Privacy Policy

  1.  POLICY STATEMENT
    1. This page contains the personal data protection and privacy policy adopted by Mawar Sharon Church (the “Church”) to manage your personal data and to govern the use of this website (the “Site") in accordance with the Personal Data Protection Act 2012 (the “Act”). Please take a moment to read this policy to understand the purposes for which we collect, use and disclose your personal data. By visiting or using this Site and our mobile application (the “App”), you agree to the terms of this Policy Statement.
    2. The Church respects the privacy of individuals and recognises the need to treat personal data in an appropriate and lawful manner, and is committed to comply with its obligations in this regard, in respect of all personal data it handles.
    3. The Church may change some parts or all of the contents of this policy from time to time to ensure that this policy is in line with legal and regulatory requirements. Hence, we advise you to check back regularly for updated information on the handling of your personal data.
    4. If you consider that this policy has not been followed in respect of personal data about you or others, you should raise the matter with the Data Protection Officer as soon as possible.
  2. COLLECTION OF YOUR PERSONAL DATA
    1. In general, we collect your personal data in several ways, but not limited to the following:
      1. When you submit a membership registration form or other forms relating to the Church’s activities;
      2. When you sign up for a user account on our Site and/or App;
      3. When you make use of various functionalities in our Site and/or App, such as the Bible Reading chart;
      4. When you contact us for enquiries, either via emails or phone calls;
      5. When you are visiting our office or attending our services or events;
      6. When you make a donation or payment to the Church;
      7. When you request us to contact you;
      8. When you submit your personal data to us for employment purpose; and
      9. When you provide any information at the time of posting content, requesting for further services or reporting a problem with the Site and/or App.
    2. The personal data that is collected by the Church may include some or all of the following personal information:
      1. Name;
      2. NRIC/FIN/Passport Number;
      3. Nationality;
      4. Marital status;
      5. Date of birth;
      6. Gender;
      7. Company name;
      8. Job title/profession;
      9. Contact information such as email addresses and telephone numbers;
      10. Demographic information such as address, postal code, preferences and interests;
      11. Financial information such as bank account or credit/debit card numbers;
      12. Signature;
      13. Photograph, audio/video recording and digital image;
      14. IP address (automatically collected when you access this Site);
      15. GPS and/or location information when you use our App;
      16. Web browser type and version (automatically collected when you access this Site);
      17. Operating system (automatically collected when you access this Site);
      18. Correspondence details when you contact us;
      19. A list of URLS starting with a referring site, your activity on the Site and/or App, and the site you exit to;
      20. Cookie information; and
      21. Details of your visits to our Site and/or App and the resources that you access.
  3. PURPOSES OF COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA
    1. Generally, the Church collects, uses and discloses your personal data for the following purposes:
      1. Conducting and organising church activities, including services and events;
      2. Managing church administration and relationship with members;
      3. Responding to your queries and requests;
      4. Resolving complaints and handling requests and enquiries;
      5. Providing service for communities or public;
      6. Internal and external communication and publications;
      7. Delivering information regarding news, publications and events;
      8. Internal record keeping;
      9. Tracking and auditing donations made to the Church
    2. Your personal data will be retained by the Church as long as necessary according to our internal policy for the fulfilment of the purposes stated above or is required to satisfy legal, regulatory or accounting requirements.
  4. DISCLOSURE OF YOUR PERSONAL DATA
    1. The Church will take reasonable steps to protect your personal data against unauthorised disclosure. Subject to the provisions of any applicable law, your personal data may be disclosed, for the purposes listed above (where applicable), to the following:
      1. The Church’s staff and volunteers;
      2. Agents, contractors or third party service providers who provide services to the Church, such as website maintenance services, internet cloud services, courier services, payment processing services, other operational services (relating to donation collection, printing, training, security, accommodations) and/or other services to the Church or the Site and/or App;
      3. Our professional advisers such as auditors and lawyers;
      4. Relevant government regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and
      5. Any other party to whom you authorise us to disclose your Personal Data to.
