- We collect and use personal information about our current and past customers.
- We store information about past, current and potential employees, students, members, affiliates, suppliers, customers, and other groups that we communicate with.
Under the General Data Protection Regulation (GDPR), that is due to be a law from 25th May 2018 , all organisations including NYMAS that store and use personal information must be fully compliant regarding the privacy and disclosure of this information.
We have ensured that we are 100% compliant by:
- Deleting any personal information for anyone that has unsubscribed and does not wish to be contacted by NYMAS.
- Only add potential customers to our databases if they choose to opt in.
- We will only contact our marketing database for product, company and industry news including newsletters, product offers, new terms related to the use of personal data and competitions.
Data protection legislation*
In the United Kingdom and the European Economic Area (EEA), ‘Data Protection Legislation’ means all applicable data protection and privacy legislation or regulations including The Privacy and Electronic Communications (EC Directive) Regulations 2003 (also known as PECR) and any guidance or codes of practice issued by the European Data Protection Board or the Information Commissioner, together with:
- prior to 25 May 2018, the UK Data Protection Act 1998; and
- from 25 May 2018 onwards Regulation (EU) 2016/679 (the "General Data Protection Regulation" or "GDPR”), as amended by the UK Data Protection Bill.
Outside of the EEA, "Data Protection Legislation” means local, territorial data protection and privacy legislation that governs the processing of Personal Data.
Therefore, to adhere to our legal responsibilities of data protection we will;
1. Collect information in a GDPR compliant way
2. Specify and clearly advise how we plan to use your personal information on sign up
3. Only collect and process the personal information that we need to run our business
4. Ensure the personal information is accurate by ensuring our database is up to date
5. Only hold the personal information for as long as we need it
6. Communicate your rights to see your personal information and give you the opportunity to request this information be deleted
7. Keep this personal information secure
8. Not transfer or send personal data abroad
As part of our commitment to data protection we have an appointed data protection ambassador within our business. They will regularly review and audit the ways in which we handle personal information and clearly outline how we will use personal data. Everyone in the company that handles personal information is fully trained on GDPR and data protection and understand good practice and regular checks are undertaken to make sure that everyone is handling personal information correctly.
Any enquiries regarding our handling of personal information will be responded to quickly and efficiently.
If you would like to know what personal information we have about you and what the terms and conditions are that you signed up to, please write to us at:
Data Protection Officer
Alternatively, email firstname.lastname@example.org , or telephone on +44 (0)1642 710 719.
* Source of information www.ico.org.uk