Menu
The Security Institute promises to respect and look after all personal data you share with us, or that we get from other organisations. We will always keep it safe. We aim to be clear when we collect your data about what we’ll use it for, and not to do anything you wouldn’t reasonably expect. We will never sell your personal data to other organisations and will only ever share it in appropriate, legal or exceptional circumstances. See section 4 to find out more.
Developing a better understanding of our supporters/ members through their personal data means we can make better decisions, organise CPD events more efficiently and ultimately, helps us to reach our goal of promoting professionalism amongst our membership and the wider security industry.
We are moving to an ‘opt-in only’ communication policy. This means that we will only send communications to you if you have explicitly stated that you want us to. We will also ask you what you are interested in and how you want us to contact you.
Our marketing communications include information about our services, campaigns, volunteering opportunities and events. If you would like to receive this information but have not yet opted in, please contact us on 02476 346464 or email at [email protected].
We collect information in the following ways:
You may give us your information in order to sign up for one of our events, write editorials for our newsletters, buy our merchandise or volunteer with us. Sometimes when you engage with us, your information is collected by an organisation working for us (e.g. a sponsorship consultant or charity), but we always remain responsible for your data.
Your information may be shared with us by independent event organisers or learning providers, for example University or training student memberships, or trade shows such as SCTX, IFSEC or UK Security Expo. These independent third parties will only do this if you have indicated that you are happy for them to do so. You should check their Privacy Policy when you provide your information, to understand in full how they will process your data.
You may have provided permission for a company or other organisation to share your data with third parties. This could be when you purchased a ticket for an event or course with one of our partner organisations.
Dependant on your settings or the privacy policies for social media and messaging services that we use, such as Facebook, Twitter, Instagram or Linked In, you might give us permission to access information from those accounts or services.
The information we get from other organisations may depend on your privacy settings or the responses you give, so you should regularly check them.
This may include information found in places such as Companies house and information that has been published in articles either printed or online.
We may combine information you provide to us with information available from external sources in order to gain a better understanding of our members or to improve our membership benefits.
Like most websites, we use “cookies” to help us make our website and the way you use it better. Cookies mean that a website will remember you. They are small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier- eg by automatically filling your name and address into text fields.
As well as this, cookies can tell us the type of device you are using to access our website or apps and the settings on that device may provide us with information including what type of device it is, what operating system you are using, what your device settings are and why a crash has happened. This information helps us understand how people are using our website and shows us how to make it better.
Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
The type and quantity of information we collect depends on why you are providing it. If you are a member, for example, when you log into web services, purchase event tickets or request mentoring partnerships, we will usually collect:
Where it is appropriate, we may collect:
We will only ever ask for information that is needed to host an event, provide pertinent information bulletins or administer the membership service you have requested.
When applying for membership, a detailed list of your personal data will be collected. This is necessary to ensure that all candidates for membership can be screened (BS7858), reference checks conducted and evidence gathered prior to submission to the Validation Board. The Security Institute must protect the members and information from persons who may wish to gain admittance for criminal purposes. Information that we require to validate a candidate are requested in the online application form and include:
What we use your information for, depends on the reason you are providing it. We will mainly use your data to:
We provide membership services in order to support your desire to professionally develop and grow in capability. The services vary from mentoring, personal development and qualifications to networking, camaraderie and simply awareness of the security industry as an affiliate.
The information we collect in order to provide these services may be sensitive relating to employment or skill sets that you do not wish to be known, even amongst the membership. Access to this data will always be limited to appropriate individuals with a legitimate interest in supporting your membership aims and where appropriate, only with your consent.
If you enter your details into one of our online forms, but you do not send or submit the form, we may contact you to see if we can help with any problems you may be experiencing with the form or our website.
We record communication preferences so that we only contact you in the ways you wish to hear from us. We don’t want to waste your time, or send global communications that you do not value. Threat and awareness Cross Sector Security Communications are sent to all members unless specified otherwise. We consider membership of the Security Institute as constituting legitimate interest in such important information. If, however, you already receive these communications from other sources, tell us and we will remove you from the distribution list.
