ClearCourse Membership Services Limited (“we”, “us”, “our” and “ours”) is a provider of software systems and services in the Not for Profit and Membership organisation sectors. We are registered in England and Wales under company number 01811900 and our registered office is at 10-12 Eastcheap, First Floor, London, England, EC3M 1AJ. We are a member of the ClearCourse Partnership LLP group of companies].
Our legal grounds for processing your Personal Data
Where we are acting as a data controller:
Where we are acting as a data processor:
Access to information
We want to make sure that you are fully aware of your data protection rights. These are set out in summary form in sections below and apply to us in our role as a data controller. You can also obtain more detailed information about your rights under the Data Protection Legislation from the Information Commissioner’s office by clicking on this link - www.ico.org.uk. Our contact details for the purposes of requesting access to your personal data or exercising any of your other data protection rights are in section 8.
Please note that, in order to comply with any request, we may first require you to verify your identity and we will normally fulfil any request by sending information electronically, unless the request expressly specifies a different method. We will not charge a fee for responding to your request, other than in circumstances where you make a request which is manifestly unfounded or excessive or you request further copies of information which we have already provided to you. In that case, we are entitled to charge a reasonable administrative fee.
Please also note that, where we are acting as a data processor, we will not be responsible for answering your request ourselves but will pass it onto the business organisation that provided us with your personal data (in their role as data controller) so that they may then determine how best to respond to it.
Timescales for responding
If you make a request of us (in our role as a data controller), we will normally have one month to respond to you. If we need something from you to be able to deal with your request (e.g. an ID document), the time limit will begin once we have received this. This time limit may also be extended in certain circumstances so, if there is any reason why our response to you might take longer than a month, we will let you know.
Summary of your rights
Withdrawal of consent - where our legal ground for processing your personal data is based upon you having given us your consent to do so, you have the right, at any time, to withdraw that consent (please see section 1.3 above). Please note that this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Right of access - you have the right to obtain:
Right to rectification - you are entitled to have your personal data rectified if it is inaccurate or incomplete.
Right to erasure – (sometimes referred to as ‘the right to be forgotten’). The broad principle underpinning this right is to enable you to request the deletion or removal of your personal data whether there is no compelling reason for its continued processing.
Right to restrict processing - you are entitled to restrict the processing of your personal data if:
Right to data portability – in certain limited circumstances, you are able to obtain and reuse your personal data for your own purposes across different services by being allowed to move, copy or transfer personal data easily from one IT environment to another.
Right to object - you are entitled to object to:
Rights relating to automated decision-making and profiling - these rights don’t apply to all circumstances but, where they do apply, they effectively provide you with safeguards against the risk that a potentially damaging decision is taken solely using or supported by automated means, without human intervention.
If you contact us, we will keep a record of that correspondence.
We may also collect and process personal data that you provide by filling in forms or making requests for information on our website. This includes information provided at the time of registering to use our website, requesting information from us or subscribing to any of our services. It also includes material contributed through any interactive service, including information that you (or someone authorised by you on your behalf) input into our products and services.
Please also note that it is your responsibility (irrespective of whether you are acting as an individual or a business user of our products and services) to always ensure that (i) when you provide us with any personal data relating to any third party, that third party has given their prior consent (or you have other lawful grounds) to enable you to do so; [and (ii) you must not, when using the products and services, provide or input any of the following kinds of information e.g. “personal data that would be considered to be a “special category” of personal data under the Data Protection Legislation such as data revealing racial or ethnic origin, political opinions; religious or philosophical beliefs or trade union membership, or genetic data or biometric data, or data concerning health, a person’s sex life or a person’s sexual orientation”.
Any personally identifiable information you elect to make publicly available on our website (e.g. posting comments on a blog page, if that type of facility is available for your use) will be visible to others.
As mentioned previously, we may (in our role as a data processor) be provided with information about you from another business or collect information about you or from you on their behalf.
It is important that the personal information we hold about you is as accurate and up to date as possible so, should your personal information change, please notify us of that change, in writing, as soon as possible.
When you visit our website, we may collect information from you automatically through cookies or other similar technology. Cookies are small text files that may be placed on your computer when you visit a website or click on a URL. Cookies (and other similar technologies) may collect your IP address, support security and authentication services, gather information from visitors to websites such as pages visited and how often they are visited and also enable certain features on the website. Cookies may include “single-session cookies” which generally record information during only a single visit to our website and then are erased, and “persistent” cookies, which are generally stored on your computer or other device unless or until they are deleted or are set to expire. We may use our own cookies or third party cookies.
We may also use various web/analytics tools to understand how our website is being used in order to improve user experience (such as web beacons, which are a technique delivered through a web browser or in an email, to unobtrusively – an usually invisibly - check that a user has accessed some content and/or track the journey of the user navigating through the website or a series of websites) as well as tools to provide us with statistics relating to the use of our website.
More information about what cookies are and how to delete or block them can be found here:
(please note that, because the management of cookies differs as between different browsers, you should consult the documentation of your own browser in order to manage your cookies).
Please also note that if you delete or block cookies which are necessary to enable our website to carry out certain functions, this may cause you to be unable to use all or part of our website and/or services.
