By ensuring complete transparency and compliance regarding the data protection legislation, impact solutions are committed to treating everyone fairly and openly. We advise that you take the time to read this policy before providing any personal details as this clarifies exactly how we will use your personal details and your rights under this legislation.
Any enquiries regarding data protection should be made to firstname.lastname@example.org.
The confidentiality and security of your data has always been central to Impact’s beliefs. The General Data Protection Regulation (GDPR) helps to regulate how organisations such as ourselves use your personal data. We have completed reviews to ensure that your data is held only for legitimate reasons and securely within our systems as well as, if applicable, by our suppliers. This policy is intended to meet the transparency requirements of the GDPR legislation, and ensures that all staff and management are aware of the scope of GDPR. We have enhanced our processes to ensure compliance with the new requirements and we will continue to do through testing and reviewing this, at a minimum, annually.
Impact Solutions understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all our customers and will only collect and use personal data in a way that is consistent with our obligations and your rights under law.
How Your Information is Collected and Used
Where an industrial partner or customer is in any way associated with impact or have previously requested information from impact, personal data is held for the following:
• Administrative and financial management purposes.
• Collaborative research purposes.
• Database Management.
• Effective communication.
Categories of information processed by impact:
• Information about your identity, including first name, last name, title, date of birth, and gender.
• Contact information, including billing address, delivery address, email address, and telephone numbers.
• Financial information of member organisations, including bank account details, payment card details, and shareholdings.
• Transaction information, including details about payments to and from you, and other details of services you have received from us.
• Technical information, including internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
• Usage information, including information about how you use our website and services.
• Marketing and communications data, including your preferences in receiving marketing from us and our third parties, and your communication preferences.
• Personal information, including information about attending events and meetings.
We may also collect information:
• From publicly accessible sources.
• Directly from third parties who deliver services on our behalf.
• From third parties, with your consent.
• From consultants and other professionals we may engage in relation to our contract with you.
• From your employer or professional body.
• Via our information technology (IT) and other systems.
How we will use your personal details
We will keep your personal information private and secure. We will not sell, rent, share, or otherwise disclose your personal information to anyone except as necessary to provide our services.
Access to your personal data is restricted to limited employees. Should any of the information we hold become out-of-date or need updating please contact us at email@example.com
Purpose for Processing Information
In general terms, impact collects and uses personal information about you to:
• Deliver its services and meet its legal responsibilities.
• Verify your identity, where this is required.
• Contact you by post, email, or telephone.
• Keep you up-to-date with impact events and services.
• Broadcast news relevant to the IB community.
• Provide information regarding career and funding opportunities, project call details, and third party events.
• Understand your needs and how they may be met.
• Provide joined-up services to you.
• Process financial and non-financial transactions.
• Maintain our records.
• Carry out and provide research.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
• Where we are carrying out our statutory functions.
• Where we need to perform the contract we are about to enter in to, or have entered into with you: for example, providing you with testing, research, or analysis.
• Where we need to comply with a legal or regulatory obligation.
• For our legitimate interests.
• Where you have given us consent.
Generally, the information we collect is only used for the purpose for which you submitted it to us, for any purpose made clear to you at the point it was collected, or here in this Privacy Notice. These purposes may include:
• When we assess your enquiry for projects, the personal data you give us is used to process your application and to assess eligibility. This information may be shared with third parties, such as the enterprise agencies.
• When we or third parties contracted to undertake services on our behalf, including event management companies, we will use your personal data to provide you with details, tickets, and entry information and to verify your attendance.
• When providing you with reports and research information, we use your contact details.
• When we prepare research and statistical information about impact.
• When you subscribe to receive communications and other updates from us, we use your personal data to provide communications and information about topics that you have expressed an interest in.
• When you contact us through our website, email, or telephone, your information is used in order to respond to your enquiry.
• If you have a complaint, we use your personal information as part of dealing with that complaint.
• When marketing our services to you.
We may have to share your personal data with the following parties for the purposes set out in this notice, or to fulfil our contractual services with you:
• External third parties.
• Third party product and service providers.
• Financial and non-financial intermediaries.
• Educational institutions.
• Research organisations.
• Funding bodies.
• Events organisations.
How Long We Will Retain Your Information
We will not retain your personal information longer than necessary. We will hold onto the information you provide either while your account is in existence, or as needed to be able to provide services to you for as long as is necessary, as long as we have valid consent.
You have the right to:
• find out what personal data we process about you and obtain a copy of the data, free of charge, within one month of your request. We may make a charge for additional copies of the same information.
• ask us to correct inaccurate or incomplete data.
• withdraw consent to process your personal data at any time, if you were asked for and provided consent.
Under certain conditions you also have the right to ask us to:
• restrict the use of your data, e.g. if you have raised issues about the accuracy or use of your personal data, until we have investigated and responded to your concerns.
• erase your information or tell us to stop using it to make decisions about you.
• comply with your wishes where you have previously agreed to us processing your data for a particular purpose and have withdrawn your consent to further processing.
• provide you with a portable electronic copy of data you’ve given us. Please contact us if you wish to exercise/enquire about any of these rights.
If you think we are acting unfairly or unlawfully you can:
- object to the way we are using your data by contacting our Data Protection Officer at: firstname.lastname@example.org