Date: 3rd May 2018
We are committed to protecting your personal information and being transparent about what we do with it, no matter how you interact with us. That’s whether you want to be an AIESEC member, a volunteer, or take part in one of our Exchange Programmes.
We are committed to using your personal information in accordance with our responsibilities. We are required to provide you with the information in this Privacy Notice under applicable law which includes:
- • the Data Protection Act 1998, which will be replaced by the General Data Protection Regulation (EU) 2016/679 from 25 May 2018
- • the Privacy and Electronic Communications (EC Directive) Regulations 2003.
We won’t do anything with your information you wouldn’t reasonably expect.
Processing of your personal information is carried out by or on behalf of AIESEC UK LTD. AIESEC (UK) is a company limited by guarantee. Registered No 01206976. Registered Charity No 274779.
If you have any queries about our Privacy Notice, please get in touch with our Data Protection Officer:
|Phone||020 7549 1812|
|Post||Data Protection Officer 1E Mentmore Terrace| London | E8 3DQ|
How and when we collect information about you
When you directly give us information
We may collect and store information about you when you interact with us. For example, this could be when you:
- • apply to be an AIESEC member
- • apply for one of our exchange programmes
- • register for an AIESEC event or conference (For example this may require us to share your name and dietary requirements with venues)
- • apply to volunteer for one of our Local Committees
- • give us feedback
- • make a complaint
- • work with our organisation
When you indirectly give us information
When you interact with us on social media platforms such as Facebook, WhatsApp, Twitter or LinkedIn we may also obtain some personal information about you. The information we receive will depend on the privacy preferences you have set on each platform and the privacy policies of each platform. To change your settings on these platforms, please refer to their privacy notices.
We may obtain information about your visit to our site, for example the pages you visit and how you navigate the site, by using cookies. Please visit our cookies policy for information on this.
What information we might collect
When you engage with us by phone, mail, in person or online, we may collect information about you (referred to in this Privacy Notice as ‘personal information’). This may include your name, address, email address, telephone number, date of birth and details of your education and career, why you are interested in AIESEC and other information relating to you personally which you may choose to provide to us.
Data protection law recognises that certain types of personal information are more sensitive. This is known as ‘sensitive’ or ‘special category’ personal information and covers information revealing racial or ethnic origin, religious or philosophical beliefs and political opinions, trade union membership, genetic or biometric data, information concerning health or data concerning a person’s sex life or sexual orientation.
Sensitive information will only be collected where necessary, for example, we may ask you for your nationality when you sign up to become a member.
With your explicit consent, we may also collect personal information if you choose to tell us about your experiences relating to our services for use in testimonials
How and why we use your information
We will use your personal information for the following purposes:
- • Responding to a request: If you contact us with a query, we may use your personal information to provide you with a response.
- • Direct marketing: We will only send you marketing information by email, SMS, or phone if you have given us specific consent. If you withdraw your consent and then subsequently opt in to receive marketing information again then you most recent preference may supersede.
- • Monitoring and Evaluating: We may use your information in order to improve current and future delivery of our services.
- • Processing an application to work with us: We may process your information if you send or fill in an application form or send us your CV or details in respect of an opportunity to work with us in order to evaluate your suitability and respond to you.
- • Contractual purposes: We will need to use your personal information in order to carry out our obligations arising from any contracts entered into between you and us for services provided.
- • Providing and developing our website: We may use your personal information to help provide you with access to our website, personalise your experience, and improve and develop it further.
- • Administration: We may use your personal information to record and deal with a complaint, record a request not to receive further information, and for other essential internal record keeping purposes.
- • Protecting your vital interests: We may process your personal information where we reasonably think that there is a risk of serious harm to you or someone else.
- • Legal, regulatory and tax compliance: Where required we are subject to a legal obligation, we may process your personal information to fulfil that obligation.
Who do we share your information with?
