Church Pension Group | CPG Privacy Policy

CPG Privacy Policy

The following is the policy of The Church Pension Fund and its affiliates1 (collectively, “Church Pension Group” or “CPG”) for the use and sharing of personal information of our constituents.2

Updated April 21, 2020

Basic Principles

  • CPG is committed to respecting and safeguarding our constituents’ rights to privacy and to protecting their personal information, by which we mean information that is unique to an individual such as name, date of birth, address, telephone number, email address or Social Security number.
  • The benefits, products and services provided by CPG require that we use and share certain personal information in the ordinary course of conducting our businesses.
  • CPG has implemented an information privacy and security program that seeks to provide the following:
    • Protection and security of our constituents’ personal information by CPG and our vendors;
    • Limitations on the use and sharing of personal information as described in this Privacy Policy;
    • Procedural safeguards designed to ensure appropriate access and use of personal information by CPG employees and our vendors;
    • Employee training on CPG’s information privacy and security policies and procedures;
    • Complaint and remediation mechanisms; and
    • Enforcement of our privacy and security policies.
  • The use and sharing of personal health information is subject to separate privacy policies and procedures, which are described in the HIPAA privacy notice (cpg.org/HIPAA-notice).
  • Any sharing or use of a constituent’s personal information, other than as expressly permitted by this Privacy Policy, will require the permission of that constituent (written permission when indicated).

Purposes of Processing

Certain uses and sharing of our constituents’ personal information are permitted as necessary for the performance of CPG’s benefit plan and other contractual obligations to our constituents or to fulfill our legitimate interests in connection with our core mission. Such permitted purposes, uses and sharing are as provided below.

  • CPG may use and share our constituents’ personal information with other CPG entities, with our vendors and with other entities of The Episcopal Church (“Church”) for the purpose of operating, administering, and delivering CPG benefits, products, and services to our constituents.
  • CPG may publish clergy names, canonical residences, ordination dates, ordaining bishops, ecclesiastical work addresses, ecclesiastical work phone numbers, and ecclesiastical work email addresses (collectively, “Basic Clergy Data”) in the Episcopal Clerical Directory (in its print, CD-ROM, online, and other forms), which includes the Clergy List of The Episcopal Church (collectively, “ECD”) and The Episcopal Church Annual. CPG may publish additional personal information in the ECD and/or The Episcopal Church Annual if the applicable cleric has given written permission.
  • CPG may use constituents’ personal information for research, and may publish aggregate information regarding the clergy and lay employees of the Church, including age, compensation, retirement readiness, gender identity, race, ethnicity and/or sexual orientation.
  • CPG may share Basic Clergy Data as well as clergy age, gender, seminary attended, ordination date, diocese of employment, employing organization, employment start date, retirement date, home address, home phone number and home email address with the Domestic and Foreign Missionary Society (“DFMS”) and/or the cleric’s Diocesan Bishop or other Ecclesiastical authority for any communications made pursuant to the Canons or any other purpose consistent with the charitable mission of the Church.
  • CPG may share Basic Clergy Data with other Church entities, subject to a mutually acceptable data use or similar agreement.
  • CPG may share details regarding the passing of clergy or a clergy spouse, such as name, age, name of spouse and location and date of passing, for pastoral reasons.
  • CPG may share information regarding a cleric’s compensation, pension and related benefits, including name of beneficiaries, retirement date and monthly benefit, with such cleric’s Diocesan Bishop or other Ecclesiastical Authority.
  • Written permissions are subject to reasonable rights of revocation.

Marketing and Event Announcements

In addition to the uses described above, CPG may use our constituent’s personal information (including information that CPG purchases or otherwise obtains from third parties) for the purpose of marketing and providing education regarding our benefits, products and services and for announcements about CPG or Church events in accordance with the following rules:

  • In certain circumstances, constituents may have the right to request that we stop using their personal data for the purpose of marketing by contacting CPG by email or mail at the address listed below; and
  • For marketing, education, or event announcements, constituents’ personal information will be shared only with other CPG entities, with other Episcopal entities or with third parties that provide services to CPG, but such third parties, other than social media platforms that receive e-mails from CPG, will have no independent rights to use or disclose such personal information except for purposes that are consistent with our charitable mission and approved by CPG.

