{"id":4319,"date":"2018-05-24T10:57:52","date_gmt":"2018-05-24T10:57:52","guid":{"rendered":"http:\/\/thecpr.org.uk\/?page_id=4319"},"modified":"2018-06-01T10:10:48","modified_gmt":"2018-06-01T10:10:48","slug":"cpr-privacy-policy","status":"publish","type":"page","link":"https:\/\/thecpr.org.uk\/cpr-privacy-policy\/","title":{"rendered":"CPR Privacy Policy"},"content":{"rendered":"
Introduction<\/strong> We take your privacy seriously and will only use your personal information to administer your transactions with us (online and offline) and to provide information about the events, resources and services you have requested. All data is collected and is currently processed in accordance with the Data Protection Act (1998) and GDPR.<\/p>\n Our priority is to avoid causing harm to individuals by:<\/p>\n We aim to be open and transparent in the way we use personal data to give individuals as much choice as possible, within reason, over what data is held and how it is used.<\/p>\n Areas of work The personal data that we process and store<\/strong><\/p>\n For E-marketing<\/strong><\/p>\n For Bookshop customers, CPR members, Performance Research<\/em> subscribers and Project participants:<\/strong><\/p>\n For Employees:<\/strong><\/p>\n How we collect, process, protect and dispose of data<\/strong><\/p>\n How we collect data<\/strong><\/p>\n Cookies You can change your browser settings to remove, block or withdraw your consent for cookies at any time. But in some cases this may impact on your ability to use our website. Browsers recognise different types of cookies and allow you to treat them differentially, as desired. There are two main types of cookies, first and third party: First Party Cookies are those set by the website you are viewing. Third party cookies are set by other sites; for example if a video has been embedded from YouTube, YouTube may set a cookie of its own.<\/p>\n Cookies can also last for different durations. Session cookies last until you leave the site, others may last for days or months so the site can recognise you and your preferences on subsequent visits.<\/p>\n We use a small number of third party service providers on our websites, some of which may set cookies on your computer when you use the facility. Each provider has their own privacy policy:<\/p>\n How we process and protect personal data<\/strong><\/p>\n How we dispose of data Personal data breaches CPR holds a small amount of personal information on individuals that should not cause harm to an individual should it be compromised. However, CPR will take any breach seriously and inform individuals if their information has been compromised and outline how it may affect them.<\/p>\n Third Parties<\/strong><\/p>\n CPR does not share the information it collects on individuals with any Third Parties with two exceptions:<\/p>\n 1. Name and address details collected from contributors to the Performance Research<\/em> Journal and subscribers to the Performance Research<\/em> Journal are shared with the publisher Routledge, Taylor & Francis for the purpose of hard copies of the issue being despatched to them on publication. The publisher has just updated their own privacy policy which governs how such data is used, and the new info can be found here:\u00a0http:\/\/taylorandfrancis.com\/customer-privacy<\/a>.<\/p>\n 2. Whilst not actively shared, the contact details of customers (but no financial information) who have purchased items in the CPR online shop in our website data management system are accessible by our web developers, who need access for the purposes of repair and updating the website. CPR has worked with the same developers for many years and judges the risk that this will lead to information being compromised is extremely low. Information about the developers\u2019 system and privacy policy can be found at www.scl.co.uk<\/a>.<\/p>\n Roles and responsibilities<\/strong><\/p>\n CPR\u2019s Board of Trustees recognises its overall legal responsibility for data compliance. Day-to-day responsibility for Data Protection is delegated to a nominated Data Protection Officer, currently Helen Gethin.<\/p>\n Subject Access Request Forms Anyone who wishes to know what information CPR holds about them should write to info@thecpr.org.uk with the email subject line \u201cSubject Access Request\u201d. In line with GDPR:<\/p>\n
\nCPR is committed to best practice in the handling of personal and sensitive data and careful compliance with requirements of GDPR (General Data Protection Regulations), which comes into force on 25 May 2018.<\/p>\n\n
\n<\/strong>This data protection policy covers all CPR activities, including the activities of its subsidiary the Performance Research <\/em>Journal, in relation to marketing, bookshop sales, membership of CPR, CPR and Performance Research<\/em> projects and HR. We define these activities as:<\/p>\n\n
\n
\n
\n
\n
\n<\/strong>A cookie is a small data file that is downloaded on to \u2018terminal equipment\u2019 (like a computer or smartphone or other device) when you access a website. It allows the website to recognise that user\u2019s device and store some information about the user\u2019s preferences or past actions.<\/p>\n\n
\n
\n<\/strong>We will keep the majority of personal information only for as long as is reasonably necessary for the purposes set out in this privacy notice and to fulfil our legal obligations. We will not keep more information than we need. The retention period will vary according to the purpose, for example:<\/p>\n\n
\n<\/strong>A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. A breach could be accidental and deliberate.<\/p>\n
\n<\/strong>Subject access request refers to the right that individuals have to see a copy of the information an organisation holds about them.<\/p>\n\n