By Rev. Mindi Welton-Mitchell
Ministry Associate for Social Media
You may have heard of GDPR: General Data Protection Regulation. This is a regulation in the European Union that regards how personal information is collected online for citizens of the EU. This regulation most likely doesn’t apply to your congregation, unless you have members who are from the EU—either people who still claim their citizenship in the EU or who were part of your church and moved to the EU. What this means is that you need their permission to be on your email list, your newsletter list, or even to receive your boosted Facebook advertisements. The GDPR is to protect people from having their information sold to another party or shared without their permission.
Even without the GDPR, it is a good idea to make sure you have people’s permission to send them your church newsletter or to print their information in a church directory. A simple permission form for members or regular attendees is easy to create, something that says, “I give my permission for this church’s name to reprint my contact information in the church directory,” or newsletter, etc.
It is also a good idea to have some sort of permission form for people to use or share their photos online—and especially, always, with children’s photos. You can do this either as a permission form, or an opt-out. A simple note at events where photos may be taken that “photos taken at this event may be posted online; if you do not wish to have your photo or your child’s photo posted, please fill out this form” or “please let name of person in charge of event know.”
There are reasons that people may not want to share their personal information, or they may be willing for the pastor to have it, but not for the rest of the congregation. It is always a good idea to ask first.