1. Who we are
The Campaign for Science and Engineering (CaSE) is committed to the lawful and correct treatment of personal information and aims to uphold the principles of data protection as set out in the General Data Protection Regulation (GPDR).
Under GDPR, CaSE is termed a ‘data controller’ which means that we are responsible for how and why data is used (we are not required to have a Data Protection Officer). Please note that this policy covers our own website and not those linked to or from it and refers to CaSE as an organisation (and not our members).
2. Why we collect information about you
We collect and use personal information to carry out our charitable activities, which are encapsulated in our mission to ensure the UK has the skills, funding and policies to enable science and engineering to thrive. Information that you supply will be treated in confidence and in accordance with the principles of GDPR.
If you are a member of CaSE, the legal basis we use to process your data is in order to fulfil our contract with you as a member. For example, as part of your membership, you will receive our e-bulletins and Director’s Updates by email. You are welcome to change how you wish to be contacted at any time – see Article 7 for information on how to do this.
There may be other occasions where we process individual data for a specific purpose for non-members, for example when you sign up to receive our e-bulletin, attend a CaSE event or if you apply for a job or internship with CaSE. We rely on your consent for this and will only process your data in relation to the purpose for which you gave us your information.
3. What personal information we process
If you engage with us through your membership of CaSE, through signing up to an event, mailing list or make a donation, the types of data we will collect are:
- Your full name and salutation
- Professional affiliation
- Contact information such as: postal address, email address, telephone number (for organisational members, this is for your workplace, for individual members, this will either be your home or work depending on what you have chosen to give us)
- A record of your historic interactions with CaSE
Bank and payment details (when relevant)
4. How we keep your data safe
Information that you supply will be treated in confidence and in accordance with the principles of GDPR. We use appropriate organisational and technical measures to protect your personal data, which is only accessible by trained staff.
We use external companies to collect or process personal data on our behalf, for example, we use a secure contact management database available commercially called “Salesforce”. We do comprehensive checks on companies before we work with them and will have a contract in place that ensures they abide by GDPR where possible.
5. When can we share and disclose your information?
In general CaSE does not share your personal information with other organisations. However, on occasions where we host an event in partnership with another organisation, we may share the information provided during registration for the purposes of running the event. We will never sell your information and do not currently profile your information.
CaSE may also share information with others as follows:
With third party service providers and agents, such as payment processors, postal service providers etc, who will process information on our behalf.
- If required by the police, regulatory bodies or legal advisors.
We hold your information for only as long as necessary for the purpose needed. For example, if you have declared gift aid, HMRC require us to store your name and address for seven years. Where your information is no longer required, we will ensure that it is disposed of in a secure manner.
7. How to tell us about changes
Please let us know if you would like us to update your personal information or change your contact preferences (for example to amend what updates you receive).
Let us know either by emailing us on firstname.lastname@example.org, calling us on 020 7679 4994 or by writing to us at:
8. Your rights
Under GDPR, you have the right to request a copy of the personal information we hold about you, to request that we erase any personal information we hold (where we have no compelling reason to continue processing this data) and to have any inaccuracies in your information corrected (see above for how to do this).
If you feel we haven’t handled your data properly, please do contact us and we will do everything we can to rectify the problem. If you feel this doesn’t go far enough, or if you want to report your concern elsewhere, you can contact the Information Commissioner’s Office: https://ico.org.uk/concerns/
CaSE reserves the right to change or update this policy from time to time. Any changes will be reflected on this page. If you continue to use our services after those changes are in effect, you agree to the revised policy.