Presbytery and Church Website Guidance

This checklist aims to support Presbyteries and churches in establishing or improving their websites.

Creating a new website-outsourcing

  • Research web design agencies in your area and secure quotes - preferably from a range of different agencies
  • Please make sure to pay for a domain name (approx. cost £12 - £15 a year) as well as hosting so you can avoid using company names (such as WordPress, Wix or Squarespace) in your URL (website address)
  • When choosing a domain name, consider keeping it short, easy to spell, and relevant to your Presbytery. (e.g.: www.presbyteryofengland.org or www.stmagnus- kirkwall.org )
  • Avoid sole practitioners when employing a web agency – find a company with more than one employee that is likely to still be in business in a couple of years' time
  • Use Church of Scotland logos to ensure our denomination is clear to users – the Communications department can provide the correct logo and branding advice
  • Please store website access information safely and do not rely on one person to hold a password. Some churches have lost access to their websites or social media accounts through losing access information
  • Have a list of topics to discuss with your web agency and be sure to include: finding out their approach to ensuring website security, accessibility, search engine optimisation (how users find your website and its content), data protection and ensuring the website works on mobile devices
  • Ask about Secure Sockets Layer (SSL) certificates. These are digital files which verify a website's identity and encrypt communication between a user's device and the website. It allows you to use an https address which guarantees certain security features and makes it easier to find your website through search
  • Decide how often your content will need to be updated and identify who can do this. If you want to update content yourselves you should ensure the website is built with a content management system (such as WordPress or Joomla) that will allow you to do this easily.

Key information to include on your Presbytery or Church website

  • Your address – including postcode and information about parking and local transport links
  • Office phone number and email address
  • Accessibility information – ramps, accessible toilets, hearing loops etc
  • Presbyteries should include the names and email addresses of key office holders as appropriate: clerk, depute clerk, moderator, mission officer, youth worker, business committee chair, office administrator, website manager, designated media contact and so on. Churches should include the name of a minister or designated contact for the congregation
  • Churches should include worship times
  • Links to presbytery or church social media
  • Denomination: a prominent link to the Church of Scotland website will make your denomination clear as well as using the Church of Scotland logo
  • Ensure your home page has links to each page and all pages link back to your home page, making the website easy to navigate
  • Essential pages that every website should consider include: home page, about page, contact page and privacy policy (see more about privacy below)
  • Presbyteries should include the names of each church/worshipping community within their area along with a link to either their website or Facebook page and/or contact information
  • Churches should include the name of their Presbytery with a link to the website and a contact email or number
  • Information about life events (weddings, baptisms, and funerals).

Optional content

  • Significant missional activities supported by the presbytery or local church and how to get involved
  • Presbytery or church news if you can keep it current
  • Online worship sermons and services. You can upload files to SoundCloud/YouTube or add a text version to your website
  • Significant social services working out of church buildings, such as foodbanks
  • An event calendar
  • Include meeting place information if any space is available to rent out or use freely as a community space.

General advice

  • Use high quality images to illustrate your web pages
  • Keep information current as much as possible and avoid creating pages you won't be able to update regularly.

Churches

There is no requirement for churches/worshipping communities to have a website. Many congregations find that a well-maintained Facebook page which includes necessary information in the About section of the page is ideal for their needs. For congregations that do wish to establish or improve their website this checklist offers advice on what you need to consider.

DataProtection

General Data Protection Regulations (GDPR) is a European Union (EU) and UK law that protects personal data and regulates how companies and websites can collect and process that information. Several charities have been fined for noncompliance with data protection laws and GDPR including the British and Foreign Bible Society which was fined £100,000 in 2018 for failing to properly protect people's data which was held by them. GDPR laws apply to any information held on visitors to your website – as well as to data you hold offline.

While this may seem daunting, websites that follow best practices will be compliant. The principles are:

  • Any information you hold – names, email addresses, telephone numbers and more- are defined as data and keeping them obliges you to comply with GDPR
  • You must inform people of any data you hold and why you are holding it
  • You must keep as little information as you need to fulfil the stated purpose, and for as short a time as necessary
  • You must make any data you hold available on request and allow people to correct or remove any information you hold about them
  • All data must be held securely. You must have a secure website and plans in place to review that security regularly
  • Your website must get user consent to use cookies and other tracking technologies
  • A cookie notice should be added to the website that explains why cookies are being used and how to disable them
  • You must have an up-to-date privacy policy on your website that reflects GDPR standards
  • You need to review any third-party services you use on your websites to ensure that they and any data processors they use are compliant with data protection legislation
  • Website owners must review their processes for any international data transfers where the legislation and protections around data processing are different
  • Websites that are using mailing lists must make sure the correct processes are in place for consent and that people can unsubscribe at any time preferably with one click
  • Website owners should develop a data breach plan and consider how they can alert users within 72 hours of a data breach taking place.

This is a brief review of the GDPR requirements but a reputable website agency will be able to advise you on all aspects of GDPR compliance. They can ensure your site is secure and work with you to create a privacy statement and to ensure visitors are asked to consent to any cookies in use.

Many presbytery and church websites will not be gathering or keeping information about website visitors. However you must check for any data you are holding that may track users and take steps to comply with GDPR. In addition all websites use cookies which place a small amount of data on the device used to access the site. To comply with GDPR all websites must make a privacy statement available to site visitors which details how your website may track their activities and allows people to

opt in and out of the use of cookies and tracking. Consult with your website agency to ensure they have a robust approach to this which will ensure your website is legally compliant.

Retiring websites that are no longer needed

Over the last few years Church reform has meant many churches have united and they no longer need their websites. Some churches have found that when they stop paying for their domain names (their unique website address) these names are purchased by bad actors who then use the traffic that comes to the website to exploit them for financial rewards. In some cases people seeking to reach a particular church congregation have been led to gambling and adult sites.

This can be avoided by continuing to pay the small amount- usually around £12-£15 annually- necessary to retain the domain name. There is no need to continue to pay hosting costs, instead you can put in place a redirect to your current website or Facebook page or to the Presbytery page, which will ensure people reach a Church

address. After a period of time – around five years is ample - you can cease paying for the domain name as it will no longer have value to online scammers. Specific advice is available from the Communications department.

Feedback and Questions

Please direct your questions or feedback to the Communications department.