PRIVACY NOTICE AND POLICY
The Institute of Tourist Guiding (the Institute) believes in being transparent and open with all those whose personal details we receive and hold. This privacy notice and policy provides details on how we manage, share and look after your information.
This policy will comply with the General Data Protection Regulations (GDPR) and will therefore include information on:
WHO WE ARE, WHO IS RESPONSIBLE FOR YOUR DATA AND OUR CONTACT INFORMATION
The Institute is a professional membership organisation, Company Registration No: 4391794, which is committed to developing, maintaining and promoting professional standards in tourist guiding.
The Institute does not run tourist guide training courses.
We are a non-profit-making organisation, generating income through examination and external course fees and subscription fees from our members.
The Institute's role includes the following:
The data controller can be contacted directly here:
The Institute of Tourist Guiding
10 Whites Row,
London E1 7NF
Our nominated data protection contact is:
c/o The Operations Manager
Institute of Tourist Guiding,
10 Whites Row,
London E1 7NF
How we collect your information
PERSONAL DATA WE COLLECT ABOUT YOU
We may collect your personal information in a few limited ways:
The types of information we collect
We may collect the following types of personal data about you.
How we use your personal information
Your marketing preferences
The Institute will always act upon your wishes in respect of what type of communications you want to receive and how to receive them. There are some communications, however, that we need to send you regardless of your marketing preferences. These are what would describe as essential communications to fulfil our membership obligations to you. Examples of these types of communications would be:
You are always in control of how we communicate with you. You can update your choices and contact details through your membership profile page online or by contacting us using the details below.
Whilst we will take all reasonable steps to protect and secure your personal data, we cannot guarantee confidentiality of a message transmitted between you and us via email as these are potentially accessible by the public. We will not be liable to you or anyone else for any loss relating to any email message sent by you to us or by us to you.
OUR LEGAL BASIS FOR PROCESSING FOR THE PERSONAL DATA
WHETHER THE COLLECTED PERSONAL DATA WILL BE DISCLOSED TO/SHARED WITH ANY THIRD PARTIES.
The Institute will not pass on your personal data to third parties without first obtaining you consent.
We do not sell or rent your information to third parties and we do not share your information with third parties for marketing purposes.
The following third parties will receive your personal data for the following purpose(s) as part of the processing activities:
We do not directly store or collect your payment card information on our IT systems. We use a trusted third party – World Pay – to process payments online. This company has an active PCI-DSS compliance programme in place. This is the international standard for safe card payment processes and is designed to keep your personal information secure.
SEEKING YOUR CONSENT TO PROCESS YOUR PERSONAL DATA AND THE RIGHT TO WITHDRAW CONSENT
By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified. Consent is required for Institute to process both types of personal data, but it must be explicitly given.
Where we are asking you for sensitive personal data we will always tell you why and how the information will be used. The special categories of personal data are: racial; ethnic origin; political opinions; religious beliefs; philosophical beliefs; trade union membership; genetic data; Biometric data; health data; data concerning a natural person's sex life; and sexual orientation.
You may withdraw consent at any time in line with the Institutes ‘Withdrawal of Consent Procedure (https://www.itg.org.uk/about/policies-procedures-and-documents/ ) or you can review and amend your preferences at any time by logging into your member web profile or emailing us at email@example.com.
Keeping you details up to date
If the information we hold on you is wrong or you wish to update your personal information you can either log in to you member profile or email us at firstname.lastname@example.org.
SECURITY OF YOUR PERSONAL DATA, INCLUDING HOW LONG PERSONAL DATA WILL BE STORED
The Institute only hold and process personal data for as long as necessary for each purpose we use it and will store the personal data for the retention period referred to and established in the Retention Period Procedure.
REQUESTING ACCESS TO YOUR PERSONAL DATA.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
To make a subject access request please fill in our Subject Access Request form. Once completed, please ensure that a signed copy is sent either:
In a sealed envelope (marked private and confidential) to the Operations Manager (at the address below) or, by email to email@example.com.
Please remember to include all required documentation (including copies of identification) -failure to do so may delay our response. The Institute accepts the following form of ID when information on your personal data is requested:
A valid passport A valid diving licence
Birth certificate Utility bill (from the last 3 months)
Rent book (from the last 3 months) Bank statement (from the last 3 months)
COOKIES AND OTHER TRACKING TECHNOLOGIES
Cookies are small data files that are placed onto hardware devices which you use to browse the internet (e.g. computer, smartphones or tablet you ‘device’) by websites that you visit. Cookies contain information about your visits to that website and the purpose of cookies is to enable our website to remember you, and your browsing habits, when you visit it again in the future.
Cookies help us plan the content and layout of our site and recognise returning visitors that have been to our site before. They therefore play an important role in helping us enhance the usability and performance of our site to improve your visits.
QUESTIONS, COMMENTS OR COMPLAINTS
Data Protection c/o The Operations Manager
Institute of Tourist Guiding
10 Whites Row
London E1 7NF
A copy of the procedure for complaints from data subject(s) related to the processing of their personal data can be found here https://www.itg.org.uk/about/policies-procedures-and-documents/
Alternatively, you may wish to contact the Information Commissioner’s Office: https://ico.org.uk/concerns/handling/
This policy was last revised on 9 May 2018.