For the purposes of GDPR, the data controller is CPRA, 288 Bishopsgate, London EC2M 4QP, United Kingdom.
Information That We Collect and How We Use It
Information that we collect
CPRA collects information from you when you fill in forms on the Site, seek information regarding our services or employment opportunities, or register for conferences and other CPRA-sponsored events.
Personal information that we collect includes: names, addresses, e-mail addresses, phone numbers, subject areas of interest and/or demographic and location information. In addition, we may sometimes aggregate demographic information and the types of systems and browsers of users.
CPRA may also use technologies to provide us with information on a number of areas, such as user identity, technical information (including the IP address used to connect your computer to the internet, full Uniform Resource Locators, browser type and version, operating systems and platform, etc), user viewing habits, whether or not users found what they were searching for and whether the Site content is relevant to user needs.
How we use personal information
The purposes and uses of your personal information will depend on the use of the Site and the type of personal information provided. We process your personal information:
- for the purposes of safeguarding the legitimate interests pursued by CPRA. This includes:
- Informing you about updates to our service and notifying you about other products and services offered by CPRA that may be of interest to you, including information regarding events
- Tailoring your experience at the Site with relevant CPRA materials
- Understanding the Site’s user population, identifying subject areas of interest, and determining whether the Site is designed to work with the computer settings of a majority of our visitors
- Measuring and improving the effectiveness of CPRA marketing programmes across different channels
- Improving our web content and navigation.
- on the basis of your consent. To the extent you have granted us consent to the processing of personal information for specific purposes (for example, your application form for employment with CPRA), the lawfulness of such processing is based on your consent. You may withdraw your consent at any time.
- for compliance with legal obligations. This includes anti-fraud and anti-money laundering measures as well as tax and national insurance requirements.
We will not sell, share or otherwise make available your personal information to third parties, except that we may disclose the information to third parties who perform services on our behalf and have a need to access the information in connection with those services. Any third parties will only process this information to the extent to which and within the limits that CPRA itself is permitted to process that data. In addition, CPRA may disclose your contact information in response to inquiries by bona-fide rights owners in connection with allegations of infringement of copyright or other proprietary rights arising from information that you have posted on the Site or otherwise provided to CPRA.
How We Might Share Your Information
The third parties with whom we may need to share personal information to help us provide services and products to you and to run the Site include:
- our subsidiaries or affiliates;
- our advisors;
- our third party service providers who process information on our behalf to help run some of our internal business operations including email distribution, IT services and marketing and events services;
- our business partners for publications and events co-organised by CPRA and them;
- regulators and law enforcement bodies in order to comply with any legal obligation or court order.
In the event that CPRA buys or sells any business or assets, we may disclose your personal information to the prospective buyer or seller of such business or assets (as appropriate). Where CPRA is acquired by a third party, customer personal data and information held by CPRA will be one of the transferred assets.
Please note that the Site may be viewed and accessed anywhere in the world including countries that may not have laws regulating the use and transfer of personally identifiable information. By using the Site, submitting information through this Site, or submitting personal information to CPRA through other means, you voluntarily consent to such international transfer and hosting of such information to those countries and parties.
Retention of your Personal Information
CPRA retains your personal information for so long as is necessary to fulfil the purpose for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. We may retain your personal information for longer if they may be the subject of a legal claim, or may otherwise be relevant for future litigation.
If, at any time, you do not wish to receive further communications from us in any or all forms, please contact us (see details below).
Website Cookies and other tracking technologies
We may use the following types of cookies:
“persistent cookies” to improve your experience when using the Site.
“session cookies” to enable your use of our Site and to remember your settings. Session cookies are deleted automatically at the end of your visit.
“web analytics cookies” to analyse how the Site and our services are used, including the following types:
By continuing to visit or use the Site and our services, you agree that we can store and access cookies and other tracking technologies as described herein.
CPRA has put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They may only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Please note however that, unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personally-identifiable information, CPRA cannot guarantee the security of your data transmitted to our Site and any such transmission is therefore at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorised access.
Links to Other Websites
Compliance With Law
CPRA complies with all applicable privacy laws and regulations. CPRA may be compelled to surrender personal user or customer information to regulators and/or law enforcement bodies, or as required or permitted by applicable laws, rules and regulations. In addition, in the event of a violation of the terms and conditions of use of the Site or a violation of any restrictions on use of materials provided in or through the Site, we may disclose personal user information to our affected business partners or legal authorities.
In accordance with applicable data protection laws, including GDPR, you have a right to request a copy of the personal information we hold about you and details of how we use that information. If any of the information held about you is incorrect or out-of-date, you have the right to amend or rectify it by contacting us (see details below). You also have the right to require us to erase your personal data, stop processing your personal data, restricting the processing of your personal information, right of portability of your personal information and/or to withdraw your consent to processing. This may not apply if there are other legal justifications to continue processing. If you think we may have incorrect personal information, or would like a copy of the personal information we hold on you, or to exercise any other data protection right, please write to us. Please note that we need you to prove who you are before we can provide you with any information.
You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
This Site is not designed for and does not intentionally target or solicit to children 18 years of age and younger.
Use of the Site
GDPR Privacy Notice
This privacy notice describes how we collect and use personal information about you during and after your working relationship with us, in accordance with GDPR. It applies to all employees, workers, contractors, candidates and individuals at clients or potential clients of ours. Please click here to read our GDPR Privacy Notice.
If you have any further questions, please contact our data protection officer, Peter Griffiths, at Calimere Point Risk Advisory Limited, 288 Bishopsgate, London EC2M 4QP, United Kingdom.