CECOPS’ privacy notice

Introduction

We believe it is important to respect the privacy of individuals, and to make only safe and ethical use of the information that we collect and hold.  This privacy notice explains how we collect and use personal data, what we do to protect this information, and your rights.

 

What information do we collect?

Personal data is defined as information which directly or indirectly identifies an individual. We collect personal data when a person or an organisation wants to enter into a contract with CECOPS, or accesses one of our services. This includes signing up to our newsletter, applying to register with us, purchasing one of our publications, applying to attend a training course or event, applying to become accredited, filling in an online contact form, applying to join our online forum, linking with us on social media, contacting us by email, post or telephone.

 

The data we collect depends on what type of contact you make with us, and may include any of the following:

 

  • Name
  • Job Title
  • Organisation an individual works for
  • Business Address (or personal address if you give this to us)
  • Email address (business or personal, if you give this to us)
  • Phone number (business or mobile)
  • Social media links

 

How do we use personal information?

We use personal information for the purposes of fulfilling our contract with you, including providing publications or services, setting up your registration with us, managing your accreditation, billing and administration. We also use it for delivering events communications, internal research and marketing purposes.

From time to time we may send you an e-newsletter to keep you up to date with services which may interest you. You can unsubscribe from these at any time by clicking on the unsubscribe link.

Where an organisation has applied to join our online register, some of the information which appears on our website may identify an individual, such as a contact name and email address, and therefore constitutes personal data. Where an individual applies to join our online register, some personal data will necessarily be displayed on our website. We will always obtain your express consent before displaying any personal data on our website, and you have the right to request that this data is altered or removed at any time.

What legal basis do we have for processing your personal data?

 

We use the following lawful reasons to obtain and use your personal data:

Contractual Obligation                                                                                  

We use your information to fulfil our contract with you, for example to supply services or publications, or to send you invoices.

 

Legitimate Interest

As a professional regulator of assistive technology services with a stated aim of improving service quality, it is in our legitimate interest as part of running our business to use your data to contact you about our services, and to provide information and support to individuals and organisations in the assistive technology service space.

Consent

We process personal data where you have given consent for us to do so, for example by signing up to our newsletter. You are entitled to withdraw consent at any time.

 

How long do we keep your personal data for?

Any personal data we have collected remains within our electronic recording systems for as long as is necessary to fulfil the purpose for which it was collected. Where an individual withdraws consent for us to contact them, their personal information will be erased permanently from our electronic systems.

 

Where do we store personal data?

All personal data we collect is stored electronically on our secure server, or on the secure server of the 3rd party organisation which hosts our CRM system. We do not transfer data outside the European Economic Area.

 

How do we secure personal data?

We use a combination of physical security and technical data security measures to secure personal data which we hold. This includes securing the premises appropriately; the use of passwords to access devices, files or programmes; shredding of paper-based data; encryption of data. Employees who come into contact with personal data have obligations to adhere to our policies, and have been appropriately trained.

Although we will take all reasonable steps to protect your personal data, because of inherent insecurities in the transmission of data via the internet, we cannot take responsibility for the security of personal data which you submit to us by email or via our website.

When do we share personal data?

We treat personal data as confidential, and do not share it with any other organisation, except where we use subcontractors or 3rd parties to provide any of our services or handle any of our business processes. This may include:

  • Our website designer may have access to personal data for the purpose of maintaining our website.
  • The company which we contract to carry out accreditations for us will be given access to such personal data as is needed to fulfil this service.
  • Freelance professionals, such as trainers contracted to provide training courses, or event managers, will have access to some personal data of course/event delegates.

 

Any 3rd parties or subcontractors which we use are required to maintain confidentiality of personal data which they have access to during the performance of their duties.

 

Links to other websites

If you follow a link from our website, www.cecops.org.uk,  to a website owned by another organisation, that website will have its own privacy policy. We recommend that you check these policies before giving your personal information. We cannot accept responsibility for any other website even if you follow a link from www.cecops.org.uk.

 

Your rights in relation to personal data

You have various rights in relation to your personal information. These rights are as follows:

 

  • request access to your personal information – you can request a copy of the personal information we hold about you;
  • request correction of your personal information – if any personal information we hold about you is incorrect, you can request to have it corrected;
  • request erasure of your personal information– you can ask us to delete your personal information from our systems;
  • object to processing or restrict processing of your personal information– you may object to our processing of your personal data in certain circumstances;
  • request the transfer of your personal information– to provide you, or a third party you have chosen, with your personal information; and
  • withdraw consent where we’re relying on consent to process your personal information– if you withdraw your consent, we may not be able to provide certain products or services to you. We’ll advise you if this is the case at the time you withdraw your consent.

 

To exercise your rights in relation to your personal information, please email info@cecops.org.uk.

How you can contact us

If you have any questions about our privacy policy, or you wish to make a complaint, please contact us as shown below:

 

Email: info@cecops.org.uk

Post: Data Control Team, CECOPS, 71 Church Street, Great Missenden HP16 0AZ

 

If you are not satisfied with how we deal with your complaint, you have the right to lodge a complaint with the Information Commissioners Office. They can be contacted at: ICO, Wycliffe House, Water Lane, Cheshire, SK9 5AF. You can also contact them by telephone on +44 (0)1625 545 745 or via their website at www.ico.org.uk