What personal data do we collect?
The personal data we collect may include:
- Contact information, such as your name, job title, postal address, including your home address, where you have provided this to us, business address, telephone number, mobile phone number, fax number and email address;
- Information collected from publicly available sources;
- Special categories of personal data. In connection with the registration for and provision of access to an event or seminar, we may ask for information about your health for the purpose of identifying and being considerate of any disabilities or special dietary requirements you may have. Any use of such information is based on your consent. If you do not provide any such information about disabilities or special dietary requirements, we will not be able to take any respective precautions;
- Other personal data regarding your membership; and/or
- Details of your visits to our events.
How do we collect your personal data?
We may collect personal data about you in a number of circumstances, including
- When you browse, make an enquiry or otherwise interact on our website;
- When you attend a meeting or another event or sign up to receive personal data from us, including signing up for an event; or
- When you or your organisation offer to provide or provide services to
In some circumstances, we collect personal data about you from a third party source. For example, we may collect personal data from Twitter, LinkedIn or other organisations with whom you have dealings, or from a publicly available record.
Are you required to provide personal data?
As a general principle, you will provide us with your personal data entirely voluntarily; there are generally no detrimental effects for you if you choose not to consent to provide personal data. However, there are circumstances in which we cannot take action without certain of your personal data, for example because this personal data is required to process your instructions or orders, provide you with access to a web offering, notification, communication or event. In these cases, it will unfortunately not be possible for us to provide you with what you request without the relevant personal data and we will notify you accordingly.
For which purposes will we use your personal data?
We may use your personal data for the following purposes only ("Permitted Purposes"):
- Providing services or things you may have requested, including on-line or technology services or solutions as instructed or requested by you;
- Managing and administering your relationship with us, including processing payments, accounting, auditing, billing and collection, support services;
- Compliance with our legal obligations (such as record keeping obligations), compliance screening or recording obligations;
- To analyse and improve our services and communications to you;
- Protecting the security of and managing access to our IT and communication systems, online platforms, websites and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
- For insurance purposes;
- For monitoring and assessing compliance with our policies and standards;
- To identify persons authorised to trade on behalf of our members, suppliers and/or service providers;
- To comply with our legal and regulatory obligations and requests anywhere in the world;
- To comply with court orders and exercises and/or defend our legal rights; and
- For any purpose related and/or ancillary to any of the above or any other purpose for which your personal data was provided to
Where you are a member or have otherwise expressly given us your consent, we may process your personal data also for the following purposes:
- Communicating with you through the channels you have approved to keep you up to date on the latest developments, announcements, and other information about the CFL’s events, project, services, products and technologies (including member briefings and other information); or
- Collecting information about your preferences to create a user profile to personalise and foster the quality of our communication and interaction with you (for example, by way of website analytics).
With regard to marketing-related communication, we will where legally required only provide you with such information after you have opted in and provide you the opportunity to opt out anytime if you do not want to receive further marketing-related communication from us. We will not use your personal data for taking any automated decisions affecting you or creating profiles other than described above.
Depending on which of the above Permitted Purposes we use your personal data, we may process your personal data on one or more of the following legal grounds:
- Because processing is necessary for the performance of a member's instruction or other contract with you or your organisation;
- To comply with our legal obligations (e.g. to keep records for tax purposes); or
- Because processing is necessary for purposes of our legitimate interest or those of any third party recipients that receive your personal data, provided that such interests are not overridden by your interests or fundamental rights and
In addition, the processing may be based on your consent where you have expressly given that to us.
With whom will we share your personal data?
We may share your personal data in the following circumstances:
- We may share your personal data with courts, law enforcement authorities, regulators or attorneys or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process;
- We may also instruct service providers and others within or outside of CFL’s members, e.g., CFL’s administrator, accountant, event organiser, event sponsors, directors, secretaries and personal assistants to members of CFL, as well as Mailchimp, Eventbrite or similar web-based mailing programmes to process personal data for the Permitted Purposes on our behalf and in accordance with our instructions only CFL will retain control over and will remain fully responsible for your personal data and will use appropriate safeguards as required by applicable law to ensure the integrity and security of your personal data when engaging such service providers;
- We may also use aggregated personal data and statistics for the purpose of monitoring website usage in order to help us develop our website and our
Otherwise, we will only disclose your personal data when you direct us or give us permission, when we are required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities.
Personal data about other people which you provide to us
Keeping personal data about you secure
We will take appropriate technical and organisational measures to keep your personal data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to personal data. Personal data may be kept on our personal data technology systems, those of our contractors or in paper files.
Transferring your personal data abroad
CFL may transfer your personal data abroad if required for the Permitted Purposes as described above. However, we note that we do not share our data with any entities outside of the UK and the European Union. If you are based in a jurisdiction outside the UK or the European Union, we will continue to send our electronic communications to you unless you opt out.
Updating personal data about you
If any of the personal data that you have provided to us changes, for example if you change your email address or if you wish to cancel any request you have made of us, or if you become aware we have any inaccurate personal data about you, please let us know by sending an email to email@example.com. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Data that you provide to us.
For how long do we retain your personal data?
Your personal data will be deleted when it is no longer reasonably required for the Permitted Purposes or you withdraw your consent (where applicable) and we are not legally required or otherwise permitted to continue storing such data.
Subject to certain legal conditions, you have the right to request a copy of the personal data about you which we hold, to have any inaccurate personal data corrected and to object to or restrict our using your personal data. You may also make a complaint if you have a concern about our handling of your personal data.
If you wish to do any of the above please send an email to firstname.lastname@example.org for the attention of the Secretary. We may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data.
We will consider any requests or complaints which we receive and provide you with a response in a timely manner. If you are not satisfied with our response, you may take your complaint to the relevant privacy regulator. We will provide you with details of your relevant regulator upon request.
How to get in touch