UPDATED - FEBRUARY 2022
The Employers’ Initiative on Domestic Abuse (“EIDA”, “we”, “our”, “us”) is committed to protecting your privacy. We want to be completely transparent about the purposes for which we collect and use your personal information. This Notice sets out our data processing practices and your rights and options regarding the ways in which your personal information is used and collected (including through our website eida.org.uk).
This Notice contains important information about your personal information and privacy rights. Please read it carefully to understand how we use your personal information.
The provision of your personal information to us is voluntary, but if you do not provide certain information we may not be able to contact you – for example, to facilitate your membership of our Network.
If you have any questions please contact us using the contact details included at section 1.
- Who we are and how to contact us
- How we collect your personal information
- What personal information we collect
- Special categories of data
- When we will get in touch
- How to stop or change how we communicate with you
- What we do with your personal information
- Lawful processing
- Do we share your personal information?
- International Data Transfers
- How long do we keep your personal information?
- Your Rights
- Updating this Privacy Notice
1. Who we are and how to contact us
EIDA is a UK registered company (company number 11703865) at registered address First Floor, 85 Great Portland Street, London, W1W 7LT. EIDA is the controller of your personal information where you are involved with the organisation.
If you have any questions about how we use your personal information and how we comply with our responsibilities, please contact us as follows:
Email: ceo@eida.org.uk
In writing: Employers’ Initiative on Domestic Abuse, Registered Office, First Floor, 85 Great Portland Street, London, W1W 7LT
2. How we collect your personal information
We may hold personal information relating to you from a number of sources and will collect personal information about you:
a. When you give it to us directly
For example, when you contact us with a query, sign up to attend an event or join the Network.
b. When we obtain it indirectly
Your personal information may have been shared with us by others – for example your name may have been given to us by your organisation as a point of contact.
c. When we obtain it from publicly available sources
Your personal information may be available to us from external publicly available sources. For example, you may be referred to us by an existing member of the Network, or of EIDA’s Board of Directors. We may also obtain information regarding potential Network members via open social media such as LinkedIn. The purpose of doing so is to identify the appropriate individuals at organisations which we believe would be interested in joining or becoming involved with EIDA.
3. What personal information we collect
The personal information that we collect and use about individuals includes, but is not limited to:
- Name (including title)
- Your role in the organisation
- Your work email address and mobile telephone number
- Your organisation’s name
- Organisation’s industry category (eg insurance, retail), sector (private, public, third), number of employees, and whether it has a UK or global presence
- Organisations location (coty/country, postcode) and geographical region )eg North East, South West)
- Organisation’s Twitter handle and LInkedIn page
- Organisation’s CEO, Chair and Domestic Abuse Sponsor (if applicable)
- PA name and email address (if applicable)
- Joining source (how you heard of EIDA) and joining date
- Information about EIDA support provided to you (eg connected with training providers, introductions to other members, event and comms support via press/social media and EIDA representatives speaking at your events)
- Information about your involvement with and contribution to the Network (eg speaking at EIDA events, providing case studies and best practice examples for EIDA to share with other members)
- Information about your work in domestic abuse received via the new member form, feedback questionnaires, event registration forms and emails to EIDA staff (eg domestic abuse policy in place, staff training provided)
- Information about your attendance at EIDA events
- Correspondence records (if you contact us for any reason we will collect your name, email address and any information you provide to us as part of your correspondence)
4. Special categories of data
Data protection law recognises certain categories of personal information as sensitive and therefore requiring more protection. These categories include information about race or ethnic origins, political opinions, sex life or sexual orientation, religious beliefs and health data. Additionally there are further rules concerning the use of criminal data. We will only process this data if there is a valid reason for doing so and where the law allows us to do so – for example, to cater for dietary requirements at our events.
5. When we will get in touch
When you give us your personal details you may receive follow up information from us directly. These communications will be administrative . For example to confirm Network membership information, confirm details of an event, send quarterly newsletters and any informative updates deemed relevant to ensure our members are best advised on issues related to domestic abuse.
We provide easy ways to stop our marketing, and you can opt out at any time.
6. How to stop or change how we communicate with you
If at any time you wish to stop or change how we communicate with you, using the details in section 1 above.