The types of information we hold about you
When we are acting as a data controller, the information we hold about you may include the following:
When we are acting as a data processor, the information we hold may include the following:
We also collect, store and process data which may not be directly about you but relates to your use of our products and services. We typically use this for statistical, research, business and product development purposes.
How long do we hold personal data for?
Where we are acting as a data controller, we will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected. Normally this will result in personal data being deleted from our systems no later than 12 months from the date it was last processed (other than to the extent that we need to retain it for the purposes of complying with our legal or contractual obligations including those relating to our statutory and regulatory obligations and our financial, business and tax affairs ).
In assessing whether any longer retention period is appropriate for your personal data, we take into consideration:
Where we are acting as a data processor, we will retain personal data for the period agreed in our contract with the business that engaged us for that purpose (unless otherwise required or permitted by the Data Protection Legislation).
Please note that, if you or we terminate any service we provide to you, then (irrespective of whether we are acting as a data controller or a data processor) we do not accept any obligation to retain any or all of the personal data provided to us in connection with or processed by that service and we may delete it from our systems at any time.
Storage and Security
Information (including personal data) collected through our website and services may be stored and processed in the UK, Europe, the United States, or any other country in which we or our subsidiaries, group companies, affiliates or service providers maintain facilities.
Regardless of where data is stored and processed, we are committed to taking all reasonable steps to ensure that your personal data is secure. In order to prevent unauthorised access or disclosure, we put in place suitable technological, physical, electronic and managerial procedures to safeguard and secure all personal data stored and processed by us. We also ensure that any subcontractor or other service provider which we engage to support our business activities or help deliver our products and services and which has access to your personal data, commits to us, in writing, to do the same.
If we transfer your personal data to any country outside of the UK for processing, please be assured that we will only do so in compliance with the Data Protection Legislation.
Sharing personal information
Where we are acting as a data processor, we will share your personal data with the business that provided your personal data to us (or authorised us to collect that data on their behalf) in the manner and to the extent set out in the contract between them and us. That business may be the data controller of your personal data or it may be another data processor interposed between the data controller and us.
Regardless of whether we are acting as a data processor or a data controller, we may need to share your personal data from time to time with other organisations, typically those which provide services to us in support of our business activities and/or delivery of the products and services which we provide to you. This may include third parties such as technology service providers, third party subcontractors, payment service providers and businesses that help us manage our customer relationships and marketing activities. If this is the case, we will do in accordance with the protections that are afforded to you under the Data Protection Legislation and we will always ensure that we have a written contract in place with them before we allow them access to your personal data or provide your personal data to them.
We may also share your personal data with other members of our group of companies for financial, management or administrative purposes.
Other than as set out above, we do not rent, sell or distribute your personally identifiable information to third parties unless we have your permission or are required or permitted by law to do so.
We would like to send you information about our products and services from time to time as well as announcements, articles and press releases that we think you might like (including those of our group companies).
We may engage marketing companies to help us do this and we may use our (and their) software tools to help us track your engagement with us and monitor our marketing campaigns.
In some circumstances we may have a legal right to send you marketing material, in others you may have given us your consent to do so. Either way, you always have the right, at any time, to stop us from contacting you for marketing purposes or to stop us passing your personal data to third parties for marketing purposes (assuming you have previously given your consent to us to that). You can do this by opting out from our marketing emails at any time by clicking on ‘unsubscribe’ or by simply contacting us (see section 8) in writing.
If we wish to contact you we may do so by phone, email, text, fax or post.
If you have notified us of a preferred method of communication, we will always try to comply with that. Please let us know if we don’t so that we can then check and, where necessary, update our records.
UK and non-EEA enquiries
Email us at: email@example.com
Call us: +44 (0) 203 880 1888
Write to us at: 24 Southwark Bridge Road, London, SE1 9HF
As a result of the UK leaving the EU, there are circumstances where the EU GDPR requires us to have an EU Representative to act as a point of contact to:
To that end, we have appointed an EU Representative, which is Portrilio Solutions, part of Trillium Limited, which is a member of the ClearCourse Partnership LLP group of companies. If you wish to contact them (instead of us directly) they can be contacted as follows:
Email us at: firstname.lastname@example.org
Call us: +351 21 122 6881
Write to us at:
Portrilio Solutions, Rua Julio Dinis, Centro Empresarial
Sala 402, n561, 4 4050-460 Porto.
We always work hard to treat our customers fairly and hope that you will not experience any reason to make a complaint about the way in which we have collected, stored or processed any of your personal data. However, if you do wish to make a complaint please always contact us, in the first instance, and we will endeavour to resolve the matter as quickly as we can.
UK and non-EEA enquiries:
If you are based in the UK or outside of the EEA and wish to report a complaint or if you feel that we have not addressed a concern that you may have about our data processing activities in a satisfactory manner, you may contact the Information Commissioner’s Office.
Phone number: 0303 123 1113
If you are based within the EEA and wish to report a complaint or if you feel that we have not addressed a concern that you may have about our data processing activities in a satisfactory manner, you may contact your local Supervisory Authority (who may then contact our EU Representative).