Kirkliston Parish Church
Emerging Encouraging Equipping
Skip to content
Kirkliston Vision 2018 – 2022
Children and Youth
Little Coffee Stop
Maggie Lane’s Testimony
GDPR Do's and Don'ts
report the loss of KPC personal data immediately to the KPC Data Protection coordinator, stating whether or not passwording and/or encryption and/or physical security measures were in use to protect the personal data, and whether it was lost or stolen (if known). Include any police incident number if a police report has already been submitted.
inform the KPC Data Protection coordinator (in addition to the owners of the website if not a KPC web page or email) if you receive an unsolicited email, letter, text or phone call asking for personal information
ensure that manually held personal data is held securely, for example in a locked drawer or cupboard for storage and marked ‘confidential’
ensure that personal data transferred manually is handed over personally to the intended recipient, appropriately enveloped or in a secure container, marked ‘confidential’
encrypt or password-protect personal data before it is
. Add a passworded document as an email attachment or when using FTP (file transfer protocol) software
use SFTP (secure FTP software) rather than FTP if not using email to transfer personal data
encrypt or password-protect personal data when it is
change passwords periodically, typically every few months if not more frequently
use strong passwords, typically 8 or more characters with a mix of letters, numbers, and special characters such as *,$,!, etc.
use blind copy (Bcc) for emails when emailing a large number of people, unless everyone has agreed for their details to be shared amongst ‘the group’
include a rider at the end of emails which have been distributed using Bcc to show who has been included in distribution ( no email addresses here, only first or full names please – initials may be acceptable in small groups)
use email address book distribution lists for established groups which have been appropriately maintained e.g. by a KPC team leader and/or the KPC Admin Team
, if a KPC Team Leader, share any distribution lists (securely) with the KPC Admin Team, and check regularly with the admin team that changes have been shared bilaterally
read the reference material contained herein and, if in any doubt, contact the KPC GDPR coordinator for more help
use work email addresses for sending or receiving personal information (other than an @churchofscotland.org address)
use joint shared email addresses for convenience (e.g. family or husband/wife) when sending or receiving personal information even if for ‘legitimate purposes’
write passwords or PIN codes down on paper, ever.
leave keys for locked manual storage holding personal data (drawers or cupboards) in plain sight or easily accessible – use key cupboards where possible
use free unsecured public WIFI connections for internet connection with devices holding personal data
view personal data on electronic or manual media in public places where there is a risk of inadvertently sharing data as a result of ‘shoulder surfing’ by unwanted people
share passwords or PINs or security codes verbally in public places
use the same password across many documents just because it is easier to remember
reveal any full passwords, login details or account numbers if you receive an unsolicited email, letter, text or phone call asking for personal information.
Privacy & Cookies Policy