2023-12-19 15:42:07
In its defense and as a legal basis once morest the APD, the Church invoked its legitimate interest in preventing possible identity fraud. According to Catholic doctrine, a baptism can only take place once. It is therefore necessary to keep track of it.
The APD recognized this legitimate interest in the head of the Church.
However, the APD considers that this legitimate interest can only be validly invoked to process data if this processing is necessary to achieve this objective, and if the interest of the data subject, the complainant, does not override the interest of the organization processing the data, in this case the Bishopric of Ghent.
The APD considers that these two conditions are not met.
On the one hand, the fact that the baptism register is only kept in paper form within a single parish (the one where the baptism takes place), it is not always possible to verify whether the baptism took place or not. Data processing, as it is practiced today by the Church, therefore does not prevent a person from being baptized twice. Therefore, keeping this data in this register as the Church wishes is therefore not “not appropriate to achieve the desired purpose“, estimates the APD. “We have seen that the system that is put in place, with local registers only in paper, does not really allow us to verify whether someone is baptized, so it is inappropriate.“, explains Hielke Hijmans, President of the APD Litigation Chamber.
On the other hand, the APD considers that “the lifelong retention of all data of the complainant – including data which is not strictly necessary to determine whether a person has already been baptized – is disproportionate from the moment the complainant expressly indicates that he wishes to distance himself from the Church Catholic“. “There is data that is not necessary for this purpose“, explique Hielke Hijmans. “For example, in the baptism register, we see the names of godparents and that is not at all necessary.“, adds the President of the APD Litigation Chamber. And the APD specifies that in this case, “the interest of the complainant takes precedence over that of the Church“.
The data processing called into question by the complainant is therefore deemed unlawful by the APD. The Data Protection Authority has therefore decided to order the Bishopric of Ghent to comply with the request of the complainant who opposes the processing of his data and who requests their erasure.
1703008289
#Data #Protection #Authority #orders #Church #delete #person #baptism #register