Recorder of Ordinations

CPG may share personal information regarding clergy of the Church that it receives in its role as Recorder of Ordinations of the Church with DFMS, including its Office of General Convention, to the extent required by the Constitution or Canons of the Church or any resolution approved by General Convention.

Other Permitted Uses

  • CPG may use or share our constituents’ personal information to the extent required or permitted by applicable federal, state, or other laws and regulations, the Constitution or Canons of the Church, in the interest of public policy, or as requested by courts, government authorities or agencies.
  • CPG may share personal information to prevent or lessen a serious and imminent threat to any person or the public when such disclosure is made to someone we believe can prevent or lessen the threat (including the target of the threat).
  • CPG collects information from visitors to our website.  For CPG’s Website Privacy Statement, see cpg.org/website-statement.
  • CPG may track whether individuals who receive emails from CPG have received and/or opened such emails.
  • Other permitted uses may be specified in the privacy section of the CPG website, which can be found at cpg.org/privacy.

European Privacy Rights

Constituents resident in the European Economic Area and certain other territories may have certain rights under applicable data protection law.  For example, you may have the right in certain circumstances:

  • to request access to the personal data we hold about you, to have inaccurate or incomplete data rectified, or to have personal data we hold about you erased;
  • to request that we restrict processing of your personal data;
  • to request that we stop processing your personal data and/or stop sending you direct marketing communications; and/or
  • to be provided with your personal data in a structured, machine readable and commonly used format or to request that we transfer the personal data to another data controller.

To exercise your rights, you may contact us as found in the ‘Contact Us’ section below. Additionally, you have the right to lodge a complaint with the applicable supervisory authority. For more information, please contact your local data protection authority.

Prohibited Uses of Personal Information

CPG will not sell our constituents’ personal information to any third parties, although the ECD and Episcopal Church Annual, which include certain personal information as described above, may be sold to third parties.

Changes to this Policy

CPG may revise this Privacy Policy from time to time. When we change the Privacy Policy in a material way, a notice will be posted on our website along with the revised Privacy Policy.

Data Retention

CPG may retain your personal data as long as necessary or appropriate for the purpose of operating, administering, and delivering CPG benefits, products, and services to our constituents; to complete a transaction you requested, to maintain historical records for business purposes, or as required by applicable law, regulation or internal policy.

Contact Us

For more information about this Privacy Policy, including any amendments, or to opt out of the use of your personal information for marketing and event announcements, please contact CPG using any of the following methods:

  • Email: privacy@cpg.org
  • Writing: Church Pension Group, Attention: Privacy Officer, c/o Legal Department, 19 East 34th Street, New York, NY  10016

Last Revised: April 21, 2020


Download the CPG Privacy Policy

Descargar la Política de privacidad de CPG

 

1 Affiliates of The Church Pension Fund include Church Life Insurance Corporation, The Church Insurance Agency Corporation, The Church Insurance Company, The Church Insurance Company of Vermont, Church Publishing Incorporated, and Church Pension Group Services Corporation (doing business as The Episcopal Church Medical Trust).

2 We use the term “constituents” to mean the participants and beneficiaries of the benefit plans sponsored or administered by CPG, the existing and prospective purchasers or users of our benefits, products and/or services; our employees, officers, directors, trustees, and other individuals who work for us as independent contractors and visitors to our website. This Privacy Policy does not cover the use or sharing of information of Episcopal entities (for example, data relating to parishes or dioceses) or the web addresses of such entities. This data is considered “institutional” data.  CPG may use institutional data for any purpose, and may share institutional data with any third party with whom CPG has a data use or similar agreement.