APM Privacy Statement
We do our best to protect and respect your personal data. This statement explains how we collect that data, why we use it and how we keep it safe.
Who are we?
Association for Project Management (APM) is incorporated by Royal Charter (No. RC000890) and a registered charity (No. 1171112). Our office is Ibis House, Summerley’s Road, Princes Risborough, HP27 9LE. Tel: 0845 458 1944. For general queries, contact firstname.lastname@example.org. For queries in relation to data protection, email email@example.com. APM is a Data Controller.
How do we collect your information?
We obtain information about you when you make contact with us. For example, when you register on our website, when you become a member, when you study for or take one of our qualifications, when you attend an event or conference. On occasion we may collect limited information about you indirectly, for example where a colleague has made an event delegate booking on your behalf, or when you book an exam with one of our accredited providers, who will pass the details of this booking to us in order to administer the associated qualification.
What types of information do we hold?
The information we collect might include your name, address, email address and phone numbers. Depending on the relationship you have with APM and any products or services you sign up for, you may be asked to provide further personal data. For example, when applying for assessment for Chartered Status, APM will ask you detailed information about your professional achievements in order for us to assess your application.
On occasion, you may provide additional personal data, for example biographic information for the purpose of publishing this within your APM on-line profile. Where this occurs APM will process this data on the basis of your consent.
We will store information on the products and services you hold or have shown an interest in. For example, if you are in one of our volunteer groups, your grade of membership, the events you have attended, your renewal dates, your membership applications and your communication preferences. If you pay us by direct debit we will store your account details securely.
We will record equal opportunities data you give us such as your age and ethnicity. We process this data on the basis of consent for the purpose of providing insight into the diversity of APM’s membership, and in the interests of promoting the interests of project management profession. This is kept secure and only used to give statistics to help plan our services.
When joining an APM volunteer group your data will be processed by other APM member/volunteers for the purposes of administering the membership group.
Why do we collect your information?
We only use your information in accordance with the law. This gives us various powers to use your data. These are effectively the reasons for our processing and are:
- To perform or take steps to enter a contract with you.
- For the purposes of our legitimate interests. This includes being able to send you marketing.
- Compliance with a legal obligation.
- If you consent for us to do so.
Collecting and using your data will mean we are able to manage your membership, process any orders or requests you have and to provide you with relevant and topical information relating to your interests, including events and publications. We may also ask for your views on our services and matters relating to the profession, for research purposes.
We will send you marketing information in relation to APM’s products and services on the basis of our legitimate interests. We will use your registered details for this purpose unless you have asked us not to do so. You can opt not to receive marketing information from us at any time by using the unsubscribe link within any marketing communication, by calling us, or by changing the preference information within your user account. This includes being able to specify how we contact you for marketing.
Data protection applies to personal data held about individuals. It does not always cover ‘business to business’ contacts or information. However, we will also do our best to secure and protect the contact details of our corporate contacts.
Who has access to your information?
APM will share personal data with third party training providers as necessary for the administration of training and examinations. In addition, data is shared with appointed examiners and/or assessors for the purpose of assessment, and in order to main records of your qualifications. The staff and contractors of APM will have controlled access to your information to enable us to provide you with membership services. In the event that you chose to become involved with one of our volunteer groups, then data will be shared with volunteers running these services, for the purposes of offering you those services.
We will not sell or rent your information to third parties. We will not share your information with third parties for them to market to you. We may pass your information to our third party service providers, subcontractors and other associated organisations to provide services on our behalf (for example management of digital qualification badges by Credly). However, when we use third parties, we disclose only the personal information that is necessary to deliver the service and we require them to keep your information secure and not to use it for other purposes. Third party services providers will delete all personal data when no longer required to perform services.
Customers wishing to access the benefits associated with being employed by a corporate partner can do so on agreeing that their name and their access to those benefits is shared with that corporate partner.
We undertake marketing activity to our membership on the basis of our legitimate interests. You have a choice about whether and how you wish to receive marketing information from us. You can opt out of marketing at any time. You will be asked to make your preferences clear when we collect your information. For most users, this will be when they register online. Your preferences can be updated at any point here. You may also choose to tell us which subjects most interest you and this can be used to tailor your online experience and in communications to you. The accuracy of your information is important to us. Please do regularly check and update your information in your account settings.
You have various legal rights over your information which we will always respect. These rights include the right to access a copy of the data we hold about you, and to ask us to rectify or erase the data. You can also ask us to restrict the processing of your data, or you can raise an objection to the processing. Where processing is based on your consent then you have the right to withdraw that consent.
You have various legal rights over your information which we will always respect. Further detail is available from the Information Commissioner. firstname.lastname@example.org or you can write to: The Data Protection Officer, Association for Project Management, Ibis House, Regent Park, Summerleys Road, Princes Risborough, Bucks, HP27 9LE. Should you exercise your right by making a verbal request, the ICO recommends that you follow this up in writing to provide a clear trail of correspondence and evidence of your actions. If you are unhappy with the way in which your personal data is handled by APM then you also have the right to make a complaint to the Information Commissioners Office www.ico.org.uk/. APM is registered with the Information Commissioner's Office (ICO) as a data controller for the processing of personal data (ZA253638).
Retention of your data
We will retain your personal data for no longer than is necessary in order to comply with our legal obligations, noting that this may extend beyond your actual relationship with us. Following the end of your relationship with us we will restrict the processing of your data to those purposes which form a legal obligation for us, such as financial reporting.
How do we protect your data?
We take several steps to protect your data. This includes robust IT security. APM has passed the Government’s Cyber Essentials accreditation scheme. All staff receive data protection training and our premises are secured. We have contracts with providers requiring them to protect your information. APM use contracted services outside of the EEA. When doing so, APM ensures the relevant data protection is in place in order to ensure adequate security of your personal data.
Use of 'cookies' and automated decision making
We do not have systems that use your information for automated decision making.
An internet protocol (IP) address can allow us to track which organisations visit our webpages. We may use software to plan our services and provide information on what topics specific organisations may be interested in. We will not match IP addresses to an individual.
Links to other websites
Our website contains links to websites run by other organisations. This statement applies only to our site and we are not responsible for the policies and practices of other sites.
16 or Under?
We particularly wish to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission before you provide us with personal information.
Review of this statement
We keep this statement under review as part of our overall Data Protection Policy. It was last updated in November 2019.