INSTITUTE OF AUTOMOTIVE ENGINEER ASSESSORS (IAEA)
IAEA is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
IAEA may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
If you have any questions or need further information about our privacy practices, please contact us at firstname.lastname@example.org or via post at IAEA, The Firs, High Street, Whitchurch, Bucks HP22 4JU, UK.
I have membership with the IAEA
Who we are
We at Plenham Ltd are a Processor of Data on behalf of the Institute of Automotive Engineer Assessors (IAEA). We can be contacted at +44 (0) 1296 642895 or email@example.com
Data we process on behalf of the IAEA
Plenham Ltd processes in line with the instructions of the IAEA, the Data Controller.
These instructions are laid out in the agreement between the IAEA and Plenham Ltd and includes the following details:
• the subject matter and duration of the processing;
• the nature and purpose of the processing;
• the type of personal data and categories of data subject; and
• the obligations and rights of the controller.
The agreement between the IAEA (the controller) and Plenham Ltd include the following terms:
• Plenham Ltd must only act on the written instructions of the controller (unless required by law to act without such instructions);
• Plenham Ltd must ensure that people processing the data are subject to a duty of confidence;
• Plenham Ltd must take appropriate measures to ensure the security of processing;
• Plenham Ltd must only engage a sub-processor with the prior consent of the IAEA and a written contract;
• Plenham Ltd must assist the IAEA in providing subject access and allowing data subjects to exercise their rights under the GDPR;
• Plenham Ltd must assist the IAEA in meeting its GDPR obligations in relation to the security of processing, the notification of personal data breaches and data protection impact assessments;
• Plenham Ltd must delete or return all personal data to the IAEA as requested at the end of the contract; and
• Plenham Ltd must submit to audits and inspections, provide the IAEA with whatever information it needs to ensure that they are both meeting their Article 28 obligations, and tell the controller immediately if it is asked to do something infringing the GDPR or other data protection law of the EU or a member state.
In some cases, Plenham Ltd may be handling Special Categories of Personal Data such as medical records. This data will be treated in accordance with the IAEA's instructions which includes ensuring that adequate safeguards are in place to protect this data from theft, loss, unauthorised dissemination, accidental erasure, corruption and so on.
How we may use your information
We need your information so that we can, in accordance with the agreement with the IAEA, provide you with our administrative services.
In addition to using your information for such purposes, we may also use your information in the following ways:
• To monitor, improve and protect our content, products and services, work with our business partners to improve the products and services we offer, and develop and test new products and services.
• We may transfer your information to our data processors within and outside the European Economic Area but will do so with appropriate measures and controls in place to protect that information in accordance with applicable data protection laws, regulations and regulatory guidance. In all instances, we will take into account the nature of the information we are transferring, and the level of protection provided by those processors.
• If false or inaccurate information is provided and fraud is identified or if any criminality is suspected, the details may be passed to the relevant agencies. Law enforcement agencies may access and use this information.
• We may use your data for market research within the rules laid down by data protection law.
• We may disclose your information to any successors of our business for them to use for the purposes set out in this privacy notice.
As part of our business processes we use 3rd parties (sub-processors). Some of these 3rd parties are based outside of the European Economic Area. Plenham Ltd makes every effort to ensure that these 3rd parties provide adequate safeguards for your personal data that is shared with them and that your personal data is always processed in accordance with the GDPR. These 3rd parties' services include software development, online payment processing, technical and account support, customer relationship management services and email platform services.
The IAEA will use your data for administrative and educational purposes and may share your data, whilst applying appropriate security measures, with 3rd parties such as employers and regional secretaries of the IAEA for educational purposes. Some of these 3rd parties may be outside the EEA and Plenham Ltd and the IAEA works to ensure that adequate safeguards are in place to secure all personal data.
Rights that you have
Individuals whose personal data is held by the IAEA have a number of rights under the General Data Protection Regulation (the GDPR) that the IAEA fully support. These rights are:
• The right to request a copy of your personal data which the IAEA holds about you;
• The right to request that the IAEA corrects any personal data if it is found to be inaccurate or out of date;
• The right to request your personal data is erased where it is no longer necessary for the IAEA to retain such data;
• The right to withdraw any consent you have given to the processing of your data, at any time;
• The right to request that the IAEA provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability) for the performance of a contract with the data subject and in either case the data controller processes the data by automated means.
• The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
• The right to object to the processing of personal data
• The right to lodge a complaint with the Information Commissioners Office (the ICO).
Updating your Data
If you wish to update or change the information we use of yours or how we use it, you can do so by contacting the IAEA.
Contacting the IAEA
Any queries or comments about this privacy notice, for requests of copies of the information we hold about you, or if you wish to have a copy of your information, amend or transfer your records, please contact the IAEA on +44 (0) 1296 642895 or firstname.lastname@example.org
If you wish to make a complaint about how we use your information, please contact us in the first instance and we will do our best to help. If you are still unhappy, you can contact the Information Commissioner's Office via their website (www.ico.org.uk).
We will occasionally update this privacy notice. We encourage you to periodically review this notice to be informed of how we use your information.
This Privacy Notice was last updated May 2018.