Last updated: January 28, 2026
St Mary’s Barnes is committed to protecting your privacy in compliance with the UK GDPR and Data Protection Act 2018. This policy explains how we collect, use, and safeguard personal data on https://www.stmarybarnes.org.
Data Controller
The data controller is the Office Administrator, reachable at [email protected]g. St Mary’s Barnes is located at 79 Church Road, Barnes, London SW13 9HQ
Data We Collect
We collect basic personal data like names, emails, and addresses for church activities, events, and newsletters. For our annual WooCommerce e-commerce store selling Christmas cards we collect names, billing/shipping addresses, emails, and payment details via PayPal – we do not store card numbers.
How We Use Your Data
• To manage church services, events, and communications (legitimate interest).
• Process orders and payments for Christmas cards (contractual necessity).
• Gift Aid and fundraising (legal obligation).
Data stays secure with limited access; we retain it only as needed (e.g., transaction records for 6-7 years as per HMRC rules).
Sharing and Security
We share data only with diocesan offices or service providers (e.g., WooCommerce/WordPress hosts) under strict agreements. No selling or sharing with third parties without consent. Site uses HTTPS and standard plugins for protection.
E-Commerce Specifics
WooCommerce orders collect minimal data for fulfilment. Payments are PCI-compliant via gateways; refunds handled per policy. Opt for account creation to save details (delete anytime).
Your Rights
Request access, correction, deletion, or objection via [email protected]. Withdraw consent anytime. Complaints to ICO at ico.org.uk.
Cookies and Changes
Site uses essential cookies; no tracking. We update this policy whenever there is any significant change in the data we collect. You can see the cookie policy here.
