CONFER PRIVACY POLICY
Confer is dependent on the generosity and support of its many supporters, employees, workers, volunteers and the general public. Paramount to maintaining and building on this is that Confer should conduct its business, at all times, in a manner which is fair and legal, and which earns the public trust enjoyed by the organisation.
Respecting your privacy and security is very important to us. Our Privacy Notice gives you detailed information on when and why we collect your personal information, how we use it and how we keep it secure. It also provides information about your privacy rights and how you may contact us.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
WHO WE ARE
CONFER is an independent organisation established by psychotherapists in 1998 to provide innovative, challenging and inspiring continuing educational events for psychotherapists, psychologists and other mental health workers.
Confer Education Limited (company number 14700536).
Under this policy, ‘we’, “us”, “our” and ‘Confer’ refers to Confer Education Limited.
Confer’s registered office is:
Confer Education Ltd, 17 Western College Road, Mannamead, Plymouth PL4 7AG
You can also contact us by via the website: www.confer.uk.com/contactus.html
If you have questions regarding this privacy notice, including any requests to exercise your legal rights, please contact our Data Protection Officer by email: support@confer.uk.com
THE DATA WE COLLECT ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We only collect the information that’s necessary to carry out our business, provide the particular service you’ve requested and to keep you informed. There are occasions when you can choose not to give us certain information, but this for example, may limit the level of personalisation we offer e.g. you may not get to hear about an event you would have loved to have attended.
We collect, use, store and transfer different kinds of personal data about you.
The type of information we collect depends on where and when it is gathered.
- Identity Data includes prefix, first name, maiden name, last name, username or similar identifier, title, and date of birth.
- Contact Data includes billing address, delivery address, city or places of residence, email address and telephone numbers.
- Financial Data includes bank account and payment card details. Please note, we will not hold payment information for any longer than it takes to process your transaction.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Profile Data includes your username and password, purchases or orders made by you on the Confer Online Platform, your interests, preferences, previous interactions with Confer (particularly ticket or module purchases and event attendance), feedback and survey responses.
- Technical Data includes internet protocol (IP) address and your login data. A public IP address is a unique number which allows a computer, group of computers or other internet connected device to browse the internet. The log file records the time and date of your visit, the pages that were requested, the referring website (if provided), your internet browser type and version, operating system and platform and other technology on the devices you use to access this website. This information is collected to help diagnose and manage the website, to audit the geographical make-up of users, and to establish how they have arrived at the website.
- Cookies: We use cookies to make our website work more efficiently, to provide you with more personalised services or advertising to you, and to analyse traffic on our website.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving direct marketing from us and your communication preferences.
We will also collect information and personal data that you voluntarily give when you contact us with enquiries, complaints, comments or other feedback.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
SOCIAL MEDIA
Depending on your settings or the privacy policies for social media and messaging services like Facebook, Instagram, LinkedIn or Twitter, you may give us permission to access information from those accounts or services.
DATA HYGIENE
It is important that the personal data we hold about you is accurate and current.
From time to time, we screen our database against recognised data hygiene file such as National Change of Address file and cleanse our file or correct inaccurate data. We may also update inaccurate data if the information is available.
IF YOU FAIL TO PROVIDE PERSONAL DATA
Although it is not compulsory to provide all of the information listed below, should you choose not to, then we may not be able to provide you with the full range of services that we have to offer.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
HOW IS YOUR DATA COLLECTED?
We use different methods to collect data from and about you.
Generally, we collect your information when you decide to interact with us. This could include purchasing events online, over the phone or in person or it could be where you sign up to receive emails from us. We also look at how our audience use our website, so that we can offer the best possible experience whether you are booking events or just trying to find out more about our latest programme.
Direct interactions
- When you create user accounts and log in to the Confer Online Platform:
Your account allows you to do the following:- Buy events, modules, publications, memberships or packages of these
- Join as a Member
- Buy merchandise such as prints or books from our online shop
- When you comment or create user accounts Login
- When you sign up to receive our email bulletin or respond to Confer emails
- When you visit our website: we use cookies to help make the experience of using our website better, personalise the service you receive from us and provide you with information on products and offers that are relevant to you. When you visit our website www.confer.uk.com, our web server automatically records your public internet protocol (‘IP’) address and also generates a log file.
- When you use your Membership discount codes and number.
- When you contact us by phone to book an event.
- When you make purchases or book events in person in one of our events.
- When you contact us by post, e.g. application forms for Depth Programmes.
- When you respond to one of our surveys.
- When you contact us to provide feedback or send us an email.
- When you engage with us professionally or undertake tasks for Confer (information on how we process staff personal data can be found in the staff privacy policy).
THIRD PARTIES OR PUBLICLY AVAILABLE SOURCES
We receive personal data about you from various third parties and public sources as set out below:
We use Google Analytics to collect information about how our visitors use and navigate this website. This information is pseudonymous and cannot be used to identify you personally.
We use BT Portal Switchboard to collect information about calls made to our office. This information is used to support call handling and cannot be used to identify you personally.
We use Constant Contact to collect information about marketing emails we have sent to assess how many have been opened and clicked through to our products on the website. This information is pseudonymous and cannot be used to identify you personally.
THIRD-PARTY LINKS
This website includes links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances: to provide a service you have requested.
Purposes for which we will use your personal data
Where we need to provide a service or perform a contract we are about to enter into or have entered into with you, to:
- Fulfil event, module and membership requests.
