GDPR Annual Checklist – resources

In 2018 a law around Data Protection and Processing came into place, meaning that churches now have a legal responsibility to ensure that they are keeping the data and personal information of individuals up-to-date and safe.

Managing trustees of Churches, Circuits and Districts have to annual complete a GDPR Annual Checklist to the best of their ability which ensures the Data Handlers for the Methodist Church  (TMCP – Trustees for Methodist Church Purposes) that the Methodist Church is compliant.

This page provides links to the necessary forms needed for compliance as well as helpful resources to help individuals understand the GDPR Annual Checklist, and correctly fill it in.

What do I need to be Compliant?

Data Mapping Form 

  • The Data Mapping form is a review of the personal information (data) relating to individuals that they collect and use. Once reviewed and recorded, the results then need to be kept up-to-date.
  • Once this is completed, it just needs to be reviewed each year 
  • All Trustees must read an updated copy of the Managing Trustee Privacy Notice, and this must also be on a noticeboard/available to others to read
  • This tells people how you process and deal with the data 
  • To help Managing Trustees keep the required records, the processor record has been created to help with compliance
  • There is a template of a consents form on the TMCP website as linked above, however it is worth considering the 6 lawful bases. To find out more about this, click here

Helpful Resources

GDPR Guidance – Sheffield District

Check out this website (click HERE) for some helpful and realistic prompts to consider 

How to Complete the Annual Data Protection Checklist – video

Start at 6:16 following the introductions

TMCP Website

There are also some helpful pages on the TMCP website which are worth a read of

9 Step Checklist

Do’s and Don’ts