Privacy Notice

1. Introduction

This Privacy Notice explains how Christian Broadcasting Network UK (“CBN UK”, “we”, “us”, or “our”) collects, uses, stores, and shares personal data. 

It applies to individuals whose personal data we process, including: 

  • Donors and supporters 
  • Prayer request submitters and Hope Line callers 
  • Church and school contacts using Superbook Academy 
  • Volunteers and contractors 
  • Website visitors and event participants 

 

This notice is provided in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and relevant guidance issued by the UK Information Commissioner’s Office (ICO). 

We are committed to transparency and accountability in how we handle personal data. 

“Do not be anxious about anything, but in every situation, by prayer and petition, with thanksgiving, present your requests to God. And the peace of God, which transcends all understanding, will guard your hearts and your minds in Christ Jesus.”

Philippians 4:7-8

2. Who We Are

Data Controller
Christian Broadcasting Network UK
Registered Charity Number: 1101659
PO Box 700, Hereford, HR1 9EW, United Kingdom 

CBN UK operates a trading subsidiary, CBN Resources Ltd (Company No. 10853789), which may act as a data processor on our behalf. 

Contact Details
Email: [email protected]
Telephone: +44 (0)1227 453300 

CBN UK has appointed a Data Protection Officer (DPO). You may contact the DPO using the details above if you have any questions about how your personal data is processed. 

3. Personal Data We Collect

We collect and process the following categories of personal data, depending on your interaction with us: 

a) Personal Identification Data

Name, title, postal address, email address, telephone number. 

b) Demographic & Engagement Data

Interests, preferences, engagement history, and interactions with CBN UK content or services. 

c) Usage & Technical Data

IP address, browser type, device information, website usage data, cookies, and analytics data. 

d) Transactional & Financial Data

Donation history, payment references, Gift Aid status, and fulfilment details (note: payment card details are processed securely by payment providers and are not stored by CBN UK). 

e) Communication Data

Correspondence via email, phone, post, instant messaging, or social media. 

f) Special Category Data

Information voluntarily provided relating to religious beliefs or pastoral needs (e.g. prayer requests). This data is processed with enhanced safeguards. 

We may also collect information when you participate in surveys, competitions, events, or special campaigns. 

4. Data Obtained from Third Parties

In some circumstances, we may receive personal data from third parties, including: 

  • Churches or schools registering for Superbook Academy 
  • Partner ministries or Christian organisations 
  • Social media platforms (when you interact with our content) 
  • Publicly available sources (e.g. charity registers) 

 

Where personal data is not obtained directly from you, we will provide the information required by Article 14 UK GDPR within one month or at the point of first communication, whichever is sooner. 

5. How We Collect Personal Data

We collect personal data through: 

  • Direct interactions: forms, donations, event registrations, prayer requests, phone calls, emails, instant messaging 
  • Automated technologies: cookies, analytics tools, tracking technologies 
  • Third-party sources: referrals, social media platforms, partner organisations 

 

Details of cookies and similar technologies are provided in our Cookie Policy:
https://cbn.uk/cookie-policy/ 

6. Lawful Bases for Processing

We process personal data under the following lawful bases: 

a) Consent

For marketing communications, surveys, prayer support, and optional engagement activities. You may withdraw consent at any time. 

b) Contract

Where processing is necessary to fulfil a contract or donation arrangement (e.g. processing donations, fulfilling resource orders). 

c) Legal Obligation

To comply with legal and regulatory requirements, including charity, tax, and accounting obligations. 

d) Legitimate Interests

We rely on legitimate interests where processing is necessary for our charitable operations, including: 

  • Engaging supporters and partners 
  • Improving services and content 
  • Preventing fraud and ensuring system security 
  • Managing internal administration and reporting 

 

Where we rely on legitimate interests, we have carried out a Legitimate Interests Assessment (LIA) to ensure our interests do not override your rights and freedoms. You have the right to object at any time. 

Special Category Data 

Special category data (including religious belief data) is processed under Article 9(2)(d) UK GDPR for the legitimate activities of a not-for-profit religious organisation. 

