CILEX (Chartered Institute of Legal Executives) Privacy Notice
CILEX (Chartered Institute of Legal Executives) takes your privacy and your rights to your personal data extremely seriously and we are committed to protecting the privacy of all personal data obtained about individuals. Data is held in compliance with UK Data Protection legislation and other applicable data privacy laws.
We are committed to protecting the privacy of all personal data obtained about individuals through, but not limited to, personal contact, email enquiries, newsletter sign up forms, event registrations, and membership forms.
Data will be collected and used only for the purposes for which it was originally submitted or in accordance with your preferences.
For more information about how we collect and use your data, please take a look at our Privacy Statement which can be found on our website.
Who We Are
CILEX (Chartered Institute of Legal Executives) is the governing body for Chartered Legal Executives, paralegals and other legal professionals. CILEX as a professional association provides professional development, support and guidance to its members. It delivers legal education and training through CILEX Law School (CLS), qualifications through its Awarding Body function and independent regulation through CILEX Regulation (CRL).
How and Why We Obtain Personal Data
CILEX only processes personal data where we have a lawful basis to do so. This will depend on the activity we collect it for e.g. to provide membership services. In some instances, there may be more than one lawful basis for which we process your personal data. We obtain personal data from you for a variety of purposes including, but not limited to, managing your membership and providing other member services. The lawful bases for processing personal data can include Consent of the Data Subject, Contractual Necessity, Compliance with a Legal Obligation, Vital Interests, Public Interest and Legitimate Interest
The Personal Data We Collect, How We Collect It and Where Is It Stored
CILEX is committed to respecting the personal data you supply to us. The personal data we collect will be relevant to the purposes for which it is to be used and we will do our utmost to ensure that such personal data will be accurate, complete and kept up-to-date. Whenever personal data is obtained from you, you will have access to information explaining how that personal data will be used.
How We Communicate With You
CILEX respects the privacy of personal data we hold.
During the year, there are updates that CILEX needs to communicate to members, students and stakeholders, in relation to the Institute and, CILEX membership and qualifications (administration and development). We use direct communications, e-shots, newsletters, technical bulletins and other mediums for this purpose. You can control what you would like to receive at any time in your user account preference centre or by clicking on the unsubscribe email link. Unless you advise otherwise, we will continue to send updates about CILEX and CILEX products and services to you via email.
For more information about how we collect and use your data, please refer to our Privacy Statement.
Sharing Personal Data
The personal data we collect will only be used for the purposes for which they are originally submitted. We will not disclose your details to third parties, except where required to do so or permitted to by law (for example, to regulators or to law enforcement agencies) or where those parties are conducting CILEX activities on our behalf, including with other entities in CILEX.
In circumstances where we engage a service provider or CILEX entity to provide services to us, we ensure the personal data is only processed in a manner compliant with UK Data Protection legislation, subject to a formal Data Processing Agreement and only used for the purposes for which the personal data was originally collected.
We may need to share your personal data with our professional advisers including auditors, lawyers and insurers who provide professional advice, accounting, banking, legal, insurance, and pension services or to meet our audit responsibilities. However, we do not allow our third-party service providers to use your personal data for their own purposes. They can process your personal data for specific purposes and under our instructions.
Under certain conditions, we may need to share your personal information with the CILEX Approved Training Providers you have chosen.
We may share your personal information with government agencies, their partners and other third parties such as The Office of Qualifications and Examinations Regulation (Ofqual), Department for Education (DfE), Qualification Wales, CCEA, among others.
Personal information may be shared with a third party who has a legitimate interest in the data, where disclosure is necessary and lawful, and the processing is aligned with the purpose for which the personal data was originally collected.
We also might share personal information with the Police or other organisations that have a crime prevention or law enforcement function. UK Data Protection legislation allows organisations to share personal information, if it is needed to prevent or detect a crime or to catch and prosecute a suspect.
CILEX is committed to keep children and vulnerable adults safe when its employees and representatives come into contact with them during the course of their work. Where there is a safeguarding concern of a serious and/or urgent nature, confidential information related to the affected individual may be disclosed to emergency services or an external agency.
If we undergo a merger or re-organisation, in doing so we may acquire or transfer personal data as part of that transaction, but your personal data would continue to be used for the same purposes.
You may choose not to receive CILEX Marketing Communications by managing your Communication Preferences.
Users 16 and Under
We do not knowingly collect or solicit personal data from anyone aged 16 or under or knowingly allow such persons to provide us with their personal data without parental or guardian consent. If you are aged 16 or under, please do not provide us with your personal data without first asking your parent or guardian for permission. In the event, that we learn that we have collected personal data from anybody aged 16 or under and we do not have the consent of a parent or guardian, we will delete that personal data as quickly as possible. If you believe that we might have any personal data from or about anyone aged 16 or under without the consent of a parent or guardian, please send us a message by logging in to myCILEX Portal and go to Contact Us, then select ‘Data Protection: Query and Request’ on ‘My Query Relates to’ section. If you do not have access to the myCILEX Portal, or do not wish to log your details on the system, please contact us by email at email@example.com.
Your Individual Rights
Your Individual Rights include:
- The Right to be Informed
- The Right of Access
- The Right to Rectification
- The Right to Erasure
- The Right to Restrict Processing
- The Right to Data Portability
- The Right to Object
- Rights concerning Automated Decision-Making and Profiling
If you would like to exercise any of your rights under the UK Data Protection legislation, log in to myCILEX Portal and go to Contact Us, then select ‘Data Protection: Query and Request’ on ‘My Query Relates to’ section. If you do not have access to the myCILEX Portal, or do not wish to log your details on the system, please contact us by email at firstname.lastname@example.org
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO). Their contact details are:
Information Commissioner’s Office
Tel No: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
How Long Do We Keep Your Personal Data
In general, CILEX only retains personal data for as long as necessary to fulfil the purposes for which it is being processed (including to comply with relevant legal or regulatory requirements and to resolve legal disputes).
The length of time may vary depending on the reasons for which we are processing the personal data and whether we have a legal (for example, under financial regulations) or contractual obligation to keep it for a certain amount of time.
Once the retention period has expired, personal data will be confidentially disposed of or permanently deleted. If you object to further contact from us, we will keep some basic information about you in order to avoid sending you unwanted communications in the future.
“UK Data Protection Legislation” means All applicable UK Data Protection and Privacy legislation in force from time-to-time, including the General Data Protection Regulation (EU) 2016/679, the UK Data Protection Act 2018 and the Privacy and Electronic Communications (EU Directive) Regulations 2003 (as amended) (PECR) and any superseding legislation and all other applicable laws, regulations, statutory instruments and/or any codes, practice or guidelines issued by the relevant data protection or supervisory authority in force from time to time and applicable to a Party, relating to the processing of personal data and/or governing individual’s rights to privacy.
If you have any questions about how CILEX process your personal data or would like to exercise any of your rights under the UK Data Protection legislation, log in to myCILEX Portal and go to Contact Us, then select ‘Data Protection: Query and Request’ on ‘My Query Relates to’ section. If you do not have access to the myCILEX Portal, or do not wish to log your details on the system, please contact us by email at email@example.com.
|Date of Issue:
||Corporate Compliance Manager
||Corporate Policy Review Panel (CPRP)