We will only ever contact you with direct marketing about our work, events and campaigns with your explicit consent. We make it easy for you to tell us how you wish us to communicate, in your personal profile within the membership area of the website.
We do not sell or share personal details to third parties for the purposes of marketing. Occasionally, we may include information in our communications from partner organisations or organisations who support our aims.
If you change your mind at any time, and no longer wish to hear from us, just let us know when you provide your data, contact us on 02476 346464 or email [email protected].
It is important for us to keep clear records on your interaction with the Institute and the ways you have supported us during your membership. This helps us see the bigger picture and ensures your membership experience is the best it can be.
We may also collect and retain your information is you provide feedback about our services, give a compliment or make a complaint.
We believe it is important to make sure our membership benefits, professional development opportunities and networking initiatives are the best they can be. That is why we evaluate them. Once you have used your membership benefits, we may get in touch to get your views on your experience. There is no obligation to take part, but it really helps to highlight ways we can make things better in the future.
We use profiling and screening techniques to make sure communications are relevant and timely, to provide an improved experience for our members. Profiling allows us to target different security sectors of interest, geographical regions for events and membership groups who would value collaborating. We wish to provide events and information that is tailored, where possible, to the member.
When building a profile we may analyse geographic, demographic and other membership information relating to you in order to better understand your interests and preferences in order to contact you with the most relevant communications including events, employment opportunities and engagement opportunities (such as presenting) with us, based on your skills and expertise.
We do this because it allows us to understand the background and specialist skills of the membership and helps us to find volunteers and future event hosts within the membership.
Some members choose to tell us about their experiences or employment field for the benefit of the wider membership. This might include information about past operations, advisory notes or failures, together with photos and/or video. We will always ensure we have explicit and informed consent from the individuals. We will always keep this information safe and secure. This information may be shared at events, in promotional materials (newsletter/e-News) or professional development workshops.
We do not share or sell personal details with third parties for the purposes of marketing.
We will only share your details with third party organisations when its necessary to;
If we ever need to share data for these purposes, we will always take the utmost care, ensuring only essential data is transferred and that it is done so safely and securely.
Exceptional circumstances
The Security Institute may be required to share your details in exceptional circumstances. For example, to comply with a professional code of conduct, where required by the Police, regulatory bodies, or legal advisors.
We will only ever share your data in other circumstances if we have your explicit and informed consent.
We ensure there are appropriate measures and controls in place to protect your personal details, e.g. our online forms are always encrypted and our network is protected and routinely monitored. We undertake regular reviews of who has access to information that we hold, to make sure that your information is only accessible to appropriately trained staff and partners.
Before we use any external companies to collect or process personal data on our behalf, we will complete comprehensive checks. We will always put a contract in place that sets out our expectations and requirements, especially how they manage the personal data they have collected or have access to.
Suppliers who run their operations outside the European Economic Area (EEA) are not subject to the same data protection laws as companies based in the UK. However, if we ever choose to use a supplier based outside the EEA, we will make sure that they provide an adequate level of protection in accordance with UK data protection law.
When required, we may need to disclose your details to the Police, regulatory bodies or legal advisors.
We will only ever share your data in other circumstances if we have your explicit and informed consent.
We try and keep our records up to date so that we can send you the most relevant information, using the correct contact details. You have the capability to update your own information on your profile page within the members area of our website. You may input as much or as little information as you deem appropriate, outside the essentials we require in order to communicate with you. If you change employment, please update your contact details as soon as its practical.
Where possible we use other members or publicly available online resources (LinkedIn, Twitter or past employers) to trace your new contact details if we lose contact with you. This is to ensure that your intention was to leave the membership and not an administrative oversight. If you do wish to leave the membership, please inform us and your personal details will be deleted from our database.
You have the right to ask us to stop processing your personal data and if its not necessary for the purposes of membership you provided it for, we will do so. Contact us on 02476 346464 or email [email protected] if you have any concerns.
You have the right to ask for a copy of the information we hold about you. If there are any discrepancies in the information we provide, please let us know and we will correct them.
