The Arboricultural Association is the Data Controller and Data Processor of any personal information you provide to us. The information you supply will be used to process your application for membership/accreditation, training, event bookings, product sales, newsletter subscription, advertising or sponsorship.
The Arboricultural Association is a registered charity (company number 1083845) whose registered office is at The Malthouse, Stroud Green, Standish, Stonehouse, Gloucestershire, GL10 3DL. Our trading arm, Arboricultural Association Trading Limited is registered at the same address (company number 05180170).
The Arboricultural Association is a registered data controller with Information Commissioner’s Office UK (ICO), registration number Z1089182.
We use the information we collect for the following:
Occasionally the Arboricultural Association may provide limited data to third parties that provide membership or training related products and services. These may include:
The legal basis for the processing of your data relates to the information provided and the context in which it was collected.
We will only use your information where:
You can stop all email and postal communications you are sent. You can either Unsubscribe by clicking the link in our emails, or by informing us of your preferences via email, post or telephone. Whereever possible we will cease communications immediately upon being informed.
From May 2018 you will also be able to update your preferences on your online profile and select:
You can access, correct, update or request deletion of your personal information at any time, either through your online account or by contacting us, by phone, email or letter.
Deletion of data will be carried out on the understanding that removal of some information (e.g. addresses) during an active membership term may negatively affect the level of benefit achieved from their membership. Please note we cannot delete address information that is attached to invoices as financial information must be held for 7 years for tax purposes.
You can request that we restrict processing of your personal information, object to processing of your information or request portability of your personal information.
For these requests please email us at firstname.lastname@example.org, write to us at The Malthouse, Standish, Stonehouse, GL10 3DL, or telephone 01242 522 152. We will comply with your request where your rights have been exercised in accordance with applicable laws.
If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
If you have any worries or complaints about the way we use your information, please get in touch with us. We’ll do our best to set your mind at ease. And if you feel we’re not meeting the high standards we expect of ourselves, you’re within your rights to tell the UK Information Commissioner’s Office (ICO).
After three years of inactivity on your account we will cease to process your information in anyway unless you have an active subscription to our newsletters.We will keep your information for up to seven years after your last interaction. This period allows for individuals who have undertaken certain courses with us to return to recertify and allows us to support any future interaction with us. After seven years your information will be securely deleted.
Please note that if you would like us to stop processing your data or would like your information deleted before this time, you can submit a request to us at any point via email@example.com or by phone or post.
Wherever possible we will seek to store your personal information within the UK or EU. However, in some instances the information we hold may to transferred to suppliers with systems hosted outside of the EU.
Where services we use store data outside of the EU, we ensure that their policies and procedures meet the same high standards as those utilised in the EU.
Our finance package NetSuite Inc. is hosted in the USA and is certified as providing an adequate level of Protection under the EU-U.S. Privacy Shield Framework they are also working to ensure full GDPR compliance.
We occasionally use Survey Monkey to send out surveys and MailChimp to manage email campaigns, both services are hosted in the USA and are either certified as providing an adequate level of Protection under the EU-U.S. Privacy Shield Framework and are GDPR compliant.
Other systems used to hold or process your personal information are Oomi, our CRM system a product of Centerpoint Computer Services Ltd and Kentico which is our web platform, both of which are hosted within the EU and are GDPR compliant.
We regularly review and update our data handling procedures and ensure that appropriate technical security measures are in place to safeguard your information. We are Payment Card Industry’s Data Security standards (PCI-DSS) compliant with our payment gateway Worldpay and we securely dispose of any hardcopy personal information in accordance with industry best practice. Whereever possible we try to minimise the amount of data we hold and ensure that our devices are secure and well protected.
We may need to update this policy from to time to time. Whenever we make changes to this policy we will endeavour to contact you in advance by your registered email address. If we do not hold email details for you, please look out for the notices on our websites and materials which indicate we have changed this policy. If you continue to share information with us or use our websites after we’ve changed our policy, we’ll take it that you accept the changes.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
To read our policy in full please download from the link below: