How and when we collect your personal data
We may collect your personal data in a number of ways, as follows:
- when you give us your personal data, for example by providing us with an application to become an IoD Member and any other related information or documentation;
- during any interviews or meetings we may conduct with you;
- when we contact you by telephone, post, e-mail or through any other means;
- when you contact us through our website, by telephone, post, e-mail or through any other means;
- when we deal with any enquiries you make to us;
- when we collect publicly available information; and
- when you disclose your personal data to us or others by any other means.
When you provide personal data about yourself to us, you are deemed to have consented to our collection, use and/or disclosure of your personal data for the purposes set out in this policy. The information that we process is that which is reasonably necessary in relation to your IoD membership.
We may also obtain data from you by way of details of your visits to our website including, but not limited to, location data, traffic data and usage of a desktop or tablet device.
What types of personal data do we collect?
We may collect some or all of the following personal, special category and non-personal data:
- your salutation and name;
- your address, email address, telephone number and other contact information;
- your gender, date of birth and nationality;
- your business/company name, job title and profession;
- your employment history, qualifications and skills;
- demographic information and personal interests;
- criminal convictions; and
- your IP address, web browser type and version, and data relating to your activity on our website.
Know your rights
Your rights are as follows:
- the right to be informed about our collection and use of the personal data you provide;
- the right of access to the personal data we hold about you;
- the right to rectification if any personal data we hold about you is inaccurate or incomplete;
- the right to erasure i.e. the right to be forgotten upon request;
- the right to restrict i.e. to restrict the uses of your personal data for any specific type of processing;
- the right to data portability i.e. obtaining a copy of your personal data and using it for other parties you wish to engage with;
- the right to object to us using your personal data for any particular purpose; and
- rights on automated decision making and profiling i.e. the right to restrict or object to automated decision making processes or profiling based on your personal data.
If you wish to exercise any of these rights please contact us at officer.jersey@IoD.net.
You may ask us to confirm what information we hold about you at any time, and request us to modify, update or delete such information. We may ask you to verify your identity and for more information in connection with your request.
If we provide you with access to the information we hold about you, we will not charge you for this unless your request is “manifestly unfounded or excessive”. If you request further copies of this information from us, we may charge you a reasonable administrative cost where legally permissible. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.
At all times, you have the right to report a concern or lodge a complaint with the Office of the Information Commissioner in Jersey. Please refer to https://oicjersey.org or by calling them on +44 (0)1534 716530.
Using and storing your personal data
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected for the performance of our contract with you, because you have consented to our use of your personal data (e.g. by subscribing to emails), or because it is in our legitimate interests.
Specifically, we may use your personal data for the following purposes:
- providing and managing your IoD membership and membership experience;
- our provision of courses and qualifications;
- to meet your requests for information or services;
- our provision of information and experiences to promote director development opportunities, sponsorship and advertising;
- our market research, including product usage and transactional data;
- to deal with any problems or complaints that arise in relation to your membership; and
- for any other purpose for which you specifically give us your personal data.
With your permission and/or where permitted by law, we may also use your information for marketing purposes which may include contacting you by email and/or telephone and text message with information and news on our products and services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR.
We may also advise you of relevant news and industry updates, events and other information, products or services of ours that we think may be of interest to you. You can unsubscribe from these communications at any time. You may also object to the processing of your personal data for this purpose by contacting us at officer.jersey@IoD.net.
We may store and retain your personal data in order to carry out any of the uses specified above, normally for a period of 10 years. It should be noted that electronic copies of information are treated as original documentation.
IoD Jersey primarily holds two types of information; information relating to its members and information about its activities. Information about members is collected by IoD Pall Mall when a member applies to join the IoD Jersey.
The same information is then passed to IoD Jersey. IoD Jersey may also obtain personal information from its members such as their names and email addresses when dealing with any enquiries members have or in organising events. Membership information is retained throughout the course of a person remaining a member of the IoD Jersey.
Minutes of the IoD Main Committee are retained for 10 years, after which they are stored with the Jersey Archive.
Sharing your personal data
Your personal data may be shared with or accessed by:
- officers, representatives and directors of IoD Jersey and IoD UK;
- organisations or agencies that we use to assist us in the application and assessment process for the IoD membership;
- government bodies, regulatory authorities and law enforcement agencies where legally required to do so;
- third parties who provide services to us which require the processing of personal data;
- suppliers and agents who administer and maintain, amongst other activities, our website; and
- any successor to the activities of this organisation.
In some cases your personal data may be transferred to countries outside Jersey, other countries in the British Isles and countries in the European Economic Area (i.e. the Member States of the European Union, together with Norway, Iceland and Liechtenstein). We will therefore only transfer data outside these jurisdictions where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data.
We will ordinarily process your data throughout the course of our interactions and will then generally retain it for an appropriate amount of time thereafter. In determining the appropriate retention period for various types of personal data, in addition to ensuring that we comply with our legal, regulatory and risk management obligations, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we need to process your personal data data relating to your activity on our website.
The products and services provided by the IoD Jersey and IoD UK are intended for individuals over the age of 16. If you are aged 16 or under, please obtain your parent/guardian’s permission before you provide us with personal information.
A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser.