Protecting and Defending what you've Earned
​
CSPA Privacy Policy
1. Introduction
This privacy policy sets out the way we process your personal information. It deals with how we collect information, what we do with it, how we protect it and what controls or rights you have. By visiting www.cspa.co.uk continuing or becoming a member or supporter of the Civil Service Pensioners’ Alliance you are accepting and consenting to the practices described in this policy. We may change this policy from time to time. The date this policy was last updated is shown at the end of this document.
As a data controller, we fully comply with the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003 and the General Data Protection Regulations (EC Directive) 2016 (GDPR).
We are recorded on the Information Commissioner’s Office (ICO) Data Protection Register under registration number Z7058892.
2. Your Privacy – our promise
We are committed to protecting the privacy of our members and supporters and will treat all information you give us with care.
We promise to:
· Tell you why we collect personal information, how we do this and what we use it for.
· Only collect the information we need to deliver the service to you.
· Never sell your personal information or let other organisations use it for marketing.
· Keep the personal information up to date and ensure it is safe and secure.
· Require any suppliers or partners who work with us to have privacy policies.
3. Who we are
In this policy references to Civil Service Pensioners’ Alliance or CSPA are to the Civil Service Pensioners’ Alliance, Grosvenor House, 125 High Street, Croydon, CR0 9XP.
The controller is Executive Council members of CSPA and the joint controllers are the Officials of the Scotland, Northern Ireland and Malta branches.
4. What information we collect and how we collect it
We collect personal information about you to enable us to provide the service to you. This includes:
· Name, address and date of birth.
· Email address and telephone numbers
· Credit card details, bank details, previous organisation employed with, pension details, personal description, photographs, national insurance number and pension reference details.
· Any personal information you give to us when you contact us at head office at a branch or a group.
· Any personal information you give to any Branch Official or one of our Welfare Officers.
· Any special category data such as personal data about health you may give to us.
· When you visit our website we collect information about your IP address and pages you visit. This does not tell us who you are or your address, unless you choose to provide that information.
· We do not use or disclose sensitive personal data, such as race, religion or political affiliations without your explicit consent.
· Your payment information (e.g. credit card details) provided when you make a purchase from our website is not received or stored by us. That information is processed securely and privately by the third party payment processors that we use. We may share your personal data with our payment processors, but only for the purpose of completing the relevant payment transaction. Such payment processors are banned from using your personal data, except to provide these necessary payment services to us, and they are required to maintain the confidentiality of your personal data and payment information.
We collect the personal information in the following ways:
· When you provide information by filling in a form whether on our website or a paper form.
· When you correspond with us by email, phone or other ways.
· Enter a competition, promotion or survey.
· When you participate in discussion forums or other social media on our site or sites managed by us.
· Information from third parties including business partners, service providers, technical sub-contractors, payment and delivery services, advertisers when you have given permission to share it with us
· In meetings with Welfare Officers, Branch official or Group official
· When you take part in a social event.
· From publicly available services to keep your information up to date for example the Post Offices National Change of Address database.
5. How we use the information and why we need it
We use the personal information to provide the products and services and to meet our contractual commitments to you. In addition, this may include:
· Processing – this will include using the information to fulfil any request made by you to purchase a product, receive one of our services, receive our magazine, receive an email newsletter, become a member or renewing membership, to fulfil a contract with you putting names of members or their photographs in a newsletter.
· Marketing – in addition to processing we will use your personal information to provide you with information about products and or services you have requested or would reasonably expect to receive from us. You will be able to change your mind at any time and we will keep your preferences up to date. Any email to you about marketing will have a link to let you unsubscribe.
· Legitimate interests –CSPA also processes your data when it is in our legitimate interest to do this and when these interests do not override your rights. These legitimate interests include providing you with information on products, services, membership, fundraising, competitions, campaigning, appeals, feedback or offers by partner service providers.
· Consent – where we need your consent we will ensure you are as fully informed as possible and use that consent solely for the reason you have given it to us. You will be able to change your mind at any time by contacting us at the address in paragraph 11. Any email or text to you will have a link to let you do so.
· Profiling –we may make use of profiling and screening methods to provide a better service to members or supporters. Profiling helps us target resources more effectively through gaining an insight into the background of members or supporters and helping us build relationships that are appropriate to their interests.
6. Who will see the information?
Your information will only be accessible to our staff and relevant branch officials and group officials and only where it is appropriate in respect of the role they are carrying out. We will never sell your information or let other organisations use it for their own purposes.
We will only share your personal information:
· If you have consented to us doing so and for the specific reason your consent was given. You will have the opportunity to withhold consent when you complete the form on which we collect the data or you can do so by writing to us at the address in paragraph 11.
· Where we use other companies to provide services on our behalf for processing, mailing, delivering orders, answering members, supporters, questions about products or services, sending mail and emails, data analysis, assessment and profiling or processing credit/debit card payments.
· To organisations who you have requested us to supply information so that they can provide services or products you have requested.
· When using auditors, bookkeepers and professional advisors and with your pension administrator.
· With our relevant branches and groups and when putting new member’s names in a newsletter or when your details or photograph are in our magazine or a newsletter.
· When we are legally required to, or because of a lawful request by a governmental or law enforcement authority.
· If we merge with another organisation or form a new entity.
7. Security
The security of your personal information is very important to us.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
All the personal data is processed in the UK however for IT hosting and maintenance your information may be situated outside the European Economic Area (EEA).
You might find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
8. Your rights
You have the following rights:
· Transparency over how we use your personal information (right to be informed).
· To request a copy of the information we hold about you, which will be provided to you within one month (right of access).
· An update or amendment of the information we hold about you (right of rectification).
· To ask us to stop using information (right to restrict processing).
· Ask us to remove your personal information from our records (right to be forgotten).
· Request us to remove your information for marketing purposes (right to object).
· To obtain and reuse your personal data for your own purposes (right to portability).
· Not to be subject to a decision based on automated processing.
You can write to us about any of these rights at the address in paragraph 11. There is no charge for a request and we will respond to the request within one month.
If you are not satisfied with the way in which we deal with your request you can contact the Information Commissioners Office on 0303 123 1113 or at their website www.ico.org.uk.
9. Cookies
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
· Strictly necessary cookies.These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
· Analytical/performance cookies.These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
· Functionality cookies.These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
· Targeting cookies.These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
10.Retention of information.
We hold your information only for as long as necessary for each purpose we use it. This will normally be 7 years from our last interaction with you unless for legal or taxation reasons it is necessary to retain it for a longer period.
11.How to contact us.
If you have any questions about this privacy policy or your rights regarding processing your personal information, or wish to make a complaint please contact:
The Civil Service Pensioners’ Alliance, Grosvenor House, 125 High Street, Croydon, CR0 9 XP Email enquries@cspa.co.uk Tel: 020 8688 8418
This policy was last updated on 1 September 2018