The Chartered Institute of Architectural Technologists (CIAT) is committed to ensuring that your privacy is protected. 

This Privacy Policy explains how we use the information we collect about you, how you can instruct us if you prefer to limit the use of that information, and procedures that we have in place to safeguard your privacy. 

About us 
CIAT is a member-based ‘not-for-profit’ organisation which represents and qualifies professionals in Architectural Technology. To enable us to achieve this, we hold information about our members and professional contacts. This information is used to keep our members and contacts up-to-date with Architectural Technology. 

By using our website or providing us with your personal information you are agreeing to this policy.

This Privacy Policy only relates to personal information collected by us.

•    name 
•    contact information (home and work) including email address 
•    job title 
•    CIAT membership details and its networks including committees, panels and expert groups
•    purchasing goods or services from us
•    information relevant to direct marketing/surveys/offers/events/feedback
•    providing you with access to our services
•    registering for CIAT events 
•    applying for a job
•    phoning us
•    writing to us
•    sending us an email
•    conduct issues – see conduct policies and retention policies

The information we collect and how we use it 

CIAT members:
By joining CIAT you are electing to opt in with regard to CIAT holding data, processing it for use and also for Institute mailings as they fall within the Institute’s Charter; electronic or by post, such as AT Weekly, AT Journal, CPD information, Region/Centre or aspirATion communications, AT awards, or surveys associated to the practise and profession of Architectural Technology

Partners and organisations the Institute collaborates with:
Partners such as academic institutions who run Accredited, or Approved programmes will by being Accredited or Approved, remain opted in to receiving communications as they relate to the practise and profession of Architectural Technology.

Institutes and organisations we “partner” with such as RIBA, RICS, CIOB, BRE etc will remain opted in to receiving communications as they relate to the practise and profession of Architectural Technology.

When you use our services we may need to know your name, postal address, email address, telephone number, credit card number, 3 digit security code and its expiry date. 

We gather this information to allow us to process and maintain your membership registration or process any orders you may make. We may also wish to provide you with information about events and product updates we think may be of interest to you.

If you sign up to a CIAT committee/panel/volunteer, your contact details (name and email address) may be seen by other members on the same committee/panel or on other committees or panels.

Photography or filming may be taken at CIAT events and you will be notified of this in advance, these photographs and films may be used on the CIAT website or within CIAT publications. If you do not wish to be photographed or filmed please notify the event organiser prior to the event. 

All information is held on a secure cloud server.

We retain your details in accordance with our record retention policies.

Job applicants and current and former employees 
If you apply to work at CIAT, we will only use the information you give us to process your application and to monitor recruitment statistics. If we want to disclose information to someone outside of CIAT, for example if we need a reference, we will tell you beforehand, unless we are required to disclose this information by law. 

If you apply for a job opportunity we will also collect information so we can assess your suitability for the role. 

If you are unsuccessful in your job application, we will hold your personal information for a maximum of six months after we have finished recruiting for the post you applied for. After this date we will securely destroy or delete your information. 

If you begin employment with us, we will put together a file about your employment. We keep the information in this file secure and will only use it for matters that apply directly to your employment. 

Once you stop working for us, we will keep this file according to our record retention guidelines. You can contact us to find out more about this.

Your rights and accessing your personal data held by CIAT
You have a right to be ‘forgotten’ by CIAT. This will involve us identifying and deleting all data held about you by us and any suppliers we use to provide services to you and process our data, where this does not affect CIAT’s ability to comply with applicable legal, tax or accounting requirements.

If you are a member of CIAT your right to be forgotten can only be linked to your cessation of membership in line with the Institute’s Bye-laws.

You have a right to ask for copies of the personal information we hold about you and details of how we use that information. If there are any discrepancies in the information we provide, please let us know and we will correct them.

We will require photographic proof of your identity before providing you with details of any personal information we may hold about you. We will charge £10 to cover the administration costs involved in providing you with a copy of your information. We will always acknowledge your request within 30 working days and respond as fully as possible within one month of receipt. 

Contact us on +44 (0)20 7278 2206 or info@ciat.org.uk if you have any queries or concerns and ask to speak to one of our Data Protection Officers or the Chief Executive

Payment card information
If you use your credit or debit card to buy something or pay to register your place at an event online or over the phone, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. 

This is the international standard for safe card payment processes. Our online payment solutions are carried out using a 'payment gateway' which is a direct connection to a payment service provided by a bank. This means that when you input card data into the payment page, you are communicating directly with the bank and the bank passes your payment to us. This means that your payment card information is handled by the bank and not processed or held by us. 

Following the completion of your transaction, we do not store your credit or debit card details. All card details and validation codes are securely destroyed once the payment has been processed. Only staff authorised and trained to process payments will be able to see your card details. 

If we receive an email containing any credit or debit card details, it will be deleted, no payment will be taken and you will be notified about this. We use SagePay as our payment gateway.

Links to other websites 
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. 

Information security 
The internet is not a secure medium. Your user administration details are protected by your user name and password, which you should never divulge to anyone else. 

Please be aware that communications over the Internet, such as emails/webmails are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the World Wide Web/internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control. 

All of our employees and data processors that have access to and are associated with, the processing of your personal information are obliged to respect the confidentiality of our visitors' information.

AT Weekly/enewsletters/Mailchimp 
We use the website and Mailchimp as our enewsletter providers. By submitting your information to CIAT you acknowledge that the information you provide will be transferred to our email module on Preside and/or Mailchimp for processing in accordance with their privacy policy and terms. CIAT will only send you information on what you have signed up to receive.

Event registration/Eventbrite 
We use the website and Eventbrite as our online events registration provider. By registering your information with the website and/or Eventbrite you acknowledge that the information you provide will be transferred to the website and/or Eventbrite for processing. The website and/or Eventbrite will only process your personal data to help administer that event on behalf of CIAT. Eventbrite merely provides the "tools" for organisers; Eventbrite does not decide what personal data to request on registration forms, nor is it responsible for the continued accuracy of any personal data provided. For further details please see Eventbrite’s Privacy Policy. 

Updating your details 
If any of the information that you have provided to CIAT, for example if you change your email address, name or payment details, or if you wish to cancel your registration, please let us know the correct details by sending an email to info@ciat.org.uk. 

Consent 
By giving us your personal information, you consent to us collecting and using that information in the ways that we describe in this privacy policy and/or that you have specifically consented to. Where we need your consent, we will always ensure that you are as fully informed as possible at the time on what we do with your information, with whom it may be shared and how long we will keep it. This is in line with the requirements of the relevant legislation. You can alter your preferences or withdraw your consent at any time as described below.

For further information 
For further information from us on data protection and privacy or any requests concerning your personal information please email us or write to us at the following address:

FAO: GDPR Officers
Chartered Institute of Architectural Technologists
397 City Road
London
EC1V 1NH
info@ciat.org.uk
+44(0)20 7278 2206

END May 2018