7. Third-Party Processors

We use trusted third-party service providers (“processors”) to support our operations. We maintain a record of all processors and ensure that appropriate Article 28 UK GDPR contracts are in place. 

Key Third-Party Processors

CRM, Communications & Engagement 

  • Salesforce – CRM and supporter management 
  • Iterable – Email communications and engagement analytics 
  • Natterbox – Telephony and call handling 
  • WhatsApp (Meta) – Prayer communications 
  • Jotform – Online data capture forms 

 

Web, Media & Analytics 

  • Wix / Pantheon / WordPress Hosting – Website hosting and management 
  • Google Analytics – Website analytics 
  • Google Ads – Advertising and campaign analytics 
  • Meta (Facebook / Instagram) – Social media engagement and advertising 
  • Media Valet – Digital asset and media management 
  • Metricool – Social media analytics and scheduling 

 

Payments & Finance 

  • Stripe – Payment processing 
  • PayPal – Payment processing 
  • Findock – Financial reconciliation 
  • QuickBooks – Financial accounting 

 

Operations & Administration 

  • Microsoft 365 – Email, documents, and internal collaboration 
  • Zoom – Online meetings and webinars 
  • Zapier – Secure workflow automation 
  • Waiver Electronic – Electronic waivers and consent forms 
  • Hireful – Recruitment and applicant management 

 

Education Platforms 

  • Superbook Academy (Moodle-based LMS) – Church and school resource delivery 
  • We collect contact details for church and school staff only 
  • We do not directly collect children’s personal data 

 

All processors are required to implement appropriate technical and organisational security measures. 

8. International Data Transfers

Some of our processors store or process personal data outside the UK and EEA. 

Where international transfers occur, we ensure appropriate safeguards are in place, including: 

  • UK Extension to the EU-US Data Privacy Framework (where applicable) 
  • UK International Data Transfer Agreement (IDTA) or Standard Contractual Clauses (SCCs) 
  • Additional technical and organisational safeguards where required 

 

We conduct Transfer Impact Assessments (TIAs) for relevant transfers and review them periodically or where material changes occur. 

You may request further information about international transfer safeguards by contacting us. 

 

9. Data Retention & Security

Retention 

We maintain a formal Data Retention Schedule. Key retention periods include: 

  • Financial and donor records: 6 years plus the current year 
  • Gift Aid records: 6 years after the calendar year of donation 
  • Prayer requests: up to 12 months (unless deleted earlier on request) 
  • Marketing data: until consent is withdrawn or there is no longer a lawful basis 
  • Website analytics: typically up to 26 months

 

Security 

We protect personal data using appropriate technical and organisational measures, including: 

  • Role-based access controls 
  • Encryption in transit and at rest 
  • Secure authentication and password controls 
  • Regular security reviews and training 
  • Secure data disposal procedures 

10. Your Data Protection Rights

You have the following rights under UK GDPR: 

  • Right of access 
  • Right to rectification 
  • Right to erasure 
  • Right to restriction of processing 
  • Right to data portability 
  • Right to object 
  • Right to withdraw consent at any time 

 

Requests can be made via [email protected].
We may require reasonable proof of identity and will respond within one month. 

You also have the right to complain to the Information Commissioner’s Office (ICO):
https://www.ico.org.uk 

11. Automated Decision-Making

We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects. 

Analytics and segmentation may be used to tailor communications but are subject to appropriate safeguards and human oversight. 

12. Children’s Data

Our services are not directed at children under 13. 

Superbook Academy is used by churches and schools. We do not directly collect children’s personal data. Any aggregated information (e.g. group sizes or age ranges) does not identify individuals. 

13. Changes to This Notice

We regularly review this Privacy Notice to ensure it remains accurate and compliant. 
The most recent version will always be available on our website. 

Last Reviewed

December 25

See more

Superbook

About Us

Partner

Our History

Leave A Legacy

CBN Israel

Contact

Pray
Donate
Facebook Instagram Youtube
Welcome to the family

sign up

About You
About your church

By submitting this form you agree to the CBN Europe privacy policy.