This privacy notice is in two parts.
Part 1: Under the Data Protection Regulations we are required to update the data protection references in our database in the case of individual members, provide certain details regarding the chapter and collection and use of your personal data. This is set out in more detail below.
Part 2: The second part sets out, in relation to information we collect from this Site, the practices we follow to respect the privacy of all visitors.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, fill out a form or enter information on our site.
Part 1
ICAI (UK) here in after referred to as “the chapter”, takes the safeguarding of your personal data very seriously. This privacy notice describes how the Chapter meets its obligations under the General Data Protection Regulation as well as the Data Protection Act 2018 (UK) . Our Data Protection Office (DPO) can be contacted at dpo.icaiuk@gmail.com
What are your rights?
If at any point you believe the information we process on you is incorrect you can request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact our Head of Privacy who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
Unless otherwise agreed with you, we will only collect basic personal data about you, which does not include any ‘sensitive personal data’. This information does, however, include the likes of your name, work address, email address and job title.
A full list of your rights under GDPR is as follows:
- The right to access the personal data we hold on you
- The right to correct and update the personal data we hold on you
- The right to have your personal data erased
- The right to object to processing of your personal data
- The right to data portability
- The right to withdraw your consent to the processing at any time for any processing of personal data to which consent was sought.
- The right to object to the processing of personal data where applicable.
- The right to lodge a complaint with the Information Commissioners Office. You can contact the Information Commissioners Office via email, or at the Information Commissioner’s Office, Information Commissioner’s Office Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Data Collection
We need to know basic personal data in order to provide you with our membership services, and to claim our right to be paid in return for our services. If you do not provide this information then we will be unable to provide the services you have requested. We will not collect any personal data from you that we do not need in order to provide and oversee the services we have agreed to provide you with.
Use of Data
All the personal data we hold about you will be processed by our executive member committee in the United Kingdom and no third parties will have access to your personal data unless there is a legal obligation for us to provide them with this. We have set out below the legal bases for the Chapter to process your data.
We may process data if it is necessary for the performance of a contract with you, or to take steps to enter into a contract. An example of this would be processing your data in connection with providing you with services.
We will also communicate with you information about other services we can offer you and update you about our activities.
Where your information is used other than in accordance with one of these uses, we will first obtain your consent to that use.
We take all reasonable steps to ensure that your personal data is processed securely and more information on this can be found on our website.
How long we keep it
We will generally keep your personal data for a minimum of 6 years, after which time it will be destroyed if it is no longer required for the lawful purpose(s) for which it was obtained. If you consent to marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information.
Sharing your personal data
Your personal data will only be shared with third parties including other data controllers where it is necessary for the performance of the data controllers’ tasks or where you first give us your prior consent. It is likely that we will need to share your data with
- other group members in the same group as the Chapter (each will be a separate legal entity and will be responsible to you as a data controller);
- Our agents, suppliers and contractors. For example, we may ask a supplier to send out newsletters on our behalf, or to maintain our database software, or to provide us with administration, IT and other related services;
Any personal data transferred to countries or territories outside the European Union will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union.
Part 2
At the Chapter, we have focused on implementing fair information practices that are designed to protect your privacy. If you have questions or you do not feel that your concerns have been addressed in our privacy statement, or you just want to talk with us, feel free to contact us by email at dpo.icaiuk@gmail.com
Data Collection
We collect personally identifiable information that is voluntarily provided by visitors to this Site (User Data). The User Data that the Chapter receives from Site visitors includes name, title, address, email address, screen name, telephone and fax numbers, and any other information provided by visitors in email messages or attachments thereto.
Typically, User Data is collected in order to assist visitors to:
- register for certain events published on the Site
- distribute requested reference materials
- contact us for further information
- enter quick surveys, quizzes, or benchmarking surveys
It is the Chapter’s policy to limit the information collected to only the minimum information required to complete a Site visitor’s request.
