The Chartered Management Institute (incorporating CMI Enterprises Ltd, the Chartered Management Institute Retirement Benefits Scheme and the Institute of Consulting) needs to collect and use certain types of information about people (“personal data”) with whom it deals in order to operate and carry out its legitimate business purposes. These include current, past and prospective members, Corporate Members, students, employees, suppliers, associates, external verifiers and others with whom it communicates. We may use your personal data, together with any other information, for administration, marketing, customer service, Continuous Professional Development, education, research, Branch, Professional Network and Internet related activities. We may also disclose your personal data to our service providers and agents for these purposes. In addition, we may occasionally be required by law to collect and use certain types of information of this kind and of a sensitive nature, for example, to comply with the requirements of government departments. This personal data must be dealt with properly, however it is collected, recorded and used – whether on paper, in a computer, on the Internet or recorded on other material – and there are safeguards to ensure this in the Data Protection Act 1998.
The Chartered Management Institute regards the lawful and correct treatment of personal data as very important to successful operations, and to the maintenance of confidence between those with whom we deal and ourselves. We have put in place procedures to ensure that the Institute treats personal information lawfully and correctly.
To this end the Chartered Management Institute fully endorses and adheres to the eight Data Protection Principles, as laid out in the Data Protection Act 1998 and the Institute’s own Data Protection Policy.
Therefore the Chartered Management Institute will, through appropriate management and the strict application of procedures and protocols:
observe fully the conditions regarding the fair collection and use of personal data;
meet its legal obligations to specify the purposes for which personal data is used;
collect and process appropriate information, and only to the extent that it is needed to fulfil operational needs or comply with any legal requirements;
ensure that the personal data used is accurate and up to date through quality control;
apply strict checks to determine the length of time personal data is held;
ensure that the rights of people, about whom personal data is held, can be fully exercised under the Act. (These include: the right to be informed that processing is being undertaken, the individual’s right of access to his or her personal data, the right to prevent processing in certain circumstances and the right to rectify, block or erase inaccurate information);
take appropriate technical and organisational security measures to safeguard personal data;
ensure that personal data is not transferred outside the European Economic Area without suitable safeguards.
In addition the Chartered Management Institute will ensure that:
everyone managing and processing personal data understands that they are contractually responsible for following good data protection practice;
everyone managing and processing personal data is appropriately trained to do so;
everyone managing and processing personal data is appropriately supervised;
anybody wanting to make enquiries about processing personal data knows what to do;
queries about processing personal data are promptly and courteously dealt with;
methods of processing personal data are clearly described;
a regular review and audit is made of the way personal data is managed;
methods of processing personal data are regularly assessed and evaluated;
performance with processing personal data is regularly assessed and evaluated.
We may contact you by mail, telephone, fax or e-mail to let you know about goods, services or promotions which may be of interest to you, unless you indicate an objection by emailing us. Please indicate which methods of communication you would like to opt out of i.e post, phone, fax or email.
We recognise your right to withdraw this permission at any time in the future and you will be given the opportunity to do so every time we send you an electronic marketing communication.
Occasionally, the Institute may share your contact details with organisations that are our business partners. If you do not wish to be contacted by these partners, please let us know by email. Please indicate which methods of communication you would like to opt out of i.e. post, phone, fax or email.
The Institute does not support the practice of sending unsolicited, direct marketing by electronic means (spam).
The Institute adheres to the Privacy & Electronic Communications Regulations with regards to electronic direct marketing to members, customers, potential members, potential customers and other contacts, and will not use electronic contact details (phone, fax, or e-mail) without prior consent. When sending electronic direct marketing communications, the Institute will always provide a valid address to which requests to unsubscribe from future electronic communications can be sent.
You have the right to ask for a copy of your information (for which we may charge a small fee) and to ask us to correct any inaccuracies. To make sure we follow your instructions carefully, and to improve our service to you through training of our staff, we may monitor or record communications.
When we give you personal data about another person we confirm that they have appointed the Institute to act for them, that, if applicable, they have consented to the processing of their personal data, (including sensitive personal data) and to the transfer of their information outside the European Economic Area and to receive on their behalf any data protection notices.
The Chartered Management Institute is registered with the Information Commissioner according to the requirements of the Data Protection Act 1998, number Z5751624
The Trustees of the Chartered Management Institute Retirement Benefits Scheme are registered with the Information Commissioner according to the requirements of the Data Protection Act 1998, number Z5048733