The Church, GDPR and WhatsApp
Since my last article on GDPR and the Church, I have had a number of enquiries about using WhatsApp in Churches, and the relevance of GDPR.
Firstly, WhatsApp is a great tool for churches. Being able to create communication groups quickly that will work on all mobile devices is a literal God send to help us organize our activities.
WhatsApp is currently not GDPR compliant, and has been designed to be used for personal use only. It was never designed to be used in ‘corporate’ situations, and using WhatsApp without appropriate boundaries could leave Churches in breach of GDPR when it comes into effect on 25thMay.
The challenge, as many of us know, is that personal and corporate boundaries get blurred very easily in Churches as church employees, volunteer leaders and church members merge with our personal friendships.
So what can we do?
The advice I have given many is as follows:
- Move corporate or organised communications to other solutions, such as Slack. These provide GDPR compliant methods of communication
- Where that is not possible:
- - the admin for the WhatsApp group should not be a church employee or a recognised ‘leader’
- - have a clear sign up process where people added to group have given written consent, and ensure they know exactly how their data will or will not be used
The team at WhatsApp are rumoured to be developing GDPR compliant controls for a new version of the app, which is supposed to be delivered before GDPR comes into effect, but this is not guaranteed.
It’s better to plan for the worst, but hope for the best!
If you are concerned about GDPR on your Church, please do drop us a line at firstname.lastname@example.org, and we will do our best to advise you.