Privacy Policy

We take your privacy and the security of the data we hold about you very seriously and we are committed to doing everything we can to protect, inform you on what we are doing with it, how we manage it and why.

Our policy covers:

  1. The collection of data
  2. The use of data
  3. Management of our privacy policy, who is accountable and how often we review and update our processes, and how we will keep you informed about updates
  4. How we will store your data
  5. How you can access your data, update it and request to be removed or restricted from any data processing
  6. What the procedure is if there has been a potential data security breach

Our data policy has been written to ensure compliance with all applicable laws including the General Data Protection Act 2018 (these are collectively referred to as “data protection laws”).

  1. The collection of data

You may provide personally identifiable information to us when you visit the Site.  If you voluntarily register with us, we will hold your personal information securely, and will only use that information for the purpose for which it was given. You may have to create a user name or password to register with us and log in to your account.  You are responsible for protecting your user name and password.  You may not share your user name or password with others or allow others to use them, and you must provide complete and accurate information to us at all times in the registration process.

We will not disclose your personal information to any third party, unless required to do so by law, regulation, law enforcement inquiries, court orders, subpoenas and similar requests, or when we otherwise believe in good faith that such disclosure is necessary or appropriate in connection with any activity that violates the law or may expose us to liability.

You may also browse and access information on this Site without giving any personal identification.

The data we are likely to collect will include, but is not limited to:

  • First and Surname
  • Email address
  • Address including postcode
  • Phone, Fax, and mobile number
  • Biographical Info
  • Company and geographic information
  • Social identifiers
  • Preference data – provided by you at the point of sign up
  • Cookie and behavioral data – based on web and email activity
  • Marketing Opt-in data
  • Email communications responses.
  • History – a full audit trail of training progress, forum activity, and recent searches

To help make our Site more useful, and for statistical and diagnostic purposes, IARD collects the following non-personal information whenever you visit our Site:

  • Internet Protocol (“IP”) address
  • Internet domain server
  • Web browser profile
  • Date and time of Site visit and pages visited
  • Address of previous website if referred to our Site, including search engines and keyword searches used.

We are concerned about the privacy of children who use the Internet. We do not knowingly collect personal information from children under the age of 13.  If we learn that we have collected the personal information of a child under the age of 13, we will take reasonable steps to delete the information as soon as possible.

IARD and/or the host of its Site collects your IP address. An IP address is a number that is assigned to your computer when you use the Internet. The IP address data that we collect does not contain any personally identifiable information about you and is used to administer our Site, to determine the numbers of different visitors to the Site and to gather broad demographic data.

  1. The use of data

In line with the data regulations, we will only use the data we collect or are provided by our users in a lawful way for legitimate and specific purposes.

  • Sending newsletters via email
  • Updates to services
  • Notifications and information which may be of interest
  • Profiling and segmenting data
  • Market research and analysis

The non-personally identifiable data that IARD collects is accessible by certain IARD personnel as well as certain third-party website designers and personnel involved with the third-party service that hosts the Site. IARD uses all non-personally identifiable data that it collects internally and together with its Site designer and host in order to improve IARD’s Site. The information is used, for example, to evaluate what portions of the Site are more popular than others, to determine from where visitors came to the Site, and to determine how many times particular pages of the Site were accessed in the aggregate. IARD personnel use the data to prepare reports regarding website activity as part of the process of maintaining and improving the Site.

IARD and/or the host of its Site uses “cookies.” Cookies are small text files that are placed on a visitor’s computer hard drive that, among other things, allow IARD and/or the host of its Site to record how many times a user or computers within a user’s network of computers has visited the Site, the number of times various pages of the Site have been accessed and other such information. You may disable receipt of cookies using features of your web browser that disable or turn off cookies. IARD does not use cookies to retrieve information that is unrelated to your visit to or your interaction with IARD’s Site.  Although you are always free to decline our cookies if your browser permits, rejecting a cookie may interfere with your ability to use certain features on the Site.

  1. Management of our privacy policy

Due to the rapidly evolving technologies on the Internet, IARD will regularly update this Privacy Policy. All revisions will be posted to IARD’s Site and we urge you to review its Privacy Policy frequently. We will review and update our policy at least every 12 months and when data regulations are updated. We will email you when we update our policy, providing you with a link to view the updated policy on our website.

We will also email you to let you know that we are currently storing data and personal information about you if we collect it indirectly.

  1. How we will store your data

IARD does not sell or otherwise provide any personal information collected via its Site to other companies, firms or individuals without the permission of those who provided the information. IARD does not collect personally identifiable information via its Site except to the extent that such information is voluntarily provided through use of the Site’s features.  IARD takes reasonable security precautions, including administrative, technical and physical measures, to maintain the privacy of the data that are collected by ensuring that it is accessible only to appropriate personnel.

Data is only accessible by authorized employees and all access rights are managed and monitored centrally via secure log in and password. On leaving IARD or changing roles, all rights and access to any user data ceases instantly.

This Privacy Policy is intended to meet the laws and regulations of the United States, and we have made changes in this policy to support the new EU data regulations (GDPR).

Our databases are located in the United States and by sending us your data, you consent to its transfer to and storage within the United States.

By using our website and any data provided within it you are solely responsible for complying with all local laws, rules and regulations regarding online conduct, sharing of data and website access.

  1. How you can access your data

We want to make it as easy for you to be in control of your data.

You have the right to:

  • Access the data we hold on you
  • Ensure the data we have is accurate and up to date
  • Object to us using your data within automated processing or profiling
  • Restrict how we process/use your data
  • Request the erasure or deletion of the data we hold on you

Data we hold on you can be accessed on your profile page in the member settings section of the site.

You can also contact us at data@iard.org with the subject “Data Access Request”. Please provide 2 forms of identification from the following to prove you are the individual requesting the data:

  • Passport
  • Driving license
  • Birth certificate
  • Utility bill (from last 3 months)
  • Current vehicle registration document
  • Bank statement (from last 3 months)

We will then contact you with details of how you can access the data we store on you within in 1 month of receiving your request.

If you notice an error in the data we hold on you or would like us to update our records in any way, then please contact us at data@iard.org with the subject “Data update request”. We will respond within 1 month.

If you would like us to delete all data and information we hold on you please contact us at data@iard.org with the subject “Delete record”.

Please note that although we fully respect your wish to remove all data we hold, there is a level of data we may need to retain for up to 7 years for legal, accounting and compliance reasons. On receiving your request we will review your request and respond to outline what data we can remove. We will work to respond within 1 month.

All requests will be tracked and stored in an internal log.

  1. Data security breach

If we suspect a data breach of any kind we will report it to our membership organizations immediately.

If you suspect a data breach, which you believe may have involved IARD and the data we hold on you, please email info@iard.org with the subject “Data Breach” and we will respond within 72 hours.

 

This policy was last updated on May 25, 2019

IARD welcomes questions and comments about this policy. If you have questions or comments about this Privacy Policy, please contact us at data@iard.org.

 

 

IARD
IARD
@IARDnews
RT @BIERoundtable: .@IARDnews featured 9 BIER members for their collaborative efforts in minimizing energy and water use. See our members’… • 3d
follow us