Privacy Policy
Introduction
This website is operated by The International Cranial Association CLG and we are a controller for the purposes of the Data Protection Act 1998 and the EU General Data privacy policy. This means that we are responsible for, and control the processing of, the personal information you provide to us when using this website in accordance with this privacy policy.
ICra understands that members care about the use and storage of their personal information and we value your trust in allowing us to do this in a careful and sensible manner. We have created this privacy policy statement in order to demonstrate our commitment to the privacy of our members.
By using ICra Association websites, our social media pages, our telephone contact, our helpdesk functions and any other ICra service, you are acknowledging that we are processing your personal information and, where necessary consenting to such practices, as outlined in this statement.
If you are using our website to apply for events such activities are governed by a separate privacy policy which outlines how we process your personal information for these purposes and your rights in relation to the same.
Personal information which we collect
We collect personal information about you (and others if their personal information is provided by you) when you:
(a) make a membership application either personally as a member;
(b) register or alter details for ICra study days or other workshop events;
(c) request information;
(d) sign up for our newsletter and other services emails (in line with study day);
(e) enquire about or apply for membership and study days and engage with us to receive helpdesk services (such as by contacting our customer services department, through the "Contact Us" form on our website or by calling our telephone helpline;
(f) post material to our website and / or social media page;
(g) complete membership feedback or surveys as part of your attendance at a meeting or study day;
(h) register for membership;
(i) raise a complaint or dispute with us or are involved in an incident at our 'in development' premises (e.g. in relation to health and safety reporting);
(j) speak to one of our committee members, office team or members of our customer services or 'in development' PR team; AGM minutes;
(k) and/or use our website and membership applications in any other way.
The personal information collected in the above manner may include the following about you (and others if their personal information is provided by you):
(a) full name;
(b) postal address;
(c) email address;
(d) telephone number;
(e) payment details;
(f) geo-location;
(g) machine identifiers (such as IP addresses);
(h) dispute resolution information;
(i) professional Education Information;
(j) supplementary information (dietary and other preferences and special requirements);
(k) image data;
(l) behavioural data (cookies - see Cookies section below);
(m) voice recordings; 'in development' for education;
(n) identification information (such as passports, drivers' licences or national identity cards).
Personal information provided by third parties
We may obtain information about you from social media providers such as Twitter and Facebook or from third party websites where you have left commentary or feedback about us.
How we use your information
We will collect personal information:
In order to take the necessary steps in preparation of, or to fulfill our obligations under, a membership application.
A: Bookings and payments - provide communications about bookings, being provided to you (and others if their personal information is provided by you);
B: Bookings and account updates - send details of new, amended or cancelled bookings of 'my ICra account' details and changes - usually via email;
C: Update you on matters affecting your membership and study day booking - contact you (and others if their personal information is provided by you) in the event of a change that affects a booking or any data or personal information you have provided us with, such as changes to terms and conditions of booking or this privacy policy;
D: Website service communication - provide notifications of any changes to our website or to our services that may affect you (and others if their personal information is provided by you);
E: Customer service communication - provide you with requested information or correspondence, such as a Membership Directory or a response from us to an enquiry made by you;
F: To provide assistance in completing membership professional development training bookings - send reminder emails to continue with a booking.
G: Maintain your ICra members' area - update our records, create and maintain your account;
H: Simplify payment process - use saved payment cards within your ICra account so that, upon making future bookings, you have the convenient option of selecting a previously saved card in order to pay. This information is only used / accessed when you use your saved card to pay for a booking;
I: Promotional offers - inform you about events and news that may be of interest;
J: Maintain records indicating your consent to status - to ensure we accurately reflect your wishes when communicating to you in our legitimate interest* improve our services;
K: Website customisation - to customise our website and its content to your particular preferences in accordance with the Cookies section;
L: in our legitimate interest* to protect against fraud;
M: Website improvement and fraud prevention - improve our websites, prevent or detect fraud or abuses of our websites and enable third parties to carry out technical, logistical or other functions on our behalf;
N: Security - carry out security checks when allowing you access to our services and to block fraudulent or suspected fraudulent activity;
O: in order to meet our legal obligations.
