IPSE, the Association of Independent Professionals and the Self Employed, is the voice of the UK’s self-employed population who make up one in seven people working today. We make sure freelancers, interim managers, consultants and contractors are represented to Government. By producing insightful, hard-hitting research and effective policy campaigns, we fight to create a better environment for the self-employed to run their businesses and ultimately, ensure our economy remains one of the most flexible in the world.
This Policy explains when and why we collect personal information about our members, people who use our website and anyone else who we collect data from. It explains how we use this data, the conditions under which we may disclose it to others and how we keep it secure. By using our website, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to IPSE, Heron House, 10 Dean Farrar Street, London SW1H 0DX, or by telephone to our Membership Team on +44 (0) 20 8897 9970. For the purposes of the Data Protection Act 1998 and the General Data Protection Regulations (GDPR), IPSE acts as a Data Controller.
How do we collect information from you?
We obtain information about you when you use our website, contact us for information about our work or our membership benefits, attend one of our regular events, become a member, participate in our research, send us information related to a job application or when you sign up to our newsletter or magazine mailing lists. We may also receive your information from a third party who offers IPSE membership as a benefit.
What information is collected from you?
The personal information we collect from you or a third party is the minimum required to provide you with the service requested, and we only pass your information to third parties for the fulfilment of the service requested and in the manner outlined in this policy.
We will collect your name and contact details (phone number, address, email), your gender, date of birth, contact preferences and your interests and preferences for the fulfilment of the service or product requested, or for mailing list purposes. We will also request your bank or payment card details to pay for the membership level or service you have requested.
For some products, we may request additional information such as health, age and beneficiary questions for Life Assurance, or your National Insurance for Pension contributions or your service contract for our Contract Review service. Further information may be required in the event of an insurance, life assurance or benefit claim, such as income information, date of death or accident, type and length of sickness or incapacity to satisfy the claim investigation requirements of our third-party partners.
Website Users, Mailing lists and Event attendees
We will collect your IP address to collate information on pages viewed, and if you sign up for our newsletter or magazine, we will request your name and email address. If you apply to attend one of our events, we will collect your contact details to provide information about that event and, with your explicit consent, information about future events and membership options. If you attend an event or conference and supply us with your contact details or business card, we will contact you with the information requested and seek explicit consent for the mailing list requested. The paper details will be securely stored or destroyed.
If you agree to participate in one of our online research sessions, the information we collect will be dependent on the type of research, and may include information about your working history, earnings, gender, education level and current working status. Anonymity of individual respondents and protection of personal details will be maintained except where otherwise specified in the survey, or where the express permission of the respondent has been sought. Information gathered through surveys will be researched and compiled on an aggregated basis and results may be published by IPSE.
At the end of the survey we may ask you to provide contact details such as name and email if there is a reward for participating in the survey. This will be stored separately from your survey responses.
Other ways we may receive your information
If you submit a question via our online contact forms, your name, email address and comments will be stored.
If you post on our social media forums or the IPSE Community Forum, the data will only be stored on the service providers’ site and not held by IPSE.
If you contact IPSE through email without use of the website, the content of the email will be stored.
How is your data used?
· To maintain records of our members and fulfil our contractual obligations
· To maintain records of our mailing lists for Events, Newsletter and Magazine
· To take payment for membership or services
· To notify you of information relating to news, policy or events relating to the work of IPSE which may be of interest to you
· To notify you of offers available via our partners
· To maintain the services associated with your membership
· To provide you with additional services specifically requested by you
· To provide membership to individuals identified by partners
The legal basis for processing your data
Under GDPR, the main grounds that we rely upon to process your data are:
· To comply with a contractual obligation. This includes membership of IPSE (name, address, email address, date of birth, payment details), participation in our pension offer (National Insurance number) and Life Assurance (medical history)
· For the purposes of legitimate interests. This includes responding to requests or enquires from you, to provide you with our Newsletter or Magazine, or to send information or services which you have expressed an interest in. You can ask us to change your preferences at any time - see the section entitled ‘Managing your data and preferences’ below.
