The Northern Information Governance Forum [NIGF] is a not for profit organisation based in the North of England providing a community to allow the discussion of Information Governance and Cyber Security related issues.
As a not for profit organisation, NIGF is exempt from registering with the ICO, but is committed to ensuring the confidentiality of individuals data and will ensure that it adheres to the principles of the EU General Data Protection Regulations and UK Data Protection Act in handling all identifiable information as part of its ongoing activities.
NIGF takes your privacy rights very seriously and are committed to always protecting and respecting these rights. This privacy policy sets out the way in which the personal information you provide to us (and the information collected by us) is handled, stored and processed.
This privacy policy relates to all personal information collected and used by NIGF either in relation to its members, business contacts or website users. It provides an overview of how we use this personal information and your rights in relation to this use.
We collect and use different types of information for different purposes. These include:
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
We collect personal information from a number of different sources, including:
We may use your information for a number of different purposes. For each purpose we must have a “legal ground” to use your personal information in such a way. When the information that we process is classed as sensitive personal information/ special categories of personal information, we must have a specific, additional “legal ground” to process such information e.g. any information about your health (for instance if providing dietary information for catering purposes at events).
We may use your personal information to:
We will not supply your personal information to any third party for the purpose of their or any other third party's direct marketing. The personal data we hold about you will only be used in line with the purposes detailed above and the legal basis for these will be:
No specific consent is sought for use of cookies as the purposes for which these cookies are used is exempt under the Privacy and Electronic Communications Regulation, namely that they are being used for “the sole purpose of carrying out the transmission of a communication over an electronic communications network”.
At the current time, we do not use your information to actively profile you or to make decisions based on characteristics of our service users, neither do we carry out any automated processing of your personal information that would lead to significant decisions being made about you.
We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as is reasonably necessary for the purposes set out in this policy.
We may disclose your personal information:
Except as provided in this policy, we will not provide your personal information to third parties or share or process any of your personal information outside the UK.
Your information is transferred, stored and processed securely and in accordance with this privacy policy. We have strict measures, procedures and security features to prevent unauthorised access to your information. Although all appropriate technical security measures have been taken to protect your personal information, be aware that the transmission of any information via the internet is never completely secure and as such any transmission of personal information is made at your own risk.
Personal information that we process for any purpose shall not be kept for longer than is necessary for that purpose. Notwithstanding the other provisions of this section, we will retain your personal information:
If you would like further details of how personal information is retained by NIGF, please contact us directly.
You have a number of rights under Data Protection law including:
If you would like to access your own personal information or exercise any of the rights detailed above, please contact us by email contact@nigf.org.uk
In the majority of cases, we will respond to your request within one month of receiving the necessary information required to deal with your request.
We may ask you to supply appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport plus an original copy of a utility bill showing your current address) and any additional information to help us to deal with your request effectively.
There may be some exemptions to dealing with your rights as specified in Data Protection law, but we will ensure you are fully informed of this within a month of receiving your request.
Full information on your rights under the Data Protection Act can be found from the following link: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
If you have a concern that cannot be resolved through discussion with us, these can also be raised with the Information Commissioner’s Office. More information can be found from the following link https://ico.org.uk/concerns/
Any changes we may make to our privacy policy in the future will be posted on this page, so please check from time to time to see if there are any changes.
Questions, comments and requests regarding this privacy policy or about the way we use your personal information are welcomed and should be addressed to contact@nigf.org.uk.