Privacy and legal
The Investor Relations Society (IR Society) is committed to processing any personal information about its members or visitors in ways that comply with its legal and regulatory obligations, and to being clear about what it does with their personal information.
The data we collect to fulfil these services is predominantly from personal members. We do not collect any special category or sensitive data. We may collect personal information when:
- you use our website
- you subscribe as a member
- you contact us or
- you are a recipient of our training or events.
We may collect the following types of information:
- your name, address, email address, telephone number(s)
- your business contact details such as your position in your company, address, email and telephone number
- information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation);
- information relating to any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services e.g. your payment information such as credit or debit card details and bank account details.
Why do we collect this information?
The personal data collected is needed in order to:
- provide you with the membership benefits
- provide certification for the Certificate in IR (CIR), Diploma in IR (DipIR) or other training that we offer
- to meet our legal and regulatory obligations
Information collected through our website is needed:
- to help identify your computer; analyse data about web page traffic and improve our website in order to tailor it to our customer needs
- to allow non-members to benefit from IR Society information
We also collect personal contacts from our Business and Corporate clients and prospect clients, for our legitimate interests. Almost entirely these contacts are corporate individuals and while this is still categorised under GDPR or other UK and EU legislation as personal data we are aware that it can be used for business-to-business marketing purposes, as stipulated by the Privacy of Electronic Communications Regulation (PECR) to which we comply.
How do we collect this information?
We collect personal information:
- directly from members: e.g. when a customer signs up to receive our services or registers on our website
- from publicly available sources: e.g. Networking, social media, internet services, exhibitions, direct referrals, other Corporate bodies
- from non-members who wish to subscribe to receiving our industry updates
We are committed to keeping your information up to date as far as is reasonably possible. However, if you believe that we have made an error, then please contact us as we have outlined below, and we will use reasonable endeavours to correct.
We also capture data using Cookies; a cookie consists of a piece of text sent by a web server to a web browser and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
The following cookies are used on this website:
exp_tracker: this cookie temporarily keeps track of the last 5 pages you visited on the site. This information allows the site to redirect you to the page you were on before activities such as submitting a comment or sending an email through the contact form. It is a ‘session’ cookie, meaning it expires as soon as you close your browser.
exp_last_activity and exp_last_visit: these cookies store the dates of your last activity on the site. exp_last_visit is only relevant to registered users — if you’re browsing the site as a guest, this cookie will be set to a date in the past. These are ‘persistent’ cookies, which do not automatically expire when you close your browser.
exp_css_skin: if you have made any display choices (for example to select a high-visibility layout for visually impaired visitors) this persistent cookie is used to remember your choice next time you visit.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including this one.
How do we use the data we collect?
The majority of our data is held within our membership database and mailing database for use with our members, ex- members and non-members who subscribe to receive our email updates.
We also hold contact data on prospective Corporate or business entities where hold very little personal data and any such data we hold is used for contacting the corporate or business with whom we wish to engage.
Any processing activities we undertake are fully compliant with UK and European data protection regulations and PECR where needed for the marketing approaches we undertake.
Information collected may be used for the following:
- internal record keeping
- administration of our website
- to improve our products and services
- to maintain records of training completed and certifications we have delivered
- send statements and invoices to you, and collect payments from you
- send to you our newsletter and other marketing communications relating to our business which we think may be of interest to you by by email or similar technology (you can inform us at any time if you no longer require marketing communications);
- to undertake our annual survey of the investor relations community
- to provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
- deal with enquiries and complaints made by or about you relating to the website.
Keeping your information safe and secure
The IR Society is committed to keeping customers’ personal information secure to protect it from being inappropriately or accidentally accessed, used, shared or destroyed, and against it being lost.
In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We are working towards becoming certified to the UK Cyber Essentials scheme.
We currently do not share any data outside the EEA for our UK clients but should we need to transfer personal information to third parties located outside the UK, we will ensure that information is protected to a level which meets the requirements of UK and European data protection regulations.
For our training certifications we do potentially share data with the host country where the applicant resides. We use appropriate security techniques to ensure that any personal data transferred from overseas to the IR Society is secure and vice versa.
You are responsible for keeping your password and user details confidential. We will not ask you for your password (except when you log in to the website).
Third party access
Access to your personal information is only allowed when required by law or is required as part our fulfilling our service obligations. We do not, and will never, sell or share your personal information with other third parties.
We do use third party providers to:
- ensure our IT and security measures are sufficiently robust to protect your data
- to conduct an annual membership survey
- to share information to our members on a weekly or monthly basis via email
- to help us manage and host events or with tutors who deliver our training and certifications
- allow is to receive electronic payments form PayPal or Worldpay
Links to other websites
Our website and email newsletters and bulletins may contain links to other websites of interest.
However, you should note that we do not have any control over these other websites. Once you have used any of these links to leave our site, therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites and such sites are not governed by this privacy statement.
How long do we keep personal information?
We will only retain customers’ personal information for as long as it is needed to carry out a particular purpose or meet a particular obligation or if you requested us to remove your data.
- For our members we will retain their personal details for as long as they remain a member and up to 2 years after they leave us
- For anyone who enquires about membership but does not sign up we will maintain records for up to 2 years
- For anyone subscribing to our email updates who does not join our membership we maintain their details until you tell us to cease or to remove their data
- For anyone who completes our certified training we will maintain a record of the successful certification indefiniotely to enable us to replace any lost certificates
To remind you that we hold your data we will send a refresher to anyone who uses our services but does not join the membership scheme once every 2 years.
The IR Society undertake marketing activity for our legitimate interests, for our own business. We may make unsolicited approaches and cold calling to business or corporate contacts only either, using prospect information held within our database or using information drawn from publicly-available sources. These approaches are made in a fully complaint manner as governed by PECR, with the contacts being given the option to opt out from such contact. Any changes to our marketing activities will be up dated in this Policy and we will ensure that the activity we undertake will be compliant with UK and European data protection regulations.
Controlling your personal information
You may choose to:
- request details of personal information which we hold about you
- restrict the collection of personal data
- to restrict the use of your personal information for marketing pro the promotional activity
- or even to delete any records that we may hold;
In some cases we may not be able to comply with your request or will need withhold such personal information to the extent permitted by law.