Privacy

CIPFA has created this privacy statement in order to demonstrate our firm commitment to privacy.

Agreement with this policy is required if you provide information about yourself to us, use our website or make use of CIPFA products and services.

The privacy policy may be updated from time to time and if we make material changes to it, we will provide notice through our services, or by other means, to provide you the opportunity to review the changes before they become effective. If you object to any changes, you may amend how we contact you through the communications preference centre.

You acknowledge that your continued use of our Services after we publish and send a notice about changes to this Privacy Policy means that the collection, use and sharing of your personal data is subject to the updated Privacy Policy.

1. Data we collect

Data you provide to us

Website registration

To register on the website you need to provide data which may include your name, email address, mobile number, job title, workplace and either your workplace or home address and a username and password.

Student membership application

To apply for student membership you need to provide data which may include your name, date of birth, ethnicity, email address, mobile number, telephone number, job title, workplace address, home address, qualifications, membership of other professional bodies, referees, invoice address details, training manager/s name.

CIPFA membership application

To apply for membership you need to provide data which may include your name, date of birth, ethnicity, email address, mobile number, telephone number, job title, workplace address, home address, qualifications, membership of other professional bodies, referees, invoice address details.

Product and event/course booking

To purchase a product or book an event or course you need to provide data which may include your name, email address, mobile number, telephone number, job title, workplace address or home address invoice contact and address details.

Professional Qualification (PQ) course, exam and exemption registration

To register for a PQ course, exam or exemption you need to provide data which may include your name, email address, mobile number, telephone number, job title, workplace address, home address, qualifications, membership of other professional bodies, referees, invoice contact and address details, and name of training manager.

Subscription purchase

To purchase a subscription you need to provide data which may include your name, email address, mobile number, telephone number, job title, workplace address invoice contact and address details and name, job title, organisation and address details of the subscription key contact and name, job title, organisation and address details of the contacts in the organisation that can authorise use of pre paid places.

Data from your workplace or professional organisation

Your workplace or professional organisation, as part of a contract or subscription with CIPFA, may provide CIPFA with the following information: your name, the organisation you work for, your job title, email, address, phone and mobile numbers, education and qualifications and other memberships, for example as part of a Memorandum of Understanding to enable CIPFA membership or as part of a network subscription service that your organisation has purchased to allow staff access to best practice information, training course notifications and updates.

Data from third parties

Where permitted, CIPFA may collect your personal information from third parties and publicly available sources such as websites and professional registers. For example, as a finance director of a public body your contact details may appear on your corporate website and CIPFA may use these details to provide you with non-marketing information regarding public sector finance best practice guidance or other regulatory information.

Service use

We log usage data when you visit or use our Services, including our web sites, such as when you view or click on content (e.g watch a learning video or download a publication), perform a search, post in a forum or submit data via a form. We use log-ins, cookies, and internet protocol (“IP”) addresses to identify you and log your use.

Cookies

As further described in our “Cookie Policy” we use cookies and similar technologies (to recognize you and/or your device(s) across different Services. You can control cookies through your browser settings and other tools. You can also opt-out from our use of cookies when you visit our websites and by changing your browser settings.

2. How do we use your data?

CIPFA holds personal information and data collected in order to fulfil a variety of purposes:

  • to provide and help develop products, services and activities to meet our obligations as a registered charity and for use in direct marketing
  • to facilitate payment for memberships, training, examinations, and other services
  • to enable CIPFA to make payments to members, suppliers and associates – for example for expenses and fees
  • to validate credentials for example to access restricted areas of websites;
  • to help us communicate relevant information
  • to present relevant content on websites, to monitor progress on training programs and determine the effectiveness of promotional campaigns and advertising
  • to comply with legislative and regulatory requirements
  • to profile and anticipate your interests and potential needs
  • to control access to network and information systems security and prevent fraud.

Services

We use your personal data to ensure that we deliver products and services to you as outlined in student, membership and subscription contracts that you or your organisation may have with CIPFA

Stay informed

We use your personal data to ensure that you are informed of changes to products, services and student[?], membership and subscription services that you or your organisation may have with CIPFA.