· We may also be obliged by law to disclose your data to a regulatory body or law enforcement agency.
Who has access to your data?
IPSE will not sell your data to third parties and will only share your data with selected partners so that you have access to the benefits or services they offer as part of your membership of IPSE, or where a third party provides all or part of a membership benefit or product in a contractual agreement with IPSE. We will not pass your details to any third party for direct mailing purposes.
IPSE has carefully selected several Partners who offer discounts or special arrangements to our members. We will only pass your contact information or other data to them on your request.
IPSE Service Providers
To provide our range of benefits and services, we use third parties to process and manage some of these benefits. In all cases, we only provided the necessary data to these third parties to enable them to perform their role. For example, when we use a payment processor to take payment for a membership or service, we don’t need to pass them details of your gender, so we won’t.
· Payment processors – we use payment processers to securely take payment for our memberships and services, and to manage repeat payments and financial reporting.
· Data Managers – we use third parties to provide services to securely store the data for operational and back up purposes.
· Event, Research and Mailing Services – we use third parties to manage some of our activities such as events, research and mailing lists.
· Providers of benefits and products – some of the benefits and products offered by IPSE are provided by third parties
Managing your data and preferences
In addition, you have certain rights concerning your data that we hold:
Right to be informed
Right of access
You have the right to ask us what data we hold about you. On receipt of a valid request, which may include validating your identity, we will provide all the data we hold about you within one calendar month.
Right of rectification
You have the right to ask us to correct any of your data which is incorrect or requires to be updated, we will do this within one calendar month of receipt of a valid request, which may include verifying your identity and we may request proof of the correct data.
Right to erasure
You have the right to request that IPSE erase your data, we will process such requests within one calendar month of receiving a valid request, which may include verifying your identity. There may be circumstances when we are unable to erase all data – either due to a legal obligation to retain your data (including legitimate interest), or because we are contractually obliged to provide you with a product or service. If this is the case, we will explain this in our response to the request.
Right to restrict processing
You have the right to request that IPSE restrict the processing of your data in some circumstances. This may be due to a dispute over the accuracy of the data or when you have exercised your right to object (below) and IPSE are considering the request. Rights to restrict processing are therefore usually temporary in nature and will be assessed on receipt of a valid and authenticated request. It may not always be possible to restrict processing either due to a legal obligation to retain your data (including legitimate interest), or because we are contractually obliged to provide you with a product or service.
Right to data portability
You have the right to request IPSE to transfer the data held about you to another organisation. Although this concept works well between providers of similar services such as banks and building societies, IPSE provides a unique service to their members and it is unlikely the data requested or the system requirements of the receiving organisation would be the same as IPSE. However, we will consider any such request on receipt of a valid and authenticated request and will provide you with a written response.
Right to object
Your right to object to your data being processed mainly concerns direct marketing and limiting data processing based on legitimate interests.
You can change your direct marketing preferences either by via the website as a member or by emailing us as noted above. If you consider that some of the data held is no longer required for legitimate purposes, we will consider this within one calendar month of receipt of a valid request, which may include verifying your identity.
Rights related to automated decision making including profiling
We have included this right for completeness, however IPSE does not use your data for any automated decision making or profiling purposes.
How long we hold your data for
We will only hold your data for as long as needed to for the purpose we have collected it.
Membership or mailing list data is kept for a period of 7 years after the end of your membership or removal from mailing lists.
Medical information relating to life assurance is kept for a minimum of six years after submission.
Use of 'cookies'
You can read more detail about this in IPSE’s Cookie’s Policy, which includes information on the types of cookies we use and how to turn them off in your browser.
Links to other websites
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
Transferring your data outside of Europe
As part of the services offered to you by IPSE, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. Currently all third parties that we share data with are covered by European data regulations or Privacy Shield in the US.
If you use our services while you are outside the EU, your information may be transferred outside the EU to provide you with those services.
Updates to this policy