Privacy notice

We are committed to protecting and respecting your privacy. This privacy notice (Notice) explains how the Chartered Institute of Editing and Proofreading (CIEP, we, our, us) collects, uses and shares your personal data, and your rights in relation to the personal data we process.

Updating the Notice

We may modify this Notice at any time. We will endeavour to update you when we make any significant changes to this Notice. This Notice was last updated in April 2023.

Data controller and contact details

The CIEP is the data controller of your personal data. If you have any questions about this Notice, or if you would like to exercise any of your legal rights in respect of your personal data, please contact our Data Protection Representative using the following details:

  • Email: [email protected]
  • Post: Studio 206, Milton Keynes Business Centre, Foxhunter Drive, Linford Wood, Milton Keynes, Buckinghamshire MK14 6GD

How we collect your information

Our processing primarily concerns the personal data of CIEP members, or prospective members, in the course of your membership interactions with CIEP.

We may collect your personal information:

  • from the information you provide to us when you fill in forms on our website when you:
    • join CIEP or apply to upgrade your membership
    • book and pay for training courses, professional development days or our annual conference
    • list your services in IM Available or our Directory of Editorial Services
    • subscribe to our newsletter and other mailings
  • when you correspond with us by phone, email or other means
  • when you complete surveys to provide feedback
  • when you provide details at an exhibition or networking event
  • from the information provided to us through cookies when you browse our website (please also see our Cookies section below).

We may also collect your personal data if you are a service provider, partner or other professional contact of CIEP in the course of our professional interactions.

The types of information we collect

We may collect and process the following personal information about you:

  • your name, pronouns, gender, age and date of birth
  • your CIEP membership number
  • your job title, company name, experience and qualifications
  • your address, email address and phone number
  • your login and password information in connection to your use of the members’ area and forum
  • your billing details, including VAT number
  • your interests, opinions and marketing preferences (where you have provided this information, including in comments you post on the forum or on the CIEP blog)
  • technical information gained from your use of our website, including your internet protocol (IP) address, cookie identifier, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
  • information about your website visit (such as which pages you visited, how you navigated to our website, and how long you spent browsing our website)
  • personal information provided by you in your correspondence with us.

Special category data (eg data concerning health and race/ethnicity)

While we do not collect special category data as a matter of course, our surveys may provide you with an option to declare your race or ethnicity. We use this information to better understand the diversity of our members.

We will only process this information for the purposes of identifying or keeping under review the existence of equality of opportunity or treatment with a view to promoting equality, or with your explicit consent.

We also process data concerning health and allergies where this is provided to us in connection to an event to comply with our legal duty of care.

How we use your information, our legal basis for using your information and who we share your information with

Where we have a contractual relationship with you

We will process your personal data because it is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract. In this respect, we use your personal data for the following:

  • to carry out our obligations arising from any terms or policies entered into between you and us (including the Member Codes and Forums Terms of Service), and to provide you with the membership benefits, products and services that you request from us (including fulfilling subscriptions to the members-only newsletter)
  • to interact with you before you enter into a contract with us, such as when you express your interest in our products or services (for example, to send you information about our membership and events or answer enquiries about them).

In this respect we will provide your data to our subcontractors as necessary whom we engage to assist us in conducting our operations, such as our IT providers, caterers, event organisers, payment providers and delivery companies. We may also share data with our partners to enable them to provide you with membership discounts.

Legitimate interests

We also process your personal data because it is necessary for our or a third party’s legitimate interest. Our legitimate interests include operating the CIEP in accordance with our aims to promote the industry and as set out at https://www.ciep.uk/about. In this respect, we may use your personal data for the following:

  • to enable you to receive information about our activities including to advertise and market upcoming events (unless it is required or appropriate to gain your consent)
  • to monitor the impact of our marketing and social media communications
  • to produce films or take photographs of events. Where possible we will seek your consent beforehand; however, in some instances this may not be possible (for example if you appear in a background shot). We will endeavour to alert individuals to the fact that filming/photography may be taking place where it is practicable to do so
  • capturing images on our CCTV system for the purposes of security and detecting criminal activities
  • to analyse and improve the services we provide, including improving our website, processing feedback and conducting market research.

