Data we may collect/hold and why
The VRA may collect, hold and process the following data related to you:
- Information from our website when accessing this area. This information is collected via Cookies and includes details regarding your IP address. This is to monitor usage of our website and help enable website security by providing details to law enforcement agencies if required. Cookies themselves can not be used to identify you.
- Contact details when provided via our ‘Contact Us’ section of the website in order for us to respond to your communication request.
- Contact details when provided upon creating an online account via our website (under ‘Join’) in order for us to provide access to resources and news about forthcoming events.
- Contact and payment details provided when becoming a full member of the VRA to enable provision of full access to resources, a monthly newsletter and news about forthcoming events in addition to other member benefits.
- Contact details when provided upon signing up for a webinar to enable provision of webinar details and attendance certificates. You will also be contacted with the opportunity to provide feedback on the webinar attended and details regarding VRA membership (if not already a member).
- Contact details when provided for the purpose of VRA keeping in touch and informing you of events or information available.
- Information collected during surveys will be used to learn about how you use and value our services in order to inform improvements to them.
We collect, hold and manage data under the lawful basis of ‘legitimate interests’.
Where and with whom we store or manage your data
Data may then be utilised within the following resources:
- GoToWebinar (utilised for Webinars)
- Mailchimp (utilised for provision of Newsletter and event notifications)
- Survey Monkey (utilised for surveys/polls)
- PayPal and Barclays (utilised for payment processing of membership and/or event attendance)
- VRA Board (utilised for contact related to membership status and/or event invitations)
- Law enforcement agencies if required
Details of the above organisation’s Privacy Policies can be found on their websites.
The VRA will never share your data with any other parties without explicit consent from yourself.
Our website contains links to and from websites of our partner and membership organisations for the purpose of advertising events and/or job vacancies. If you follow a link to any of these websites, please note that these websites have their own Privacy Policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Accuracy of your data
The VRA will take reasonable steps to create an accurate record of any personal data you have submitted. However, we do not assume responsibility for confirming the ongoing accuracy of your personal data. You can update your personal details via your profile accessible on our website once logged in or alternatively you can email firstname.lastname@example.org to request update to your details. Please note it can take up to 30 days for updates to take effect.
Accessing your data
You have the right to access all information held about you in accordance with the General Data Protection Regulations. This information can be accessed via your online profile on the VRA website after logging on. Alternatively, you can submit a data access request to us via email@example.com. Please note it can take up to one month for this data to be provided.
You have the right to request the VRA to restrict processing of your data for the purpose of marketing. You will be provided the opportunity to unsubscribe from VRA mailings within each mailing sent as standard. Alternatively, you can email firstname.lastname@example.org to request update to your marketing mail preferences. Please note it can take up to 30 days for updates to take effect.
Where data has been provided and permission granted to hold this data and provide communications to you, the VRA will hold and process this data indefinitely until instructed otherwise. You can request partial or total erasure of your data (including associated communications) by emailing email@example.com to request this. Please note it can take up to 30 days for updates to take effect.
Data security breaches
As outlined above, the VRA takes management of your personal data seriously and takes all reasonable steps to appropriately secure your data. In the event that a data security breach occurs, you will be notified at the earliest opportunity and information will be provided regarding the nature or the breach and action being taken. Concurrently to this, the VRA will notify relevant parties such as the ICO, Charity Commission and/or law enforcement agencies to ensure appropriate action taken.
Update to the Policy
This policy may be updated as required to ensure its compliance with data protection legislation and to exercise best practice. We recommend regular review of this page to ensure you are happy and in agreement with our policy and associated practices. By continuing to use our website, you will be deemed to have accepted our policy.