Who we are
Our website address is: https://baice.ac.uk.
Processing of your personal data
Under the GDPR we control and / or process any personal information about you electronically using public task as the lawful basis, where our purpose for processing is to perform a task in the public interest.
What personal data we collect and why we collect it
Membership and Funding Application forms
We collect and process personal identifiers, contacts and characteristics (for example, name, contact details and bank details). Most of the personal information we process through membership form and funding applications is provided to us directly by you for one or more of the following reasons:
- to provide membership services;
- to evaluate funding applications;
- to process payment of expenses of individuals and grants to individuals;
- to organise conferences, workshops and seminars; and
- to process payments to institutions running conferences other events funded by BAICE.
Should you choose to contact us via our Contact BAICE page, none of the data that you supply will be stored by this website or passed to / processed by any third party data processor.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Like many websites, this site uses Google Analytics to track user interaction. We use this data to determine the number of people using our site and to better understand how they find and use our web pages.
Although Google Analytics records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. Your computer’s IP address which could be used to personally identify you is also recorded but Google do not grant us access to this.
Who we share your data with
Personal data may be shared with BAICE conference organisers at different UK universities, UKFIET conference organisers and institutions organising workshops and seminars which are funded by BAICE.
How long we retain your data
For users that register on our website (if any), we store the personal information they provide in their user profile. Users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Your information collected through the membership form and/or funding applications is securely stored in password-protected computer folders and emails of the BAICE executive committee members.
We keep your personal data:
- for 2 years post announcement of grant and fellowship applications for grant and fellowship management purposes.
- for up to 3 years post announcement of grant and fellowship applications for financial management purposes.
- for 3 year post membership expiry date for membership management purposes.
We conduct an annual audit to dispose of your information by deleting the data in personal computers and emails after the above periods have passed.
What rights you have over your data
Under the GDPR your rights are as follows. You can read more about your rights in details here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
How we protect your data
Securing your data is a priority for us. We work hard to protect your personal data against unauthorized access, use, alteration, or destruction and take reasonable technical measures to do so, such as hosting our website with a secure webhost, monitoring for potential vulnerabilities and attacks, keeping our software up-to-date and through installation of a SSL (Secure Socket Layer) certificate. Only members of staff who need access to your information will be authorised to do so.
Where you have chosen a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. Please make sure this password is unique and that you do not share this password with anyone. If you think that any of your passwords have been compromised, please notify us so that we can look after the security of your details on our website.
Sending any information, including personal data, via the internet is not entirely secure and although we will do our best to protect your personal data we cannot guarantee the security of any personal information which is transferred from you or to you via the Internet. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features such as encryption to try to prevent unauthorised access.
What data breach procedures we have in place
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Policy updated 17th December, 2020