Privacy Notice

The Chartered Institute of Legal Executives (CILEX) Privacy Notice

The Chartered Institute of Legal Executives (CILEX) takes your privacy and your rights to your personal data extremely seriously and we are committed to protecting the privacy of all personal data obtained about individuals. Data is held in compliance with UK Data Protection legislation and other applicable data privacy laws.

We are committed to protecting the privacy of all personal data obtained about individuals through, but not limited to, personal contact, email enquiries, newsletter sign up forms, event registrations, and membership forms.

Data will be collected and used only for the purposes for which it was originally submitted or in accordance with your preferences.

For more information about how we collect and use your data, please take a look at our Privacy Statement which can be found on our website.

Who We Are 

The Chartered Institute of Legal Executives (CILEX) is the governing body for Chartered Legal Executives, paralegals and other legal professionals. CILEX as a professional association provides professional development, support and guidance to its members. It delivers legal education and training through CILEX Law School (CLS), qualifications through its Awarding Body function and independent regulation through CILEX Regulation (CRL).

If the user does not agree to their personal data being used in accordance with this Privacy Policy, they are advised not to submit personal data to CILEX through the Website or any other means.

How and Why We Obtain Personal Data

CILEX only processes personal data where we have a lawful basis to do so.  This will depend on the activity we collect it for e.g. to provide membership services.  In some instances, there may be more than one lawful basis for which we process your personal data. We obtain personal data from you for a variety of purposes including, but not limited to, managing your membership and providing other member services. The lawful bases for processing personal data can include Consent of the Data Subject, Contractual Necessity, Compliance with a Legal Obligation, Vital Interests, Public Interest and Legitimate Interest

The Personal Data We Collect, How We Collect It and Where Is It Stored

CILEX is committed to respecting the personal data you supply to us. The personal data we collect will be relevant to the purposes for which it is to be used and we will do our utmost to ensure that such personal data will be accurate, complete and kept up-to-date. Whenever personal data is obtained from you, you will have access to information explaining how that personal data will be used. 

How We Communicate With You

CILEX respects the privacy of personal data we hold.

During the year, there are updates that CILEX needs to communicate to members, students and stakeholders, in relation to the Institute and, CILEX membership and qualifications (administration and development). We use direct communications, e-shots, newsletters, technical bulletins and other mediums for this purpose. You can control what you would like to receive at any time in your user account preference centre or by clicking on the unsubscribe email link. Unless you advise otherwise, we will continue to send updates about CILEX and CILEX products and services to you via email. 

For more information about how we collect and use your data, please refer to our Privacy Statement.

Sharing Personal Data 

The personal data we collect will only be used for the purposes for which they are originally submitted. We will not disclose your details to third parties, except where required to do so or permitted to by law (for example, to regulators or to law enforcement agencies) or where those parties are conducting CILEX activities on our behalf, including with other entities in CILEX.

In circumstances where we engage a service provider or CILEX entity to provide services to us, we ensure the personal data is only processed in a manner compliant with UK Data Protection legislation, subject to a formal Data Processing Agreement and only used for the purposes for which the personal data was originally collected.

We also might share personal information with the Police or other organisations that have a crime prevention or law enforcement function. UK Data Protection legislation allows organisations to share personal information, if it is needed to prevent or detect a crime or to catch and prosecute a suspect.

If we undergo a merger or re-organisation, in doing so we may acquire or transfer personal data as part of that transaction, but your personal data would continue to be used for the same purposes.

You may choose not to receive CILEX Marketing Communications by managing your Communication Preferences.

Users 16 and Under

We do not knowingly collect or solicit personal data from anyone aged 16 or under or knowingly allow such persons to provide us with their personal data without parental or guardian consent. If you are aged 16 or under, please do not provide us with your personal data without first asking your parent or guardian for permission. In the event, that we learn that we have collected personal data from anybody aged 16 or under and we do not have the consent of a parent or guardian, we will delete that personal data as quickly as possible. If you believe that we might have any personal data from or about anyone aged 16 or under without the consent of a parent or guardian, please send us a message by logging in to MYCILEX Portal and go to Contact Us, then select ‘Data Protection: Query and Request’ on ‘My Query Relates to’ section. If you do not have access to the MYCILEX Portal, or do not wish to log your details on the system, please contact us by email at privacyofficer@cilex.org.uk.

Your Individual Rights

Your Individual Rights include:

  • The Right to be Informed
  • The Right of Access
  • The Right to Rectification
  • The Right to Erasure
  • The Right to Restrict Processing
  • The Right to Data Portability
  • The Right to Object
  • Rights concerning Automated Decision-Making and Profiling
If you would like to exercise any of your rights under the UK Data Protection legislation, log in to MYCILEX Portal and go to Contact Us, then select ‘Data Protection: Query and Request’ on ‘My Query Relates to’ section. If you do not have access to the MYCILEX Portal, or do not wish to log your details on the system, please contact us by email at privacyofficer@cilex.org.uk.

You also have the right to lodge a complaint with the Information Commissioner’s Office. Their contact details are:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Tel No: 0303 123 1113 (local rate) or 01625 545 745 (national rate)

Website: www.ico.org.uk

How Long Do We Keep Your Personal Data

In general, CILEX only retains personal data for as long as necessary to fulfil the purposes for which it is being processed (including to comply with relevant legal or regulatory requirements and to resolve legal disputes).

The length of time may vary depending on the reasons for which we are processing the personal data and whether we have a legal (for example, under financial regulations) or contractual obligation to keep it for a certain amount of time.

Once the retention period has expired, personal data will be confidentially disposed of or permanently deleted. If you object to further contact from us, we will keep some basic information about you in order to avoid sending you unwanted communications in the future.

Legislation

“UK Data Protection Legislation” means All applicable UK Data Protection and Privacy legislation in force from time-to-time, including the General Data Protection Regulation (EU) 2016/679, the UK Data Protection Act 2018 and the Privacy and Electronic Communications (EU Directive) Regulations 2003 (as amended) (PECR) and any superseding legislation and all other applicable laws, regulations, statutory instruments and/or any codes, practice or guidelines issued by the relevant data protection or supervisory authority in force from time to time and applicable to a Party, relating to the processing of personal data and/or governing individual’s rights to privacy.

Contacting Us 

If you have any questions about how CILEX process your personal data or would like to exercise any of your rights under the UK Data Protection legislation, log in to MYCILEX Portal and go to Contact Us, then select ‘Data Protection: Query and Request’ on ‘My Query Relates to’ section. If you do not have access to the MYCILEX Portal, or do not wish to log your details on the system, please contact us by email at privacyofficer@cilex.org.uk.

Statement Approval 
Date of Issue: July 2021
Review Date: January 2023
Version: 1.11
Procedure Owner: Corporate Compliance Manager
Approved By: Corporate Policy Review Panel (CPRP)