Parish Directory Online Data Collection Portal — Data Usage & Terms

1. Purpose

This online portal collects parish member data solely for the creation and printing of a parish directory. Information provided will be used only for directory production and related parish communications unless you give separate consent for other uses.

2. Data We Collect

• Required: Full name, house name, position in family (e.g., head, spouse, child).
• Optional: Date of birth (DOB), occupation, photo of member.

3. How We Use the Data

Collected data is used exclusively to prepare the parish directory (printed and, if applicable, a secure digital version for parish use). We do not sell, rent, or otherwise monetize your personal data.

4. Photos & File Storage

Photos you upload are stored on the secure webserver. Each image is assigned a dynamically generated filename of 40 characters in length to help prevent guessable file names. Photos are accessible only to authorized users and to guests when they use a valid family guest link as described below.

5. Access Controls & Guest Links

Access to the portal is restricted to authenticated users. Parish administrators grant access based on role and need.

Guest access for a family is allowed only via a unique family URL. That URL is generated as a 32-bit hashed URL and should be treated as confidential; anyone with the URL can view the associated family’s data. Keep guest URLs private.

6. Security Measures

• Transport Encryption: The portal uses HTTPS provided by Let's Encrypt certificates. Certificates are issued using industry-standard key sizes — typically RSA 2048-bit keys (and ECDSA P-256 where supported) — to encrypt data in transit.
• Authenticated Access: Portal pages that display or modify member data require authenticated user sessions unless accessed via an explicit family guest URL.
• File Naming: Uploaded images use 40-character dynamic filenames to reduce the risk of URL guessing.
• Server Protections: Standard server hardening is applied (firewall, OS updates, least-privilege accounts). Administrative access is limited to authorized personnel only.
• Backups & Retention: Directory data and photos are included in routine backups retained per parish policy. (Contact the parish for retention specifics.)

7. Data Retention & Deletion

We retain submitted data for as long as necessary to produce and distribute the directory and to support parish administration. If you would like your data removed or corrected, please contact the administrator (contact details below). We will process deletion or updates in accordance with parish policies.

8. Your Rights & Choices

• Review your submitted information and request corrections where needed.
• Request deletion of your personal data from the portal (subject to directory production timelines).
• Revoke consent for optional items (e.g., photo) by contacting the administrator. Revocation does not affect processing already completed for published directories.

9. Third Parties

We do not sell or share your personal data with third-party marketers. Data may be shared with trusted service providers (e.g., printers, IT providers) only as necessary to prepare/print the parish directory; such parties are contractually required to protect the data and use it only for the agreed purpose.

10. Contact & Administrator

For questions, corrections, deletion requests, or concerns about these terms, please contact the portal administrator: