Delete requests and the right to be forgotten
For organisations governed by the EU General Data Protection Regulation and where consent is relied on as a lawful basis for processing data, the right to object to processing doesn't apply (although an individual always has the right to object to processing for direct marketing, whatever lawful basis applies);. However, data subjects can invoke the right to be forgotten by requesting that that account be deleted from ChurchSuite. In this article, we outline the deletion request user experience and see how requests are processed.
Important: The Delete account option is only shown if your organisation's privacy notice has first been added to ChurchSuite (In Administrator > Profile). See our related support article: How to customise the appearance of your ChurchSuite account
ChurchSuite and the Right to be Forgotten
As a Data Controller, your organisation's privacy notice should make clear to data subjects your organisation's expected processes for communicating, receiving and actioning a Right to be Forgotten request.
Since the scope of the right to be forgotten extends beyond your organisation's processing of personal data within ChurchSuite, the Delete account functionality outlined in this article is designed to facilitate a request from a data subject to be removed from your organisation's ChurchSuite account.
No personal data is automatically deleted by a "Delete account" request, but the request is notified to your designated Data Protection Contact alerting them that a person has requested that their ChurchSuite data be deleted. It is then up to you, the data controller, to action the request as appropriate and to confirm back to the data subject when the process is completed. Requests should be actioned within the timeframes prescribed by the GDPR. Remember, you may have a lawful basis for continuing to process some or all of their information!
For ChurchSuite accounts where a Privacy Notice has been added a Delete account option is available in My ChurchSuite on the My Details page...
...on the My Consent form...
...and on the Communication page accessible through the Unsubscribe and Manage communication link in the footer of the emails sent by Users from within ChurchSuite.
Clicking Delete account opens a confirmation page or pop-up explaining what will happen if they proceed.
If the person proceeds and they are currently logged in to My ChurchSuite, they are immediately logged out and their My ChurchSuite access is disabled...
Additionally, all Privacy options and Communication options are opted out, preventing any of their details from being visible to others in My ChurchSuite and preventing them from receiving further email or SMS communications sent through ChurchSuite (unless a user, when sending, selects to not respect communication options - in which case an email will be sent).
Changes logs are also added...
..."Delete Requested" and "Unsubscribe" Key Dates are added...
Finally, a Notification email is sent to the designated Data Protection Contact (set in Administrator > Profile), alerting them that a person has requested their account be deleted from ChurchSuite. The sent communication is shown logged in the Profile section of the Administrator area.
You can now follow the preferred pastoral and administrative workflows for removing personal data held on ChurchSuite, before confirming back to the data subject that their request has been actioned.
Note: 'Delete account' will never auto-delete or auto-archive a person. All their data - event sign-ups, ministry and group membership, linked family members etc. remain intact. Where an account deletion request has been received, you may still be able to rely on another lawful basis for continuing to process some or all of the information - for example, a 'legitimate interest' may apply to things like membership lists such as the electoral roll or a 'legal obligation' may apply in respect of donations and Gift Aid records - the lawful basis for processing and the scope of processing will be determined by your privacy notice.