This policy sets out how The MIDAS Alliance uses and protects your personal information, including data from your use of our website. The MIDAS Alliance is the Data Controller for personal data about MIDAS members, event attendees and forum members. For the purpose of this document we will use the group term ‘supporters’ to describe any one of these groups.
We do not trade personal data for commercial purposes and will only disclose it if required by law, if it is necessary to arrange your event attendance, or if it is with your consent. The MIDAS Alliance uses providers based in the European Economic Area to process supporter data. This policy was updated in May 2018 to show that we are adhering to the new General Data Protection Regulation (GDPR), which comes into force in May 2018. Use the contact us form on the website for any data protection queries. Read more about the data we process and store:
Email subscribers and members
If you subscribe to our mailing list, you will be automatically subscribed to receive email updates. You will only receive information that you have opted in to receive.
Depending on your preferences, we will contact you for the following reasons:
Opportunities to take part in PAS499
MIDAS Alliance campaigns and events
Forum invitations and discussion points
Contact form users
If you get in touch with us via the contact form on the website, we may save the details you share with us on our database. This way, if you get in touch with you in future we can refer to our previous conversations. We will not contact you or share your details without asking for your consent.
If you are a speaker at a MIDAS Alliance event, we will publically promote your involvement via Twitter, LinkedIn and emails to our supporters. This data may continue to be processed by those platform providers after the event has ended.
As an individual whose personal data is processed by The MIDAS Alliance you have the following rights:https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed/
The right to be informed:
The right to access the data we hold about you, the right to object to direct marketing:https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-of-access/
The right to object to processing carried out on the basis of legitimate interestshttps://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-object/
The right to erasure in some circumstanceshttps://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/
The right of data portabilityhttps://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-data-portability/
The right to have your data rectified if its inaccuratehttps://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-rectification/
The right to have your data restricted or blocked from processinghttps://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-restrict-processing/
Special category data
Biometrics and identity documents are used as a requirement to become a member of the MIDAS Alliance forum. This is in line with best practice in British standards PAS499 for online digital identification and authentication for strong customer authentication.https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/special-category-data/
If you are not happy with the way we have handled your data, and are unable to resolve the issue with us personally, you can complain to theICO