Our website address is: https://www.tisa.uk.com.
The Investing and Saving Alliance, TISA, (“we”, “us”, “our”) collects your information. “you” and “your” means any natural or legal person who uses the website and each entity on whose behalf they act.
We are required by law to be fair in notifying individuals on how their information will be managed and to inform them of their rights. But more than that, we want to be transparent, open, and ethical in our practices
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. By visiting http://www.tisa.uk.com (“our site”) you are accepting and consenting to the practices described in this policy. You can withdraw such consent at any time.
Our site contains links to the websites of various third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these.
This data protection policy provides information on how we use personal data relating to our prospective and existing customers, our partners and other individuals we do business with (also referred to in this notice as ‘you’), including
• TISA member and non-member contacts in the industry
• subscribers to the TISA newsletter
• project participants
• registrants for training courses or other events
• complainants and enquirers
• industry contacts
• Transfers database contact details
We have a separate privacy notice for our staff, employees and those wishing to become our employees
We may collect and process the following data about you (including without limitation):
Name, address, email address, telephone number, employer, position, login details/passwords and financial information for settlement of supplier invoicing, IP address, dietary requirements and any other relevant information relevant to specific TISA activities or events.
You may give us your Identity and Contact Data either face to face or by filling in forms or by corresponding with us by post, phone, email or otherwise.
This includes information you provide when you register to use our site, become a member, book for TISA events, post material, participate in discussion boards or other social media functions on our site, request further services, and when you report a problem with our site. If you contact us, we may keep a record of that correspondence. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
As TISA membership is business to business, your contact information may be provided by your employer as the responsible person for an activity related to provision of membership or other services such as the transfers database maintenance.
We may use information held about you (information that you give to us, information we collect about you and information we receive from other sources) in the following ways:
We may process information that you give to us:
i. to carry out our obligations arising from any contracts entered into between you or your employer and us and to provide you with the information, products and services that you request from us;
ii. to notify you about changes to our service;
iii. to ensure the security of our website and services, maintaining back-ups of our databases and communicating with you and record-keeping;
iv. for the purposes of offering, marketing and selling relevant products and/or services to you;
v. for the purposes of supplying goods and/or services that we may from time to time advertise and sell through our website, and keeping proper records of those transactions;
vi. to analyse the use of the website and services;
vii. in general, we may process any of your personal data with the purpose to comply with our legal obligation.
Information you give us may comprise of:
i. information in your website profile, which may include your name, address, telephone number, email address, employment details;
ii. information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website, and may comprise contact details, card and/or bank details and transaction details; and
iii. information contained in or relating to any communication that you send to us, including any metadata associated with the communication, where applicable.
We may process information that we collect about you:
i. to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
ii. to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
iii. to allow you to participate in interactive features of our service, when you choose to do so; iv. as part of our efforts to keep our site safe and/or secure;
v. to make suggestions and recommendations to you and other users of our site about services that may interest you or them;
vi. to collect broad demographic information for aggregate use; and
vii. in co-operation with your internet provider, to identify you if we feel it is necessary to enforce compliance with our terms or use or to protect our service, site, users or others.
This applies to member and non-member data. In most cases, we process your personal information for the purposes of pursuing our legitimate interests as a business. Those interests include the efficient operation of our business; maintaining standards of service for our members; the protection of our business and to benefit the Industry as a whole. We consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.
Where we send direct marketing material via email to non-members we have applied the legal basis of consent to also comply with direct marketing regulations as set out in the Privacy and Electronic Communications Regulations (PECR). Consent can be withdrawn at any time.
TISA processes personal data which is necessary to comply with its legal obligations. This includes but is not limited to statutory bodies.
TISA may contact you by post, telephone (including by text), fax or email in connection with the purposes outlined above. If you change your mind about being contacted in the future, or the methods by which we may contact you, please let us know by contacting us at our contact details set out below.
We have in place technical and internal compliance procedures for all personal data from the point of data collection through to the point of destruction. We ensure that appropriate measures are taken against unlawful and unauthorised processing of personal data and against the accidental loss or damage to personal data.
The data that we collect from you is hosted and stored by our main information systems at sites that are located within the European Economic Area (EEA) and accessed by TISA employees in the European Economic Area (EEA).
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
You acknowledge that any personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
We share your information with third-party service providers, where they reasonably require it to perform their obligations or in order to enable us to achieve the objective of our processing. The service providers include:
• our event organisers;
• our training providers;
We may also share your contact details in respect of limited attendance meetings and other events you are present at, for example in connection with minutes of such meetings and events, and generally provide attendee details to speakers at our events.
We may share your personal information with sponsors of TISA events such as the House of Commons lunches, TISA Conferences and other TISA events. This information may not be used by sponsors for marketing purposes.
We may share your information with our members, if it is necessary to do so to respond to any matter you raise with us.
We may share your personal information with other third parties as required by law
Third party providers we share with and that your data will be processed in are:
We will not disclose or sell your data to third parties for Marketing purposes.
We will retain your details for as long as they are necessary and compliant with our legal obligations under the Regulations.
Your rights under the Regulations:
Individual’s rights are qualified (meaning they may not have these rights at all times, or in all circumstances), but generally speaking, individual’s rights include:
• the right of access or to obtain a copy of their information
• the right to correction or updating
• the right to complain (to both TISA and the regulator)
• the right to object, block or put on hold processing
• the right to be forgotten
• the right of data portability to another provider
• the right to be compensated for damage or distress
• rights related to automated decision making (machine-based judgements)
If you want to exercise one of these rights, please get in touch at: GDPRCompliance@tisa.uk.com
From time to time we will review this document, when we make substantial changes to our processes or procedures and systems, or if laws and regulations change.
We will update the notice here and make reasonable efforts to contact and update those affected if the changes are substantial in nature.
If you would like to change any information we hold about you that has been collected via use of this Website or other means outlined above or want it to be removed from our database, or simply want to unsubscribe from our mailings you should contact us at GDPRCompliance@tisa.uk.com
Or in writing:
The Investing and Saving Alliance
25 Falcon Court
Preston Farm Business Park
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. www.ico.org.uk
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.