Your Privacy Matters
This Privacy Policy sets out in detail the purposes for which we process your personal data, who we share it with, what rights you have in relation to that data and everything else we think it’s important for you to know.
If your company enlists our services, your company and our services may enter into a separate agreement that will govern the processing of all information and data collected in connection with the service, including some data collected through our websites. Such agreement takes precedence over any conflicting provision in this policy.
What is personalised data
Personalised data means any information or pieces of information that could identify you either directly (eg. your name) or indirectly (eg. through pseudonymised data).
What type of information is collected?
- submit an enquiry on one of our website forms, one of our events, on in person at our venues
- register for a course
- request certification from one of our courses or qualifications
- deliver our qualifications
- apply for job vacancies
- engage with us on social media
Why we collect personal information
Beyond these purposes, we process your data only if you have granted express consent for its stated purposes.
As it can take up to 9 months to get from enquiry to enrollment, membership or booking a course, we may continue to communicate with you with the legal basis under GDPR of legitimate interest for this period of time.
You can request for us to stop these forms of communication at any time.
Who has access to your information
Your information may be disclosed to third-party product and service providers working on our behalf, for example to process payments or delivering email newsletters. These service providers, subcontractors and other associated organisations only have access to the information necessary to deliver the service we have hired them to provide.
Data processing agreements are in place to ensure all of our third-party providers and suppliers do their utmost to keep your information safe and secure and do not use it for their own marketing purposes.
Some of our suppliers run their operations outside the European Economic Area (EEA) – this may include a country which may not be subject to the same data protection laws as companies based in the UK. In these circumstances, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law, and appropriate safeguards are in place.
Payment details are processed by a third-party provider who specialise in securely capturing and processing this type of information. This information is encrypted and is not stored by us on any of our systems or networks.
Legal and safety reasons
Advertising and remarketing
The techniques our partners employ do not collect personal information such as your name, email address, postal address or telephone number.
We are also using Facebook to track conversions. This doesn’t track people’s personal data and is only used to inform marketing.
Cookies
Technical and organisational data protection
While we take use reasonable precautions to protect your personal information, we cannot guarantee the absolute security of your data submitted through our websites.
Rights
How can you contact us?
admin@bisma.org
Data Protection Notification
The Information Commissioner’s Office (ICO) maintains a public register of organisations that use personal data.
Each organisation is obliged to notify the ICO with details of the types and purposes of personal data it processes.
Policy review
This policy is subject to review. Last updated July 2019.