Communications

Depending on the choices you make in the preference centre, we may contact you by email, phone or by notices posted on our websites. We will send you messages about the availability of our Services, security, or other service-related issues. We also send promotional messages. You may change your communication preference in MYCIPFA at any time. Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices.

Marketing

We use your personal data for relevant targeted communications to you promoting our services. You may change or opt in and out of these in MYCIPFA at any time.

Developing services and research

We use data, to conduct research and development for the further development of our Services in order to provide you and others with a better, more intuitive and personalized experience, drive membership growth and engagement on our Services, and help promote public financial management.

Customer services

We use the data to investigate, respond to and resolve complaints and improve customer service (eg system bugs or customer enquiries).

Security and investigations

We use data for security, fraud prevention and investigations.

3. How do we share your information?

Compliance with legal and regulatory authorities

We may provide your data to regulatory and government organisations, for example professional oversight bodies.

Providing relevant information to your employer/sponsoring bodies about your participation and progress in professional training and development

This information is only supplied to your employer and sponsoring body as part of an agreed contract with you; for example, sharing your exam results with your designated training manger or your contact details and responses as a contributor to the FM model survey.

Where other organisations are commissioned by CIPFA

This includes the provision of specific activities to support the delivery of products and services such as journal distributors, mailing houses, and local branch officers acting on behalf of CIPFA.

Members

  • To provide relevant information to your employer/sponsoring bodies about your participation and progress in professional training and development as agreed by you.
  • Where other organisations are commissioned by CIPFA to provide specific activities to support the delivery of your membership service. These include:
    1. Redactive as the publisher of Public Finance magazine and Public Finance International
    2. Parliament Hill as the provider of the CIPFA rewards website
    3. Chartered Management Institute as the provider of the Management Direct website.
  • To comply with legal and regulatory authorities including your listing in the Members Directory.

Students

  • To provide relevant information to your employer/sponsoring bodies about your participation and progress in professional training and development as agreed by you.
  • Where other organisations are commissioned by CIPFA to provide specific activities to support the delivery of your membership service. These include:
    1. Parliament Hill as the provider of the CIPFA rewards website
    2. Chartered Management Institute as the provider of the Management Direct website
    3. Callibrand as the provider of the examination platform
    4. CAPDM as the provider of the Moodle Elearning platform
    5. Proctor U as the provider of remote invigilation
    6. Go to Meeting as the provider of webinar platform
    7. PQ magazine
  • To comply with legal and regulatory authorities this includes your listing in the Members Directory www.cipfa.org/members/members-directory.

Subscribers

  • To provide relevant information to your employer/sponsoring bodies about your participation in services covered by the subscription.
  • Where other organisations or individuals are commissioned by CIPFA to provide specific activities to support the delivery of your subscription service. 
    1. Deloitte – Tax Advisory Service
    2. TechnologyOne - Accounts Closedown

Your choices, rights and obligations

How long do we keep hold of your information?

CIPFA will only hold your personal information for as long as is necessary to fulfil specific business processes.

Your rights to access and control your personal data

We provide many choices about the collection, use and sharing of your data, from deleting or correcting data you include in your profile to communication controls. We offer you settings to control and manage the personal data we have about you by changing your details in MyCIPFA and updating your settings in the communications Preference Centre. For personal data that we hold about you, you may:
  • Delete data: ask us to delete your data if it is no longer required for the purpose for which it was collected or because you object to our processing in circumstances where we do not have an overriding legitimate interest to process your data
  • Correct data: request that we edit some of your personal data through your account. You can also ask us to change, update or fix your data in certain cases, particularly if it is inaccurate.
  • Limit or restrict use of your Data: ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., if your personal data is inaccurate or unlawfully held).
  • Right to access: ask for a copy of your personal data and a description of our processing.
  • Right of data portability: ask for a copy of your personal data to be transferred in machine readable form to another data controller.
  • Object to automated decision-making: ask us to stop using your data for profiling purposes or for use in automated decision-making processes.
  • To exercise your rights contact CIPFA's Customer Services Team

    You may also lodge a complaint about CIPFA’s use of your personal information with CIPFA’s Customer Services Team or the Information Commissioners Office

    To find out more how CIPFA is meeting GDPR requirements read our GDPR compliance statement

    Updated 18/05/2018