Privacy Policy

What we do with your personal data

We process personal data only for the purpose for which they are collected. The purpose is dependent on whether you use only our website, or additionally, whether you use our services. If you use our services you are required to register and we collect your personal data. We use this personal data for the provision of the service or the performance of the contract. We may use your personal data for related purposes, including marketing and communications, but that will only occur in the case we have your consent or another legal justification for doing so. From our Clients we process and retain personal data for the following purposes and periods, with the applicable legal basis.

From our members and email subscribers we process and retain personal data for a period of up to 7 years for the following purposes: communications and marketing; provision of events; contact management; and identity verification.

What personal data do we collect?

The personal data we collect depends on whether you just visit our website or use our services too. If you visit our website, you do not need to provide us with any personal data. However, your browser transmits some data automatically, such as the date and time of retrieval of one of our web pages, your browser type and settings, your operating system, the last web page you visited, the data transmitted and the access status, and your IP address. If you use our services, personal data is required to fulfil the requirements of a contractual or service relationship, which may exist between you and our organisation.

We collect:
•    Banking details
•    Confidential correspondence
•    Digital Images
•    Email addresses, social networks
•    Financial details (for processing online payments)
•    Job title
•    Location information
•    Name
•    Photographs, together with Identifiers
•    Telephone contact details

Who might we share your personal data with?

To maintain and improve our services, your personal data may need to be shared with or disclosed to service providers, other Controllers or, in some cases, public authorities. We may be mandated to disclose your personal data in response to requests from a court, police services or other regulatory bodies.  Where feasible, we will consult with you prior to making such disclosure and, to protect your privacy, we will ensure we will disclose only the minimum amount of your information necessary for the required purpose.

We will not share your information except:
1.    Where you have given your consent.
2.    Where we are required to do in order to provide you agreed services.
3.    Where we are required by law to do so
4.    With third parties providing services to us, and agents and sub-contractors acting on our behalf.
5.    With debt collection agencies.
6.    In anonymised form as part of aggregated data shared with third parties.
7.     Where permitted by law, where it is necessary for our legitimate interests or those of a third party and are not inconsistent with the above purposes.

The third parties currently providing services to us that involve storage of personal data include Xero (Cloud-based accounting software), MailKitchen (email communications), Umbraco (website login-based members' area), Eventbrite (event bookings) and Dropbox (Cloud-based document storage). We are also using Freelists.org for email communications, but this service has its own consent process for list subscribers.

How do we look after personal data?

We limit the amount of personal data collected only to what is fit for the purpose, as described above. We restrict, secure and control all of our information assets against unauthorised access, damage, loss or destruction whether physical or electronic. We retain personal data only for as long as is described above, to respond to your requests, or longer if required by law. If we retain your personal data for historical or statistical purposes we ensure that the personal data cannot be used further. While in our possession, together with your assistance, we try to maintain the accuracy of your personal data.

What are your rights and how can you access your personal data?

You have the right to request access to any of your personal data we may hold. If any of that information is incorrect, you may request that we correct it. If we are improperly using your information, you may request that we stop using it or even delete it completely. If you would like to make a request to see what personal data of yours we might hold, you may make a request from our company website. Where you have previously given your consent to process your personal data, you also have the right to request that we port or transfer your personal data to a different service provider or to yourself, if you so wish. Where it may have been necessary to obtain your consent to use your personal data, at any moment, you have the right to withdraw that consent. If you withdraw your consent, we will cease using and holding your personal data without affecting the lawfulness of processing based on consent before your withdrawal.

Our Supervisory Authority

You have the right to lodge a complaint with any Supervisory Authority. See our Supervisory Authority contact details below:

Information Commissioner’s Office
Water Lane
Wycliffe House
Wilmslow
Cheshire
SK9 5AF
Email: international.team@ico.org.uk
Telephone: +44 1625 545 745
www.ico.org.uk