Privacy Policy

  1. About this Notice

Please take the time to read this notice carefully.

The Council of Foreign Chambers in the UK (The CFCC) recognises that protecting Personal Data, including special categories of data (sometimes referred to as sensitive Personal Data), is very important to you.

We have published this document to clearly outline, in a transparent way, how we will collect, use, store, protect and retain your Personal Data.

 

  1. Definitions

Data Protection Laws means (i) any applicable legislation in force from time to time which implement European Community Directive 95/46/EC and Directive 2002/58/EC and (ii) the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and any applicable legislation in force from time to time which implement the GDPR and any amendments, revisions or replacement in respect of the foregoing, including the Data Protection Act 2018 and the UK GDPR;

“Personal Data”, “Data Subject”, “Processing”, “Data Controller”, Supervisory Authority and “Data Processing” shall have the same meaning ascribed to them under applicable Data Protection Laws.

 

  1. Data Controller

For the purposes of Data Protection Laws, the CFCC is the Data Controller for Personal Data in scope of this notice.

Identity of the Data Controller

The Council of Foreign Chambers in UK

5 Upper Montagu Street

London, W1H 2AG England

 

  1. Data Protection Officer

The CFCC has not appointed a Data Protection Officer but has a data protection team that can be contacted in relation to any data protection queries. The privacy team can be contacted at: info@ciccgb.uk

 

  1. Personal Data We Collect (What, How, Why)

Save for employee (including interns) related data processing, the CFCC does not process special categories of data.

The CFCC may collect and process the following data about you:

  • When you become a member
  • When you contact us using one of our online forms
  • When you sign up for our email newsletters
  • When you engage with us on social media
  • When you contact us by any means with queries, complaints, etc
  • When you register or attend one of our meeting or hosted events

Categories of Data

a.    Individuals

  • Identification Data including
    • Name, address, contact details, date of birth
  • Financial Data
    • Billing Address
  • Employment and Recruitment Details
    • CVs
    • Other information related to work employees during the course of employment e.g. HR file
  • Electronic data
    • Email address

b.    Businesses

  • Company/Details of Business, including business type, address, business history, contact details
  • Owners/Director’s and Employee Personal Details: including, names address, contact details, date of birth,
  • Electronic data: Email address and IP address

 

Source of Data

a.    CFCC Members

  • Enquiries relating to prospective membership
  • Membership forms (electronic and paper)
  • Emails
  • Business Cards

b.    CFCC Newsletter Subscribers

c.    Website registration

d.    Job Applicants

e.    Employees

f.    CFCC Hosted and Other Events

  • Business Cards
  • Forms

g.    Day to Day Business Administration Activities

  • Contracting with service suppliers to the CFCC
  • Communicating and meeting with international businesses, professionals, and organisations

 

  1. Who do We Share Personal Data With?

For the ongoing management of our business and for business operation, we may share your data with the following recipients:

  • IT companies who support our website and business applications
  • Other Chambers of Commerce , trade organisations and similar institutions
  • Event Organisers
  • Travel Agents
  • Hotels
  • Airlines
  • Government and State Agencies
  • Service Suppliers

 

  1. Lawful Basis for Processing Personal Data

Members:

  • Consent
  • Necessary for the Performance of a Contract
  • Legitimate Interest

Staff

  • Consent
  • Necessary for the Performance of a Contract
  • Legal Obligation

Website Visitors

  • Consent

UK and international businesses, professionals, and organisations

  • Consent
  • Necessary for the Performance of a Contract
  • Legitimate Interest

Note: You have the right to withdraw your consent at any time for any processing activities that you have consented to.

Marketing Consent

In certain situations, we may obtain, collect, and process your Personal Data to send you marketing communications. We will only send you such materials if you have consented and in accordance with your preferences for receiving marketing communications. You may withdraw your consent at any time by contacting us at info@ciccgb.uk

  

  1. Your Data Protection Rights

 

You have data rights, which allow you to address any concerns or queries regarding the processing of your Personal Data. Please contact us if you have any queries in relation to your rights.

You have the following rights (subject to limitations depending on the processing).

  • Access
  • Rectification
  • Erasure
  • Restriction
  • Objection
  • Portability

We will respond to your request within 1 (one) month of receipt of your request.

All your rights may be exercised freely and at no cost.

 Please contact info@ciccgb.uk For more information.

 

  1. Enforcing Your Data Protection Rights

If you feel that the processing of your Personal Data is not in line with our data protection obligations, you can complain to a Data Protection Supervisory Authority. The CFCC is registered as a Data Controller with the Information Commissioners Office (ICO).

 

Information Commissioner’s Office,

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, UK

www.ico.org.uk

+44 0303 123 1113

 

  1. Security of Processing

We have implemented technical and organisational measures to ensure the security of your personal data. This includes technical measures such as encrypting data in transit and at rest, anti-virus, access controls and firewalls. We also require our vendors to implement robust security measures to ensure the safety of personal data.

 

  1. Data Retention

The CFCC will only retain your Personal Data for as long as necessary and in accordance with our retention policy.

Member details will generally be retained for 24 months post account inactivity.

Staff details will be retained as long as is necessary under Employment Law and other related acts (Taxes, Companies etc.)

Marketing contacts can be erased upon request from individuals.

 

  1. Brexit and International Transfer of Personal Data

Personal Data is primarily processed within the EU/EEA. Where personal data is transferred outside of the EU to Data Processors, we will implement data processing agreements and standard contractual clauses to safeguard data protection rights. Currently, data transfers between the UK and the EU are covered under the GDPR and the transition arrangement between the two parties. Depending on the outcome of the UK withdrawal negotiations, the UK and the EU may not share the same data protection regime. In the event of no data protection agreements between the UK and the EU, we will implement appropriate safeguards, such as standard contractual clauses for data transfers.

 

  1. Changes to this Notice

 We may change and update this notice from time to time, in whole or in part, at our sole discretion or to fulfill a legal obligation. We encourage you to check our website periodically to view the most recent version of this statement.

If, at any time, we decide to use your Personal Data for a purpose that is different from the original purpose of collecting it, you will be advised of this change.