- Process payments. Please note that we do not store any Credit/Debit Card or other payment information once the transaction has been completed.
- Provide you with assistance through our customer service team.
- Send you e-tickets and products you have ordered.
- Administer your visit to the Confer Online Platform.
- Contact you with important information relating to a booking or purchase, such as confirming your order, reminding you of an upcoming booking or letting you know about changes that may affect your visit to an event.
- Train those who provide you with services and who manage the website.
- Send you membership benefits such as your welcome pack and discount codes, member videos and member-only event invitations or bespoke communications.
Where we have your consent, to:
- Personalise your experience with Confer and make it more relevant to you.
- Inform you of news about Confer and upcoming programmes or events.
- Recommend products and offers that we think you might be interested in.
- Contact you if we need to obtain or provide additional information.
- Create invitation lists for events, including private dinners and drinks receptions.
- Email you about a specific topic you’ve requested to hear more on.
Where we need to comply with a legal or regulatory obligation:
- To undertake due diligence to detect and reduce fraud and credit risk.
- To comply with Health and Safety requirements.
- To keep our database accurate and relevant.
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests, to:
- Learn about your interests and preferences so that we are able to personalise your experience and contact you with programme or product information that is relevant to you.
- Assess potential level of support and identify individuals who might be interested in particular projects and initiatives.
- Brief Confer staff on existing relationships.
- Provide the best possible customer services and to help us with internal administration.
- Use booking and publicly available information to classify our audience into groups or segments. These segments help us to understand our audience better and ensure we’re sending relevant messages to each group.
- Analyse and continually improve the services we offer.
- Measure and understand how our audiences respond to a variety of marketing activity so we can ensure our activity is well targeted, relevant and effective.
- Contact you to ask you to participate in consumer research either via an online or telephone survey or in person. You are under no obligation to participate in research and, should you provide any further information, Confer will inform you how any further information will be used.
- Help us run the test version of our website that we use internally to pilot new features and ensure the smooth running of our web services.
- Ensure the security of our website and information systems.
- Answer your queries or complaints.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting our Data Protection Officer by email: support@confer.uk.com
CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
INFORMATION DISCLOSURE
We will never sell, rent or exchange your details with any other organisation.
We will ask for your consent to share personal information with third parties.
Some of our service providers may have access to your data in order to perform services on our behalf. We require all third parties to respect the security of your personal data and comply with UK data protection laws. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We share personal data with the following parties for the purposes set out above.
- Service providers who work on Confer’s behalf for the performance of any contract we enter into with them or you, for example payment processing companies, our mailing house, marketing agencies or platforms, database services, website hosting, or email delivery service or email partners.
- Professional advisers including lawyers, bankers and auditors.
Confer is not responsible for the privacy notices and practices of other websites and recommends that you check the notices of each website you visit and contact its owner or Data Protection Officer if you have any concerns or questions.
DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed and will notify you and any applicable regulator of a breach where we are legally required to do so.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
All external suppliers have signed data processing and confidentiality agreements with Confer. However, despite all our precautions, no data transmission over the internet is 100% secure. As a result, we cannot guarantee the security of any information which you disclose to us and so wish to draw your attention to the fact that you do so at your own risk.
DATA RETENTION
We will only retain your personal data for as long as is reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will not keep more information than we need.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. By way of example, if purchasing an event ticket only, we will typically keep your data for up to ten years from the date of your last transaction.
For further information about how long we will keep your information, please contact the Data Protection Officer using the contact details outlined in this notice.
If you ask us to stop sending direct marketing communications to you, we will keep the minimum amount of information (e.g. name, address or email address) to ensure we adhere with such requests.
In some circumstances you can ask us to delete your data: see Request for erasure in Your Legal Rights section of this page for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you
YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your personal data:
Request access to your personal data
This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of your personal data
This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Every email we send to you will include details on how to change your communications preferences or unsubscribe from future communications. Please keep us informed if your personal data changes during your relationship with us.
Request erasure of your personal data
This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data
You have the right to object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
At any time you have the right to ask Confer to amend or stop how it uses your personal information including for marketing purposes. You can do this by signing into the website and accessing your account details or if you don’t have an account or if you prefer to, you can contact us by phoning, emailing or writing using our contact details below.
Request restriction of processing your personal data
This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request transfer of your personal data
You can request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Right to withdraw consent
Where we are relying on consent to process your personal data, you have the right to withdraw this at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent
If you wish to exercise any of the rights set out above, you may contact our Data Protection Officer:
By email: support@confer.uk.com
For independent advice, you also have the right to lodge a complaint with the supervisory authority, The Information Commissioner’s Office:
The Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113 or 01625 545 745
NO FEE USUALLY REQUIRED
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
WHAT WE MAY NEED FROM YOU
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
TIME LIMIT TO RESPOND
We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
UPDATES AND CHANGES TO THE PRIVACY POLICY AND FURTHER INFORMATION
This notice was updated on 3rd April 2023. It may be updated to take into account changes at Confer or for example to reflect changes to regulation or legislation.
Updates to this notice will be posted on this page – you may therefore wish to check this page each time you submit personal information to Confer. We will also inform you of any changes where we hold an appropriate email address for you.
When your data is provided to us by another person (for example a recommendation) or a publicly accessible sources (such as Google) we will tell you where we obtained the information within a month of getting it.
Further information on data protection regulations and laws can be found here:
- Data Protection: www.ico.org.uk/for-the-public
Confer Complaints Policy
To submit a complaint please see our Confer complaints policy.