search on the topic. As you might expect, alot of legalese. But I did find one or two sites that either provide an explanation of your obligations and/or provide forms and/or templates for generating your own privacy statement. Here you go, in no particular order:
- How to Construct Your Privacy Policy - Direct Marketing Association offers a short article and a long form to generate a customized privacy statement.
- The TRUSTe Model Privacy Statement - Model Privacy Statement serves as a template, prompting you to consider important points in your information gathering policy and practices.
- Virginia Tech Privacy Statement Generator - once you generate it, I suspect you’ll need to modify the references to Va.Tech.
- Creating Online Privacy Policies - old but I found it interesting
- Creating a privacy policy for your web site - a short and sweet article that gives you the low-down on this topic
- Rexall’s rotten eCommerce example - everyone’s worst privacy nightmare.
- Guidelines for Online Privacy Policies - demonstrates policies for protecting individually identifiable information.
The bottom line is, failure to create and publish such a policy leaves your church little recourse in protecting the privacy rights of your congregation and open up your church’s data to all sorts of spammage whether it is to pimp-up a political campaign, or hustle Tupperware and Mary Kay by some of the more entrepreneurial members of your congregation.
Great post. This is often overlooked!
we’ve long felt this way, that we had to have a plan for protecting congregational information, even before website visitor privacy policies became popular.
anyway, here’s ours. feel free to use it for ideas. no, it hasn’t had a legal review, it’s just a common-sense policy we follow.
http://www.centralpc.org/admin/privacy.htm
Note, it’s a good idea to mention photos in your privacy policy now too, particularly since more and more sites can easily add photo galleries.
Here’s ours:
http://www.centralpc.org/admin/privacy.htm