1. Privacy and data protection
CIMA (we, us or our) are committed to respecting your privacy, while providing you with the opportunity to receive products and services that enhance your business activities and to receive benefits from our websites.
This Policy applies solely to information collected by the Websites. The Websites may contain links to other sites.
CIMA is not responsible for the content or practices of other sites and we recommend that you check their own privacy policies. Use of the Websites by you constitutes acceptance of this policy. If you do not agree to this policy then please refrain from using the Websites. For the purpose of the Data Protection Act 1998 (the Act), the data controller is the Chartered Institute of Management Accountants (CIMA) of The Helicon, One South Place, London, EC2M 2RB, United Kingdom.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. We will maintain the confidentiality of and protect your personal data in accordance with this policy and to the extent required by English law (including the Data Protection Act).
3. Collection of information
We collect data from you in various ways: when you register on any of the Websites to use our services; by our use of 'cookies' (see below); while participating in surveys or contests; during the course of your use of our services, and when we request further information from you from time to time following on from your registration.
4. How your personal data is used
We may use personal data you provide to us solely for the following purposes:
- Providing our products and services to you
- To improve our services to you, for example, to notify you of any updates and changes to our products and services
- To process payments from you, including registration fees, subscription payments and exam fees
- Internal purposes, including Websites and system administration
- Internal research, analysis and reporting for the purposes of improving our services
- From time to time we may provide statistics about the usage levels of the Websites and other related information to reputable third parties, but these statistics will not include information which will allow you to be identified
- We may use your information in accordance with CIMA's Royal Charter bylaws and regulations for the purposes of processing registration and exam entries
- To provide access to restricted parts of the Websites.
We may use personal data obtained about you from monitoring your use of the Websites solely for internal purposes including site performance, evaluating site use and creating our marketing reports to aid future marketing of information about us and our products. Personal data collected by monitoring will be aggregate and no personal data will be used other than for the purpose for which it was originally obtained.
6. Processing of information
Your personal data may be controlled and processed by any of our offices. You acknowledge and agree that the location of our offices may change from time to time and that we may acquire other offices in any number of other countries or territories, including outside the European Economic Area (EEA), at any time, any one or more of which may act as a data controller of and/or data processor for the purpose of applicable data protection laws.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Remember to close your browser when you have finished your user session.
This will help to ensure that others do not access your personal information if you share your computer or use a computer in public places such as a library or internet café.
Other than as set out in paragraphs 4 and 11 of this policy, we will not disclose your personal data to any third party without your prior permission, unless we are required to do so by any applicable law or regulators (in the UK or elsewhere).
If you consent, we may use your email address to contact you by email to provide you with further information about us, our products/services and to promote our Websites. This may involve disclosing your personal data to our other offices or to our affiliates, agents or appointed representatives.
If you wish to be contacted in this way please tick the appropriate box when you register for our online services. Please note that if at any point you wish to change your communication preferences you can do so online by logging into MY CIMA and accessing My Details followed by My Communication Preferences.
8. Transfer of personal data overseas
You acknowledge and agree that we may from time to time transfer any of your personal data overseas to any of our offices or of any of our affiliates, agents or appointed representatives. Some of our offices and those of our affiliates, agents or representatives are located in countries outside the European Economic Area which do not have well developed data protection legislation when compared to European law.
While we will take all reasonable steps to ensure that your personal data is processed in accordance with this policy you may not have rights under data protection legislation in those jurisdictions equivalent to those under European law. Please do not send us any personal data if you do not want that personal data to be processed by us in the ways described in this paragraph.
As part of our quality control and with the objective of providing you with enhanced services we may monitor the use of the Websites and record, where available, your IP address and/or email address.
This information is collected for our internal purposes only and shall not be disclosed to any other organisation except as required by law. For the same reason, we may obtain information about your general internet usage by using a ‘cookie’ file.
10. Subject access
You have the right to access and the right to amend your personal data by changing the details online or by sending us a written request to the address given below or by email to:
Data Protection Officer
One South Place
11. Use of third party services
Please note that third parties may require access to your personal data where such third parties provide services to us, for example, website hosting services. In those circumstances those third parties shall be required to enter into an agreement with us containing terms no less stringent than found in this policy and to process your personal data solely in accordance with our instructions. You consent to your personal data being provided to such third parties for these purposes.
12. Data Protection
This privacy statement forms part of CIMA’s commitment to the principles of the Data Protection Act 1998.
You can get a full copy of our data protection policy from CIMA’s Data Protection Officer, Baljeet Basra, by email on email@example.com, or in writing at the address above.
If you have any questions or need further information about our privacy practices, please contact us at firstname.lastname@example.org.