ACPEA is committed to safeguarding the privacy of all our members and visitors to the website.
ACPEA collects information under the legal base set out in the General Data Protection Regulation 2018 (GDPR).
- The individual has given clear consent for ACPEA to process their personal data for a specific purpose.
- ACPEA may collect information that you provide for the purpose of subscribing to be a member of the association, enrolling on our courses and events, receiving emails and news bulletins, listing in the directory of practitioners and for payment of fees.
- We will collect basic contact information of name, address, email address, telephone numbers, qualifications, CSP number and HCPC number (if applicable), place of work. We shall also collect details of practice for those who wish to be included in the Directory of Practitioners (‘Find a Therapist’). We process and store this data because it is in our legitimate interest as a professional network so to do.
- Bank details are not retained or stored on the ACPEA computer systems. Secure payments on the website are done through GoCardless (see below for more details of how we deal with on-line payments).
HOW DO WE USE PERSONAL DATA?
The information we collect will be used to ensure that we provide members with the best and most appropriate service.
We will use your personal information to process your membership and course bookings and to provide you with the services, products or information you have requested.
We use members’ contact information for the Directory of Practitioners when inclusion of this has been requested by you. This directory is freely available to all members of the public.
We may analyse the personal information given to us in order to obtain a better understanding of our members and ensure that the information we supply is relevant.
We may collect information about how you use the website. We may use an analytics service provider for website traffic analysis. Individual users will not be identifiable from this information, and we may use this information for the purpose of optimising the use of the website or for security purposes.
STORAGE AND RETENTION OF YOUR INFORMATION
Members personal data is held on a secure database on a remote server in a secure environment.
Personal details and contact information is accessible to anyone using the online Directory of Practitioners and members choosing to avail themselves of this service must give consent for their practice details to be shared.
Payment details are not stored, retained or shared.
We will keep members details for two years after the end of ACPEA membership, unless required otherwise by law or regulatory requirements.
SHARING YOUR INFORMATION WITH OTHERS
HOW DO WE DEAL WITH ONLINE PAYMENTS
ACPEA uses a payment gateway provided by GoCardless. This system provides a highly secure payment method (IS027001 certified). GoCardless utmost priority is to ensure that transaction data is handled in a safe and secure way.
No card or banking details are stored at any stage of the process on the ACPEA website. All payment transactions are handled by GoCardless secure servers
GoCardless is IS027001 certified and is routinely audited by an independent third party to ensure compliance with the certification.
In addition, you know that your session is in a secure encrypted environment when you see https:// in the web address or when you see the locked padlock symbol alongside the URL.
You are completely protected when buying through our site.
More information about paying with GoCardless can be found at https://support.gocardless.com
ACPEA encourages all members to register and pay through the GoCardless system but, for those continuing to pay by standing order, ACPEA utilizes the Banks and Banking Authorities who use a highly secure payment method.
No standing order, or other bank details, are stored at any stage of the process by ACPEA computer systems.
All payee authorisations are forwarded straight to the payee’s bank account and are handled by the UK Bank and Banking industries regulations.
LINKS TO THIRD PARTY WEBSITE
Cookies are small pieces of information that are stored by your browser on your computer’s hard drive. They make it possible for us to provide our online membership payment system, queries and track visitor statistics and personalize content options.
Cookies enable us to recognise your computer when you visit our website and can therefore identify members eligible for offers, identify your preferences and tailor your visit to suit your needs more accurately. Cookies also speed up your searches and improve the websites usability.
- Content management system. Cookies on the website identify a visitors membership level and tracks that users session after you have logged on to the secure members page.
- On-page Analytics. Google analytics is used to track activity on every page.
- ACPEA recommends that you allow cookies on your computer to enable us to provide you with optimum service. If cookies are disabled we cannot guarantee the full functionality of the site
WHAT SHOULD I DO IF I HAVE A QUERY?
There is a clear reporting line from our Data Protection Officer to the Executive Committee. The DPO is responsible for handling data breaches and will evaluate what the breach is, how it has occurred and the associated risk to data subjects. If there is a risk to data subjects, the breach will be reported to the Information Commissioners Office within 72 hours.
CHANGES TO THIS POLICY