If at any time you wish to update the information we hold, please contact support@eida.org.uk
7. What we do with your personal information
We use your personal information for the following purposes:
-
Membership communications - To sign you up to our network after you have asked to join voluntarily, provide you with any information that you request, give you access to key industry partners and experts for detailed advice and training as required, share details with other members on request as part of furthering the network, and communicate with you in general
-
Event registration - To invite you to our networking events, either as an attendee or speaker
-
Marketing communications - To share best prattle between members, provide you with regular and relevant updates on our work and developments within the sector, eg via quarterly newsletters, and to obtain your feedback via questionnaires
-
Media communications - To promote the work of members of the organisation to the media
-
Administration - to administer and run network
-
Research - To analyse, evaluate and improve our membership base, work, services, activities or information available to members
-
To satisfy legal obligations which are binding on us
-
For the prevention of fraud or misuse of services; and
-
For the establishment, defence or enforcement of legal claims
8. Lawful processing
We are required to rely on one or more lawful grounds to collect and use the personal information that we have outlined above. We consider the grounds listed below to be relevant:
a. Legitimate interests
Applicable law allows us to collect and use personal information for our or a third party’s legitimate interests, where the use of your personal information is fair, balanced and does not unduly impact your rights.
We rely on this ground to process your personal information when we believe that it is more practical or appropriate than asking for your consent. Where you provide information, we will rely on the legitimate interest ground to communicate with you in most instances (and allow you to communicate with each other and participate in the Network including its events).
b. Consent
You are not obliged to provide your consent when asked, and always have the right to withdraw your consent once given.
c. Contract
Where it is necessary to use your personal information to fulfil a contract with you or to take steps at your request prior to entering into one.
d. Legal obligation
Where the processing of your personal information is necessary for us to comply with a legal obligation to which we are subject.
9. Do we share your personal information?
The personal information we hold about you will be provided to our staff and volunteers who require it in connection with our work and services.
If you become a member we will disclose your personal information to other Network members on request. This is one of the benefits of membership. For example, you may be invited to events run jointly with or by other members, where those events are relevant and appropriate to the Network. If you would like further information about this please contact us using the details at section 1 above.
We may disclose your personal information to selected third party processors (such as agents or sub-contractors) for the purposes outlined in this Notice. The third party in question will be required to use any personal information they receive in accordance with our instructions.
We reserve the right to disclose your personal information to third parties:
-
if substantially all of our assets are acquired by a third party, personal information held by us may be one of the transferred assets;
-
with our professional advisors eg lawyers, where necessary to protect our interests;
-
if we are under any legal or regulatory obligation to do so; and
-
in connection with any legal proceedings or prospective legal proceedings, in order to establish, exercise or defend our legal rights.
10. International Data Transfers
All partners are GDPR compliant. Typically, as a UK based organisation, we keep your personal information in the UK. As we sometimes use third parties to process personal information, it is possible that personal information we collect from you will be transferred to and stored in a location outside the UK or the European Economic Area (EEA).
Please note that certain countries outside of the UK or EEA have a lower standard of protection for personal information, including lower security protections. Where your personal information is transferred, stored, and/ or otherwise processed outside the UK or EEA in a country which does not offer an equivalent standard of protection to the UK or EEA, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards to protect your personal information. For instance we may use cloud providers or event management platforms (such as Sport Systems Inc.) to store personal information who have servers in the US and are signed up to the Privacy Shield. If you have any questions about the transfer of your personal information, please contact us using the details at section 1.
11. How long do we keep your personal information?
We will keep your personal information only for as long as required in connection with your membership and the purposes for which it is used. As a general rule, should you terminate your membership, we remove your personal information from our records 12 months after the date on which your membership ended. However, in some circumstances we may keep your personal information for longer, where we are required to do so in accordance with legal or regulatory requirements.
If you would like further information about this, please contact us using the details at section 1.
12. Your rights
Where we rely on your consent, you have the right to withdraw your consent at any time.
When we use your personal information you have the right to:
-
Ask us for confirmation of what personal information we hold about you, and to request access to a copy of that information. If we are satisfied that you have a right to see this information, and we are able to confirm your identity, we will, except in very limited circumstances, provide you with this personal information.
-
Request that we erase the personal information we hold about you, as far as we are legally required to do so.
-
Ask that we correct any personal information that we hold about you which you believe to be inaccurate.
-
Object to the use of your personal information where we: (i) process on the basis of the legitimate interests ground; (ii) use it for direct marketing; or (iii) use it for research purposes.
-
Ask for the provision of your personal information in a machine-readable format (the data portability right) to either yourself or a third party, provided that the personal information in question has been provided to us by you, and is being processed by us: (i) in reliance on your consent; or (ii) because it is necessary for the performance of a contract to which you are a party; and in either instance, only where we are processing it using automated means.
-
Ask for processing of your personal information to be restricted if there is disagreement about its accuracy or legitimate usage.
If you decide you do not want to receive any further communications from us, please tell us.
Please note that you also have the right to lodge a complaint with the Information Commissioner’s Office at www.ico.org.uk/concerns.
13. Updating this Privacy Notice
We may update this Notice. If we update this Notice in a way that significantly changes how we use your personal information, we will bring these changes to your attention where reasonably possible. Otherwise, you can access the latest version of this Notice on our website.
Version: 2.0
Dated February 2022
(Previous version 1.0, dated June 2019)