    2. Save as set out under this Privacy Policy, unless we are obliged or permitted by the Act to do so, your personal data will not be disclosed to any third parties without your permission.
    3. The Church will use its reasonable endeavours to ensure that the third parties, whom your personal data is being disclosed to, will provide a comparable standard of protection to your personal data. However, the Church does not provide any warranty or take any responsibility of any misuse undertaken by those third parties.
  5. CONSENTS
    1. By submitting your personal data to the Church, you agree and consent to the collection, use and disclosure of your personal data by the Church for some or all of the purposes mentioned above.
    2. If at any time we decide to collect, use or disclose your personal data in a different manner to the purposes set out above, we will request your consent to the additional purpose in writing, which you may refuse to give at your discretion.
    3. If you provide us with personal information relating to a third party (e.g. information of your spouse, children, parents or relatives), you irrevocably and unconditionally represent, warrant and undertake that you have obtained the consent of the third party to provide us with their personal data for the respective purposes.
    4. You may at any time withdraw any consent given in respect of the collection, use or disclosure of your personal data by giving prior notice in the form of a formal written request addressed to the Data Protection Officer.
    5. In the event you withdraw your consent to the Church for the processing of your personal data for the purposes mentioned above, the Church shall cease to process your personal data within 21 working days upon receiving your withdrawal request. Please note that once consent is withdrawn, your request for any of the above purposes may as well be cancelled, and hence we may not be able to fulfil our services to you.
  6. ACCESS AND CORRECTION TO YOUR PERSONAL DATA
    1. You may apply for a copy of your personal data held by the Church or request for your personal data to be updated or corrected by sending a formal written request to our Data Protection Officer.
    2. Within 21 working days upon receiving your request, the Church shall:
      1. Provide you with a copy of your personal data under our custody and/or other relevant information in accordance with the Act within; or
      2. Correct your personal data as soon as practicable and inform you that the correction has been made to your personal data; or
      3. Inform you that your request to access or correct your personal data is rejected, if the request was made in circumstances predefined by the Act where such access or correction is prohibited or not required.
  7. ACCURARY OF YOUR PERSONAL DATA
    1. You should ensure that all personal data submitted to us is complete and accurate. Failure to do so may result in our inability to provide you with information or services you have requested.
    2. The Church shall make a reasonable effort to ensure that personal data collected by or on behalf of the Church is accurate.
  8. PROTECTION OF YOUR PERSONAL DATA
    1. The Church will take reasonable measures to protect your personal data from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss. You should be aware, however, that no method of transmission over the internet or method of electronic storage is 100% secure. While security cannot be guaranteed, we strive to protect the security of the personal data and will constantly review and enhance our information security measures.
    2. The Church’s staff and volunteers are required to keep personal data confidential and only authorised persons have access to such information.
  9. USE OF COOKIES AND LINKS
    1. A cookie is a small piece of information that is placed on your computer when you visit certain websites.
    2. The Church uses cookies on its website for the following purposes:
      1. Enabling certain features and functions on our websites;
      2. Building up a profile of how you and other users use the website;
      3. Improving the efficiency of our website;
      4. Administering services to you; and
      5. Establishing usage statistics.
    3. Most internet browsers provide you the option of turning off the processing of cookies (please see the “help” section of your browser), but this may result in the loss of functionality, restrict your use of the website and/or delay or affect the way in which it operates.
    4. The Site contains links to other websites. The Church is not responsible for the privacy policies of third party web sites to which links are provided. You should check the privacy policies on these sites before providing any personal information.
  10. CONTACT OUR DATA PROTECTION OFFICER
    1. Should you have a complaint or require more information about how we manage your personal data, please contact our Data Protection Officer at:

      Data Protection Officer
      Mawar Sharon Church
      Raya Ngagel Street No 123,
      Vision Building 6F, Marvell City,
      Surabaya 60264
      Phone: (031) 6000-7000
      Email: dpo@gms.co.id

  11. GOVERNING LAW
    1. This policy and the use of this website shall be governed in all respects by the laws of Indonesia. You agree to submit to the non-exclusive jurisdiction of the Indonesia courts.

Updated as at October 25, 2018.