DPPE Members

If you are a member of DPPE (including a prospective or past member), this Privacy Notice provides more information about the personal information that we collect, why and who we share it with.  

Personal data we collect and how we collect it

• Identity and Contact Data, including your name, address, telephone number, email address, employer’s name and contact details, job title and function, and other personal information that you choose to provide;
• Opinions, if you choose to provide them on the DPPE Forum;
• Financial and Payment Data, including bank account and other data necessary for processing payments and fraud prevention and debt recovery, including credit/debit card numbers, security code numbers and other related billing information;
• Images and video may be recorded at our events such as a conference. (See below for further information about this)

Special Categories of Personal Data

Special Category Personal Data specifically means personal data relating to race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data.

With the exception of the categories identified below, DPPE does not expect to routinely collect or process special categories of personal data:

• We may need to collect information about a health or medical condition. For example, a disability, hearing or visual impairment where we need to make adjustments or ensure access arrangements at an event in order to meet your specific requirements.
• We may need to collect and record information about a health condition. For example, a dietary requirement at an event where we need to make alternative refreshments available for your needs and comfort.

This sort of information will only be used for these specific purposes.

We do not routinely collect any information about criminal convictions (including offences and alleged offences and any court proceedings or sentence) unless you give this sort of information to us.

Source of your personal information

DPPE expects to collect your personal information directly from you and from third party sources. For example:

• Directly from you: when you join DPPE or provide information via the DPPE Forum;
• Indirectly from third parties: where information is provided by third parties such as your employer as part of the joining process or in connection with the collection of membership subscription fees or event fees.
• Indirectly via our website: from connection data sent to our webserver by your browser when you connect to the DPPE website.
• Indirectly via web based services: for example, where analytical information is collected through electronic platforms made available to you in connection with services that we provide to you.

Information about other people

If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

How will we use your personal information?

• To administer and manage your Membership application, your Membership, event bookings and  communications;
• To process payments, billings and collection of payments;
• For promotional and marketing purposes.

Legal Basis for processing your personal data

Data protection law requires us to provide you with information about the legal basis for processing your personal data.

Contract:

When you apply to join DPPE, we will need to collect and process some personal information in order to administer your application. If you join DPPE, we will need to continue to process your information to manage your membership. Our legal basis for processing your personal information is contractual.

Consent:

We rely on your specific opt-in consent to process your personal information in the following circumstances:

• to send you electronic direct marketing that you haven’t specifically requested;
• to publish a testimonial you have provided in conjunction with your name;
• to publish an image or video of you where you are the main focus (or your image is accompanied by your name), on our website or on a third-party social networking platform such as LinkedIn, Facebook or Twitter;
• to share your personal data with a third party for their own journalistic purposes;
• to share your personal information with a third party for their marketing purposes.

Legal Obligation:

We may need to use your personal data in order to comply with our legal obligations. For example, in order to comply with VAT rules.

Legitimate Interests:

In most other cases, our use of your personal data will be on the legal basis that it is necessary for our legitimate interests, or those of a third party such as an affiliate, providing those interests are not overridden by your own interests or fundamental rights and freedoms. For example:

• We may publish an image of you as part of a group of delegates or where you are not the main focus of the image, at a DPPE event on our website, in our Newsletter, on our social networking platform such as Facebook, Twitter or LinkedIn for the purposes of promoting and marketing DPPE;
• We may permit trusted affiliates to publish an image of you as part of a group of delegates at a DPPE event held in conjunction with that affiliate for the purposes of promoting DPPE and the affiliate’s joint working objectives;
• We may process your personal information for security purposes.

Explicit Consent and Substantial Public Interests Based Upon Law

Rarely, we need to process special categories of personal data such as health or medical information. For example, in order that we can cater for specific dietary needs or a hearing impairment at an event you are attending. We will only process this sort of information with your explicit consent or where it is necessary for reasons of substantial public interest that are based upon a law.

Legal Claims

DPPE may process special category personal information where it is necessary to establish, exercise or defend legal claims or where a court is acting in a judicial capacity.

Direct Marketing

DPPE processes personal data for the purposes of direct marketing and promoting our organisation. However, it will never sell or rent your personal information to a third party, without your consent, for that third party’s marketing purposes.

Where DPPE requires your consent to send you direct marketing, you have the legal right to withdraw that consent at any time.

To withdraw your consent to electronic direct marketing such as emails, please follow the opt-out links on any marketing message sent to you or contact privacy@dppe.org.uk.

Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our membership services because we do not rely upon your consent to provide you with these services. However, by withdrawing or not providing your consent to direct marketing, you may not receive information about DPPE events (both paid for and free events) such as webinars, seminars and training courses.

Disclosure of your personal data

Normally, we wouldn’t expect to share your personal data with another organisation except in the following circumstances:

• with our subsidiary undertakings and/or affiliates for the purposes of providing you with our services as described in this Privacy Notice;
• on a confidential basis with third parties for the purposes of collecting your feedback on our services, to help us measure our performance and to improve and promote our services;
• with service providers who we engage e.g. external software providers and mailers. For example, the DPPE forum platform and the DPPE website. Where we do this, the service providers are contractually required by us to keep your personal data secure and to only process it strictly in accordance with our instructions;
• where you have consented, with third parties for their marketing purposes;
• if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.

Information we transfer outside the European Economic Area (EEA) and the UK

Your information is normally kept within the UK or within the European Economic Area (EEA) and this is a priority for DPPE when choosing where we host and use your information.

On some occasions, we may have to use services that host your information outside of these areas. When this occurs, we will take steps to ensure that your information is protected by only using reputable suppliers that have gone through data protection due diligence checks and ensuring that the transfer complies with relevant data protection law.

If you require more information about this please contact the DPPE Privacy Manager.

How long we keep your personal data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.

For example, records of past members are usually retained for 7 years after they have left DPPE. Beyond this, we will retain your contact details on our database unless you ask us to delete them.

Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.

If you want to learn more about our specific retention periods for your personal data established in our retention policy, you may contact us at privacy@dppe.org.uk.