The Chapter’s intention is not to seek any sensitive information through our Site unless legally required for recruiting purposes. Sensitive information includes a number of types of data relating to race or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life, or criminal record.
Third Parties
It is the Chapter’s policy only to disclose User Data to third parties under the following circumstances:
- when explicitly requested by the visitor
- when required to deliver publications or reference materials requested by the visitor
- when required to facilitate conferences or events hosted by a third party
Categories of third parties that the chapter may share personally identifiable information with include federal, state, and local government entities and other members of ICAI and its networking’s Chapter This Site does not collect or compile personally identifying information for dissemination or sale to outside parties for consumer marketing purposes, or host mailings on behalf of third parties.
Use of Cookies
A cookie is a tiny element of data that a website can send to a visitor’s computer’s browser so that this computer will be recognised by the site on their return. Cookies allow our web server to recognise a computer on connection to the Site, which in turn allows the server to make downloading of pages faster than on first viewing. In addition, cookies may also be used by us to establish statistics about the use of the Site by Internet users by gathering and analysing data such as: most visited pages, time spent by users on each page, site performance, etc. By collecting and using such data, we hope to improve the quality of the Site.
The data collected by our site or through cookies that may be placed on your computer will not be kept for longer than is necessary to fulfil the purposes mentioned above. In any event, such information may not be kept for longer than one year.
Navigation data about site viewers is automatically collected by our servers. If you do not wish to have this navigation data collected, we recommend that you do not use the Site. A visitor can also set their browser to block the recording of cookies on their hard drive to minimise the amount of data that may be collected about your navigating on the Site. The browser on a computer can be set to notify the user when a cookie is being recorded on their computer’s hard drive. Most browsers can also be set to keep cookies from being recorded on their computer. However, for optimal use of the Site, we recommend that visitors do not block the recording of cookies on their computer.
Cookies used on the Site are only active for the duration of the visit. Cookies used on this site are not stored on visitor’s computer once you have closed your web browser. Information generated by the use of cookies may be compiled into an aggregate form so that no individual can be identified.
For more information about cookies, please see the Information Commissioner’s website home page or the Interactive Advertising Bureau.
A visitor may choose to not receive a cookie file by enabling your web browser to refuse cookies. The procedure for refusal of cookies may vary for different software products. Please check with your internet browser software help or your software supplier if you wish to refuse cookies.
Transfer of User Data outside the User Jurisdiction
The Internet is a global environment. In order to provide the Site we may need to transfer User Data to locations outside the jurisdiction in which a visitor is viewing the Site (the User Jurisdiction) and process User Data outside the User Jurisdiction. If the User Jurisdiction is within the European Economic Area (the EEA) please note that such transfers and processing of personal data may be in locations outside the EEA. Any data sent or uploaded by users may be accessible in jurisdictions outside the User Jurisdiction (including outside the EEA). The level of data protection offered in such jurisdictions may be less than that offered within the User Jurisdiction or (as the case may be) within the EEA.
Third-party Links
There are several places throughout this Site that may link to other Websites that do not operate under the Chapter’s privacy practices. When visitors link to other Websites, the Chapter’s privacy practices no longer apply. We encourage visitors to review each site’s privacy policy before disclosing any personally identifiable information.
Choices
As a policy, visitors are not required to register to gain access to this Site. Personally identifiable information provided to ICAI (UK) Chapter through this Site is provided voluntarily by visitors. Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions on the appropriate Website area or in communications to our visitors; or a visitor may contact the Chapter at dpo.icaiuk@gmail.com
Access
Each visitor has the right of access to personal data they have submitted through this Site.
User updates of information should be handled by going back through the registration process. Enquiries about the accuracy of identifying information previously submitted, or requests to have information removed, should be directed to dpo.icaiuk@gmail.com
Consent
By continuing to use the Site and by providing any personal data (including sensitive personal data) to us via the Site or email addresses provided on the Site, visitors are consenting to our use of your personal data as set out in this Privacy Policy. Please do not send us any personal data if you do not want that information to be used by us in this manner.