- In Action
- Knowledge & Resources
- About Us
- News & Events
- Members / Associates
This Privacy Statement sets out what data ITOPF collects, what we collect it for, how we share data and your rights in relation to your personal data.
1. Full contact details:
ITOPF Limited (company no. 9448631)
55 City Road
Telephone: 020 7566 6999
2. What data does ITOPF collect?
2.1 ITOPF collects, uses and processes a range of personal information about you. This may include:
a) Your contact details, including your title, name, address, telephone number and personal e-mail address
b) Marketing and Communications data - such as preferences about the type of marketing material you would like from us or your communication preferences, including the language you would prefer to receive communications in.
c) We may also have details of your family members that you may have provided when signing up to an event.
2.2 ITOPF does not collect, use and process special categories of your personal information, such as:
a) information about your health
b) information about your racial or ethnic origin, religious or philosophical beliefs, sex life and sexual orientation
c) trade union membership
d) information about criminal convictions and offences.
2 .3 Cookies
Users are advised that if they wish to deny the use and saving of cookies from ITOPF's website onto their computer hard drive they should take necessary steps within their web browsers security settings to block all cookies from our website and it's external serving vendors.
For more information on the cookies set by Google Analytics please go to: code.google.com/apis/analytics/docs/concepts/gaConceptsCookies.html.
3 . How do we collect your personal information?
We collect the data through a variety of different methods including when you:
a) Subscribe to our publications
b) Request resources or marketing be sent to you
c) Sign up to one of our events
d) Seek one of our services from us
e) Apply to work with us
f) Apply or tender for one of our awards
g) Provide us with your details as part of networking events
but we don't automatically collect data from our website
3.3 Your personal information may be stored in different places, including in our contacts database hosted by us and an external provider, our memberships database which is held by us, or in ITOPF's IT network drives or other IT systems such as email.
4. Why and how do we use your personal information?
4.1 We will only use your personal information when the law allows us to. These are known as the legal bases for processing. We will use your personal information in one or more of the following circumstances:
a) where we need to do so to perform a contract between us
b) where we need to comply with a legal obligation
c) where it is necessary for our legitimate interests (or those of a third party), and your interests or your fundamental rights and freedoms do not override our interests.
Or when considering marketing and communications materials, events invitations, or for forwarding corporate gifts;
d) where we have your express consent to do so.
The purposes for which we are processing, or will process, your personal information are to:
a) enable us to maintain and run our Membership Database
b) provide services consistent with our strategy and aims.
c) administer the contract we have entered into with you
d) enable you to receive marketing, communications or events information from us or corporate gifts such as diaries.
5. Change of purpose
We will only use your personal information for the purposes for which we collected it. If we need to use your personal information for a purpose other than that for which it was collected, we will provide you, prior to that further processing, with information about the new purpose, we will explain the legal basis which allows us to process your personal information for the new purpose and we will provide you with any relevant further information. We may also issue a new privacy notice to you.
6. Sharing your personal information?
6.1 ITOPF may also share your personal information with third-party service providers (and their designated agents), including:
a) external IT services
b) external auditors
c) professional advisers, such as lawyers and accountants
d) external administrators and data processors
6.2 ITOPF may also share your personal information with other third parties in the context of a potential sale or restructuring of some or all of its business. In those circumstances, your personal information will be subject to confidentiality undertakings.
6.3 We may also need to share your personal information with a regulator or to otherwise comply with the law.
6.4 We may share your personal information with third parties where it is necessary to administer the contract we have entered into with you, where we need to comply with a legal obligation, or where it is necessary for our legitimate interests (or those of a third party).
7. How does ITOPF protect your personal information?
7.1 ITOPF has put in place measures to protect the security of your personal information. It has internal policies, procedures and controls in place to try and prevent your personal information from being accidentally lost or destroyed, altered, disclosed or used or accessed in an unauthorised way. In addition, we limit access to your personal information to those employees, workers, agents, contractors and other third parties who have a business need to know in order to perform their job duties and responsibilities.
7.2 Where your personal information is shared with third-party service providers, we require all third parties to take appropriate technical and organisational security measures to protect your personal information and to treat it subject to a duty of confidentiality and in accordance with data protection law. We only allow them to process your personal information for specified purposes and in accordance with our written instructions and we do not allow them to use your personal information for their own purposes.
7.3 ITOPF also has in place procedures to deal with a suspected data security breach and we will notify the Information Commissioner's Office (or any other applicable supervisory authority or regulator) and you of a suspected breach where we are legally required to do so
8. How long does ITOPF keep your personal information?
8.1 ITOPF will retain your personal information for as long as is necessary to fulfil the purposes for which it was collected and processed.
9. Transferring personal information outside the European Economic Area
9.1 ITOPF may transfer your personal information to countries outside the European Economic Area (EEA). Countries outside of the EEA may not have the same level of safeguards about data security. However, if we do need to transfer your data outside of the EEA we will put in place measures and agreements to do our best to ensure a similar degree of data security.
10. Your rights in connection with your personal information
10.1 It is important that the personal information we hold about you is accurate and up to date. Please keep us informed if your personal information changes, e.g. you change your contact details or if you wish to withdraw consent from receiving certain marketing materials or publications.
10.2 As a data subject, you have a number of statutory rights. Subject to certain conditions, and in certain circumstances, you have the right to:
a) request access to your personal information
b) request rectification of your personal information
c) request the erasure of your personal information
d) restrict the processing of your personal information
e) object to the processing of your personal information
f) request the transfer of your personal information to another party
10.3 If you wish to exercise any of these rights, please contact Lisa Stevens, Information, Communication & Education Manager at ITOPF's address, detailed in section 1.
10.4 Where you have provided your consent to the processing of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. This will not, however, affect the lawfulness of processing based on your consent before its withdrawal. If you wish to withdraw your consent, please contact Lisa Stevens, at the address detailed in section 1.
10.5 If you believe that ITOPF has not complied with your data protection rights, you have the right to make a complaint to the Information Commissioner's Office (ICO) at any time. The ICO is the UK supervisory authority for data protection issues.