NICC Standards Limited (“NICC” / ”We”) are committed to protecting and respecting your privacy.
This notice sets out the basis for processing the personal data we collect from you, or that you provide to us under the General Data Protection Regulation (GDPR). This notice also sets out the rights that you have under the GDPR.
NICC Standards Limited of The Old Rectory, Church Street, Weybridge, Surrey KT13 8DE is the data controller for any data protection legislation purposes.
Who we are and what we do.
NICC is a trade association for the UK telecommunications industry.
We collect personal data of the following types of people to allow us to undertake our business:
Current prospective and past members, including registration information;
Supplier contacts to support our services;
Prospective, current and past directors, board and working group members, employees, consultants, temporary workers; and
Political and regulatory contacts for lobbying purposes.
We collect information about you to carry out our core and ancillary activities.
Information you give to us or we collect about you.
Information about you that you give to us by filling in forms or by corresponding with us by other means. This includes information you provide when you register to join NICC, use our site, attend our events, participate in discussions and when you report a problem with our site.
The information may include your name, private and corporate e-mail or postal addresses and phone numbers.
Information we collect about you when you visit our website.
When you visit our site we may automatically collect the following information:
technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information (if applicable), browser information, and operating platform,
information about your visit, including URLs, clickstream to, through and from our site, length of visits to certain pages, page interaction information, methods used to browse our site and phone numbers used to contact us.
Purposes and the legal basis for the processing of data.
We use information held about you in the following ways:
to provide you with information, products and services that you request from us or we think will be of interest to you because it is relevant to your business;
to demonstrate regulatory compliance with appropriate bodies, including the ICO, NCSC and Ofcom.
The core service we offer to our members is to develop technical recommendations, standards and to further best practice within the industry.
Legitimate business interest is our legal basis for processing but we may:
rely on legal obligation if we are legally required to hold information about you to fulfil our legal obligations; or
rely on consent for uses of your data – in these specific circumstances we will ask you for your expressive consent and you have the right to withdraw your consent at any time.
Our Legitimate Business Interests.
Our legitimate interests in collecting and retaining your personal data is described below:
NICC is a not-for-profit organisation. We provide a number of core services for our members that require the holding of personal data: registration of members and listing details on our website, maintenance of mailing lists to provide activity updates to members, hosting working group meetings, the organisation of events, the provision of networking opportunities. To deliver and maintain these services we request a minimal amount of personal data from our members and provide regular updates and opportunities to take part in NICC’s work.
Other uses we will make of your data:
Use of our websites;
to notify you about changes to our service;
to ensure that content from our site is presented in the most effective manner for you and for your computer;
to enable you to participate in interactive features of our service, when you choose to do so;
to keep our site safe and secure.
We do not undertake automated decision making or profiling.
Disclosure of your information inside and outside of the EEA.
We may share your personal information with selected third parties including:
business partners, suppliers and sub-contractors for the performance and compliance obligations of any contract we enter into with them or you;
subcontractors including event organisers, email marketing specialists, payment and other financial service providers;
analytics and search engine providers that provide us with assistance in the improvement and optimisation of our site.
We will disclose your personal information to third parties:
The lawful basis for the third party processing will include:
their own legitimate business interests in processing your personal data;
satisfaction of their contractual obligations to us as our data processor;
for the purpose of a contract in place or in contemplation; or
to fulfil their legal obligations.
Where we store and process your personal data.
The data that we collect from you may be transferred to, and stored at, a destination outside the
European Economic Area (”EEA”) and we only work with suppliers that are compliant with the General Data Protection Regulation.
Any information that is provided to us is stored on secure servers. If you have selected or have been provided with a password to use our service, you are responsible for keeping this password protected.
The transmission of information via the internet is not completely secure. We will do our best to protect your personal data but we cannot guarantee the security of your data transmitted to our site and any transmission is at your own risk.
Retention of your data.
We understand our legal duty to retain accurate data and only retain personal data for as long as we need it for our legitimate business interests and that you are happy for us to do so. Accordingly, we have a data retention notice and review the data on a regular basis.
The GDPR provides you with the following rights:
to request correction of the personal information that we hold about you;
to request erasure of your personal information;
to object to processing of your data under certain circumstances (when we rely on legitimate interest or use data for marketing purposes);
to request the restriction of processing of your personal information;
to request the transfer of your personal information to another party; and
to request access to information we hold about you as well as to ensure that any information we hold is accurate and complete.
Any request should be sent to email@example.com
You have the right to complain to the Information Commissioner’s Office (ICO) which is the UK data protection regulator.
Changes to our privacy notice.
Future changes we make to our privacy notice will be posted on our site and, where appropriate, notified to you by e-mail.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to firstname.lastname@example.org