|
ISKO UK Privacy Policy Who are we? ISKO UK is the UK Chapter of ISKO, the International Society for Knowledge Organization. We are a not-for-profit scientific/professional association dedicated to promoting the theory and practice of Knowledge Organization. This privacy policy sets out what information we collect and why and how we use that information. It concerns ISKO UK members as well as non-members, including registrants to ISKO UK events. What type of information do we collect? We may collect and process the following information:
Most of the personal information we process is provided to us directly by you when:
Under the General Data Protection Regulation (GDPR) and the Data Protection Act, 2018, the lawful bases we rely on for processing this information are: (a) Your consent. Where other legal bases do not apply, we will ask for your explicit consent to process your personal data. You are able to withdraw your consent at any time. You can do this by contacting secretary@iskouk.org (b) Contract fulfilment. When we need to fulfil contracted services such as membership benefits, events, publications and information services, we will process your personal data to enable us to provide the services in question (c) Legitimate interest. Where it is in ISKO UK’s legitimate interests to inform you of services and events that may be of interest following attendance at an ISKO UK event or purchase of a publication, we will use contact details gathered in order to provide the original service. What do we do with your personal data? We use the information that you have given us in order to:
Who do we share your data with? We do not share non-members’ data with anyone. We share members’s data with:
How do we store your information? Your information is securely stored in databases held in the ISKO UK website. Members’ information is also stored in the Membership Management System (MMS), which gathers personal data of members of all chapters of ISKO. We keep your personal information and contact details for the duration of your membership to ISKO UK and for a two-year period of lapsed membership. We will then delete your data from the ISKO UK membership database and from the Membership Management System at the international level. What are your data protection rights? Under data protection law, you have rights including:
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Responsibilities The ISKO UK website may contain links or point to other websites operated by third parties under different privacy practices, for which we are not responsible Overall and final responsibility for data protection lies with the office bearers of the ISKO UK Executive Committee, who are responsible for overseeing activities and ensuring this policy is upheld. We will endeavour to keep personal data secure. In the event of a data breach, we will endeavour to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone’s personal rights or freedoms will be reported to the Information Commissioner’s Office within 72 hours of our becoming aware of the breach. If the breach is likely to have a negative impact on individuals whose data has been breached, they will be informed in a timely manner. To uphold this policy, we put in place a set of internal data protection procedures for our committee and volunteers to follow. Complaints and data access requests If you wish to complain about the way in which your data is kept or processed or wish to make a subject access request, please contact the Secretary of ISKO UK: secretary@iskouk.org
|