* any reliance on legitimate interest shall not prejudice your interest or fundamental rights and freedoms.
How long we will keep your personal information
We retain your information for a range of purposes which determine the period of time for which we need to keep such information. For example (list is not exclusive):
| Data | Retention Period |
|---|---|
| For the purposes of marketing | 3 years from the point of last contact with you, this may include use of our websites, membership; study day responses to communications with you |
We will remove your data from our systems at the end of the applicable data retention periods, unless we are required by current or future law to retain your personal information for a longer period.
Cookies
Cookies are small files stored on a visitors computer. There are two types: 'session cookies', that are maintained for the duration of a browsing session, and then destroyed when the user closes the browser window, or 'persistent cookies', which are saved on a users' hard drive in order to identify either the user, or information about the user, the next time you log onto a website.
This website uses session cookies only, to assist with purchases made through the website and to keep you logged in to the Members' Area.
Our approach to information security
To protect your information, ICra has policies and procedures in place to make sure that only authorised personnel can access the information, that information is handled and stored in a secure and sensible manner and all systems that can access the information have proportionate and reasonable security measures in place.
While we take commercially reasonable measures to ensure the safety and security of your data, due to the inherent risks with the Internet, we are unable to warranty the absolute security of your data when using our services.
In order to process any of the requests listed below, we may need to verify your identity for your security. In such cases your response will be necessary for you to exercise this right.
The right to access information we hold about you
At any point you can contact us to request details concerning the information we hold about you, why we have that information, who has access to the information and where we got the information. In most cases you may be entitled to copies of the information we hold concerning you. Once we have received your request we will respond within 30 days.
The right to correct and update the information we hold about you
If the data we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated.
The right to have your information erased
If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold. When we receive your request, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted.
The right to object to processing of your data
You have the right to request that ICra Association stops processing your data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your data to comply with your other rights.
The right to ask us to stop contacting you with direct marketing
You have the right to request that we stop contacting you with direct marketing. On promotional emails we provide an 'unsubscribe' link at the bottom of the email which will unsubscribe you from that service.
The right to data portability
You have the right to request that we transfer your data to another controller. Once we have received your request, we will comply where it is feasible to do so.
The right to object to automated decision making / profiling
You have the right to request that we stop profiling you in relation to our direct marketing practice. You can inform us and we will deal with your request accordingly.
The right to complain
You can make a complaint to us by contacting us via or to the data protection supervisory authority - in the UK this is the Information Commissioner's Office.
Consent
In those cases where we need your consent to process your information, we will ask you to make a positive indication (e.g. to tick a box or insert your contact details on the relevant form or web page requiring consent). By actively providing us with your consent, you are stating that you have been informed as to the type of personal information that will be processed, the reasons for such processing, how it will be used, for how long it will be kept, who else will have access to it and what your rights are as a data subject and that you have read and understood this privacy policy.
Sharing your information
The information and data we collect is important for ICra Association and we understand that you care about the use and storage of your personal information we value your trust in allowing us to do this. We would not want to share this with anyone else unless we have your express consent, we will never disclose, rent, trade or sell your personal information to any third parties for their marketing purposes.
We do disclose or transfer your data or personal information to other companies, data processors or agents employed by us to perform any necessary functions on our behalf (such as hosting and maintaining our website, providing us with data management systems, market research, customer satisfaction surveys and support services), but they are bound by similar terms to those set out in our privacy policy and may not use this information for their own purposes.
Contact details
If you have any queries about this policy, need further information or wish to lodge a complaint you can use the details below to contact us.
Changes to this Privacy Policy
We may change this policy from time to time. You should check this policy occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.