The BCI Fair Processing Information
Please read this information carefully. It provides important advice, guidance and information about your personal data.
1.1.1 Who are we
We are the Business Continuity Institute (BCI), the world’s leading institute for business continuity.
Established in the United Kingdom in 1994, the BCI has established itself as the leading membership and certifying organization for Business Continuity (BC) professionals worldwide.
We are a data controller, and we are processing your personal data.
We have acquired and hold your personal data for the purpose of maintaining and promoting the membership body. The processing of your data may be based on your consent or the legitimate interest of direct marketing, as detailed in Article 6 (f) and Recital 47 of the European General Data Protection Regulation.
1.1.3 Categories of data held
Personal details, including contact information
Employment details, including job function/title
Academic records, if you have undertaken a qualification with the BCI
Website interactions, including mentoring relationship data, community group membership and document downloads
Marketing preferences, as set by you via your online account profile
Event bookings/attendance, for events run by the BCI or booked via the BCI website
Your personal details will be passed to our agents/data processors, who will use them for the purpose of direct marketing.
It may be necessary to transfer personal information outside the UK and the European Economic Area, to countries or territories around the world. Any transfers will be made with appropriate safeguards to protect your enforceable rights and provide effective legal remedies.
You may request a copy of data import/export agreements we have enacted to ensure your data is appropriately safeguarded. See below for contact details.
1.1.6 Data Retention
The BCI will hold your personal data until it becomes inaccurate, at which time we will endeavour to bring the data up-to-date. If we are unable to verify the accuracy of your data, we will delete the appropriate records.
1.1.7 Data Source
Personal data processed by the BCI may not have been obtained from yourself (the data subject), and may have been sourced from your employer, publicly accessible records or other ‘open’ web searches.
1.1.8 Your rights
With regard to your personal data, you may contact us to request;
- withdrawal of your consent
- access to your data
- rectification or erasure of your personal data,
- ask for a restriction of processing
- to object to processing and
- request data be ‘ported’ to another Data Controller
We explicitly bring to your attention your right to object to our processing of your personal data. You have the right to object at any time to processing of personal data concerning you for marketing, which includes profiling to the extent that it is related to such direct marketing. Please use the contact details below if you wish to exercise any of your rights. Please refer to our Subject Access Request Policy for more details.
You are advised that you have a right to lodge a complaint with a supervisory authority. As a UK registered company, this would be the UK Information Commissioner. Their contact details and other information and guidance can be obtained from www.ico.org.uk. The data controller reference number at the BCI is ZA386332.
1.1.9 Information security
The BCI takes reasonable technical and organisational precautions to prevent the loss, misuse or alteration of personal data. All information provided is stored on secure (password- and firewall-protected) servers and devices.
1.1.10 Data protection policy amendments
The BCI may update this policy from time to time by posting revisions here. Please check here occasionally for any changes.
1.1.11 Other websites
The BCI accepts no responsibility for the content, privacy policies or practices of other websites.
1.1.12 Contact us
You can use any of the channels below to contact us about your personal data.
BCI Forum Limited, t/a The Business Continuity Institute
10-11 Southview Park,
Telephone: +44 0118 947 8215
Please note that in the interests of your safety, we will be unable to discuss your personal data until we have positively identified you. This may require us to contact you via email for confirmation of your identity.
*Last Updated 22/05/2018