If you want to access your information, send a description of the information you want to see and proof of your identity by post to the Data Controller, The Security Institute, Mira Technology Park, Technology Centre NW05, Watling Street, Nuneaton, Warwickshire, CV10 0TU.
We do not accept these requests by email. This is a security measure to ensure we do not provide your information to an unentitled person.
If you have any questions relating to this policy booklet, please email [email protected]. For further information, see the Information Commissioner’s guidance at ( www.ico.org.uk).
We review this policy annually and may updates to it from time to time. If we make any significant changes in the way we treat your personal information, we will make this clear on our website or by contacting you directly.
It is a criminal offence to:
You should be aware that if you are found guilty by a court of committing bribery, you could face up to 10 years in prison and/or an unlimited fine. The Company could also face prosecution and be liable to pay a fine.
The purpose of this policy is to convey to all employees and interested parties of The Security Institute the rules of the Company in relation to our unequivocal stance towards the eradication of bribery and our commitment to ensuring that The Security Institute conducts its business in a fair, professional and legal manner.
Corruption is the misuse of office or power for private gain. Bribery is a form of corruption which means in the course of business:
This policy applies to all employees of The Security Institute, regardless of seniority or site. It also extends to anyone working for or on our behalf e.g. those engaged by us on a self-employed basis or an agency arrangement.
We will encourage the application of this policy where our business involves the use of third parties e.g. suppliers; contractors.
It is prohibited, directly or indirectly, to offer, give, request or accept any bribe i.e. gift, loan, payment, reward or advantage, either in cash or any other form of inducement, to or from any person or company in order to gain commercial, contractual or regulatory advantage for the Company, or in order to gain any personal advantage for an individual or anyone connected with the individual in a way that is unethical.
It is also prohibited to act in the above manner in order to influence an individual in his capacity as a foreign public official. You should not make a payment to a third party on behalf of a foreign public official.
If you are offered a bribe, or a bribe is solicited from you, you should not agree to it unless your immediate safety is in jeopardy. You should immediately contact The Finance and Operations Manager so that action can be taken if considered necessary. You may be asked to give a written account of events.
If you, as an employee or person working on our behalf, suspect that an act of bribery, or attempted bribery, has taken place, even if you are not personally involved, you are expected to report this to The Finance and Operations Manager. You may be asked to give a written account of events.
Appropriate checks will be made before engaging with suppliers or other third parties of any kind to reduce the risk of our business partners breaching our anti-bribery rules.
The Company will ensure that all of its transactions, including any sponsorship or donations given to charity, are made transparently and legitimately.
The Security Institute takes any actual or suspected breach of this policy extremely seriously and will carry out a thorough investigation should any instances arise.
We will uphold laws relating to bribery and will take disciplinary action against any employee, or other relevant action against persons working on our behalf or in connection with us, should we find that an act of bribery, or attempted bribery, has taken place. This action may result in your dismissal if you are an employee, or the cessation of our arrangement with you if you are self-employed, an agency worker, contractor etc.
Staff are reminded of the Company’s Whistleblowing Policy which is available in the Employee Handbook, or upon request.
We realise that the giving and receiving of gifts and hospitality where nothing is expected in return helps form positive relationships with third parties where it is proportionate and properly recorded. This does not constitute bribery and consequently such actions are not considered a breach of this policy.
Gifts include money; goods (flowers, vouchers, food, drink, event tickets when not used in a hosted business context); services or loans given or received as a mark of friendship or appreciation.
Hospitality includes entertaining; meals or event tickets (when used in a hosted business context) given or received to initiate or develop relations. Hospitality will become a gift if the host is not present.
No gift should be given nor hospitality offered by an employee or anyone working on our behalf to any party in connection with our business without receiving prior written approval from The Finance and Operations Manager. Similarly, no gift nor offer of hospitality should be accepted by an employee or anyone working on our behalf without receiving prior written approval from The Finance and Operations Manager.
A record will be made of every instance in which gifts or hospitality are given or received.
As the law is constantly changing, this policy is subject to review and the Company reserves the right to amend this policy without prior notice.