We will only use your information for the purposes for which it was obtained. We will not, under any circumstances, sell or share your personal information with any third party for their own purposes, and you will not receive marketing from any other companies, charities or other organisations as a result of giving your details to us.We will only share your data for the following purposes:
- • Third party suppliers: We may need to share your information with data hosting providers or service providers who help us to deliver our services and projects. These providers will only act under our instruction and are subject to pre-contract scrutiny and contractual obligations containing strict data protection clauses.
- • Where legally required: We will comply with requests where disclosure is required by law, for example, we may disclose your personal information to the government for tax investigation purposes, or to law enforcement agencies for the prevention and detection of crime. We may also share your information with the emergency services if we reasonably think there is a risk of serious harm or abuse to you or someone else.
We always aim to ensure that personal information is only used by those third parties for lawful purposes in accordance with this Privacy Notice.
How we protect your information
We use technical and corporate organisational safeguards to ensure that your personal information is secure. We limit access to information on a need-to-know basis and take appropriate measures to ensure that our people are aware that such information is only used in accordance with this Privacy Notice.
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.
Our online forms are always encrypted and our network is protected and routinely monitored.
If you use your credit or debit card, we pass your card details securely to our payment processing partners.
We do this in accordance with industry standards and do not store the details on our website.
Please be aware that there are always inherent risks in sending information by public networks or using public computers and we cannot 100% guarantee the security of data (including personal information) disclosed or transmitted over public networks.
How long will we keep your information?
If you request that we stop processing your personal information we may in some instances need to add your details to a suppression file to enable us to comply with your request not to be contacted.
In respect of other personal information, we will retain it for no longer than necessary for the purposes for which it was collected, taking into account guidance issued by the Information Commissioner’s Office.
International transfers of information
We may, on occasion decide to use the services of a supplier outside the European Economic Area (EEA), which means that your personal information is transferred, processed and stored outside the EEA. You should be aware that, in general, legal protection for personal information in countries outside the EEA may not be equivalent to the level of protection provided in the EEA.
However we take steps to put in place suitable safeguards to protect your personal information when processed by the supplier such as entering into the European Commission approved standard contractual clauses. By submitting your personal information to us you agree to this transfer, storing or processing at a location outside the EEA.
Your rights to your personal information
Data protection legislation gives you the right to request access to personal information about you which is processed by AIESEC UK and to have any inaccuracies corrected.
|Phone||020 7549 1812|
|Post||Data Protection Officer 1E Mentmore Terrace| London | E8 3DQ|
You also have the right to ask us to erase or edit your personal information, ask us to restrict our processing of your personal information or to object to our processing of your personal information.
If you wish to edit or erase your personal information, please contact our Data Protection Officer at the email address or via our postal address above. If you wish us to process a subject access request please click here to download a form and send it along with copies of two separate identification documents which provide photo identification and confirm your address, such as a passport, driving licence, or utility bill.
Please also provide any additional information that is relevant to the nature of your contact with us, as this will help us to locate your records.
You can send us the documents via post to:
|Post||Data Protection Officer | 1E Mentmore Terrace| London | E8 3DQ|
Alternatively email a copy of the form along with scans or photos of your two forms of identification to: firstname.lastname@example.org
We will respond within 30 days, on receipt of your written request and copies of your identification documents.
How to make a complaint or raise a concern
If you would like more information, or have any questions about this policy, to make a formal complaint about our approach to data protection or raise privacy concerns please contact our Data Protection Officer.
If you would like to make a complaint in relation to how we have handled your personal information, please contacts our Data Protection Officer at email@example.com. If you are not happy with the response you receive, then you can raise your concern with the relevant statutory body:Information Commissioner’s Office: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Alternatively you can visit their website.
We are registered with the Information Commissioner’s Office as a Data Controller under number Z8078663.
Changes to our Privacy Notice
Our Privacy Notice may change from time to time, so please check this page occasionally to see if we have included any updates or changes, and that you are happy with them.