In this respect, we will provide your data to third parties who assist us in conducting our operations such as our caterers, event organisers, payment providers, IT providers, security providers, and delivery companies.

In addition, for the purposes outlined above, the organisations who we use for our marketing operations, visitor surveys and analysis may need to process your personal data on our behalf. This includes our third-party advertisers such as Facebook and LinkedIn who help us target our advertising communications. For example, if we are running a social media advertising campaign, we may provide some pseudonymised data to the third-party site which leverages information such as demographics, interests and behaviours for matching purposes. This enables us to profile and identify new users likely to be interested in CIEP.

Legal obligations

We process your personal data for our compliance with our legal obligations including for tax and reporting requirements, to report crimes and serious incidents, and to comply with our legal duty of care towards visitors. In this respect and if required, we will share your data with the competent authorities.

Consent

We also process your personal data where we have your specific consent to do so (for example, where it is necessary to seek and obtain your consent to send you direct marketing by email or to set cookies via our website for advertising purposes). If you have given your consent and you wish to withdraw it, please contact us using the contact details set out above or click the ‘unsubscribe’ link in the emails we send.

Please note that where our processing of your personal data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you and/or it may affect the provision of our services.

International transfers of data outside of the United Kingdom

We transfer personal data to the EEA and USA, where our service providers use data centres in such countries. Transfers of personal data to the EEA are based on the adequacy decision made by the UK Government in respect of data protection safeguards in the EEA, where you will enjoy similar rights under data protection law.

For transfers to the USA we have entered into a contract with the relevant provider that contains the data protection clauses approved by the Information Commissioners Office (ICO) that safeguard how your data is processed.

How long your information is kept

We will retain your personal data for as long as is required for legal purposes and our legitimate business purposes after the termination of our relationship with you. In particular:

  • In relation to personal data relating to your membership or any products or services we have provided, we will retain that data for a period of seven years after your membership has expired (or the relevant transaction has concluded) in case any legal claims arise out of the provision of those products or services.
  • We will retain your details on our marketing database until you inform us that you no longer wish to receive our marketing communications. However, where you do unsubscribe from our marketing communications, we will keep your details on a suppression list to ensure that we do not send you information you have asked not to receive.

Your rights

Under the UK General Data Protection Regulation you have the following rights in relation to our processing of your personal data:

  • to obtain access to, and copies of, the personal data that we hold about you
  • to require us to correct the personal data we hold about you if it is incorrect
  • to require us to erase your personal data in certain circumstances
  • to require us to restrict our data processing activities in certain circumstances (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal)
  • to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for transmitting that personal data to another data controller
  • to object, on grounds relating to your situation, to any of our processing activities where you feel this has a disproportionate impact on your rights
  • to complain about the processing of your data to the ICO, although the ICO recommends that you first try and resolve the complaint with us.

Please note that the above rights are not absolute, and we may be entitled to refuse your requests where exceptions apply.

Cookies

What are cookies?

A cookie is a small file which is placed on your computer's hard drive to help store your user preferences, login and session states, analyse web traffic or let you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Cookies used on this site

The following cookies may be set.

Meta pixel: From time to time we may use a Meta pixel to gather information that helps us target our Facebook advertising communications.

LinkedIn pixel: From time to time we may use a LinkedIn pixel (LinkedIn Insight Tag) to gather information that helps us target our LinkedIn advertising communications.

csrf_cookie_name: This cookie protects against Cross Site Request Forgery (CSRF). A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. This allows the attacker to force the victim’s browser to generate requests the vulnerable application thinks are legitimate requests from the victim.

PHPSESSID: This cookie stores temporary information to enable site functionality.

pyrocms_development

Google Analytics __utma, __utmb, __utmc, __utmz: We use Google Analytics to monitor and report on our website usage such as the number of visitors to the site, search phrases used to find us, pages visited on the site and time spent on the site. The statistics gathered are a necessary requirement in order for us to provide and improve our value added products and services and to stay competitive. The cookies do not identify users nor associate your IP address with any personally identifiable information. These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google’s privacy policy is found at https://policies.google.com/privacy.

How to disable cookies

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit https://allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites visit https://tools.google.com/dlpage/gaoptout.