Introduction

The Individual Protection Service (IPS) is committed to ensuring the protection and privacy of your personal data you share with us. For the data you share with us, IPS will act as the data controller, processing your data on the basis of your express consent.

Your personal data will be processed in order to register your details with the Telephone Preference Service, Mailing Preference Service and other services designed to reduce unwanted direct marketing and/or reduce paper usage. We will not register your details to any service without your express permission.

Only if we have your express consent, we will also process your personal data for the purpose of introducing you to organisations in the sectors you request. We will share all relevant data disclosed with the relevant organisations to help them deal with your request more effectively. We ask for your individual express permission to introduce you to organisations in each sector.

 

What data do we collect?

When you become a member of the IPS, with your consent, we collect the necessary information to register you with the Telephone Preference Service (TPS) and Mail Preference Service (MPS) and our own Individual Protection Service. This includes;

  • Your name, address, email address and telephone number(s).

We will also, provided you offer consent, use this information as our contact information for you, should we need to contact you.

When you become a member of the IPS and request services, policies or products from our partners, we need to collect certain information about you to process your request. Also, when you contact us, in any way, we may update your personal information or membership records. This will allow us to provide you with a higher level of service.

The information we will normally collect about you will be:

(NOTE; all data collected in this section is offered voluntarily and only processed with your consent.)

  • Information about the current products, policies and services you subscribe too and/or sectors that you have expressed an interest in.
  • Your contact and product/service preferences in sectors you wish to be contacted by IPS partners.
  • Any relevant/useful information disclosed to IPS that will help us in dealing with your requests more effectively.

 

How long will we keep the data?

You are given the option to opt out of each part of your membership, or your IPS membership as a whole, at any time. If an Opt Out request is issued, we will action it within 14 days.

You have the option to Opt Out any or all of;

  • Telephone Preference Service (through 3rd party).
  • Mail Preference Service (through 3rd party).
  • Each sector(s) requested.
  • Each IPS partner company requested.
  • IPS Membership.

If you have had no interaction with the IPS for 24 months we will remove your data from our system. An interaction is defined as;

  • Telephone conversation.
  • SMS reply/click.
  • Email reply/click/open.
  • IPS app current instalment.
  • Website account login.

 

Under what circumstances will we disclose your personal data?

There are certain circumstances where we will need to disclose your personal information to a third party, these include:

  • To register you with the Telephone Preference Service;
  • To register you with the Mail Preference Service;
  • To introduce you to IPS partners (third party organisations) who will supply the services/products/policies that you have specifically requested;
  • If the law permits or requires us to, or if any regulatory or governmental body (such as Ofgem and Ofcom, or any organisation that takes over their roles) requests or requires us to, even if you have not consented;

 

How do we analyse and enhance your data?

In order to ensure that we are able to match your profile and areas of interests most accurately to our selected business partners, we will assess and analyse the personal data you share with us. This may include both;

  • The use of third parties to analyse and segment IPS members’ personal data.
  • Matching and augmenting the data we hold with data that has been collected by third parties.

This may result in different partner offers and services being made available to different IPS members groups or segments according to their data profile.

At all times we will ensure that any third parties handle and process your data in a secure and compliant manner. We will ensure that any third parties’ data used to match or augment the data you have shared has been obtained and processed by the third party in an open and compliant manner. Other than for these purposes we will never pass your personal data to any third parties, with the exception of IPS’s partners you have specifically selected to hear from.

Automated Decision Making

As you share more data with us, we will start to use automated decision making techniques in order to make accurate assessments of your profile and potential needs. Thus we will be able to continue to – with your consent – present you with partner offers and services we think will be of value or interest. If you are not happy with this, or any other aspect of our processing of your data, please let us know info@ipsonline.org.uk.

 

Know Your Rights:

The EU General Data Protection Regulation (GDPR) offers UK consumers more rights in accessing and using the personal data that organisations hold on them, than ever before. We fully support this regulation change and have highlighted your rights below. To see more information on GDPR and your rights, please click on the link at the bottom of the page.

  1. The right to be informed: The right to be informed encompasses our obligation to provide ‘fair processing information’. This emphasizes the need for us to be transparent about how your personal data is used.
  2. The right of access: You have the right to obtain:
    – confirmation that your data is being processed;
    – access to your personal data; and
    – other supplementary information – this largely corresponds to the information that is provided in our privacy notice.
  3. The right to rectification: You are entitled to have personal data rectified if it is inaccurate or incomplete.
  4. The right to erasure: The right to erasure is also known as ‘the right to be forgotten’. The broad principle underpinning this right is to enable you to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
  5. The right to restrict processing: Under the DPA, you have the right to ‘block’ or suppress processing of personal data. The restriction of processing under the GDPR is similar. When processing is restricted, we are permitted to store the personal data, but not further process it. Retaining just enough information about you to ensure that the restriction is respected in future is permitted.
  6. The right to data portability: The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
  7. The right to object: You have the right to object to:
    – processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
    – direct marketing (including profiling); and
    – processing for purposes of scientific/historical research and statistics.
  8. Rights in relation to automated decision making and profiling: The GDPR provides safeguards for you against the risk that a potentially damaging decision is taken without human intervention. These rights work in a similar way to existing rights under the DPA.

More detailed information on each of the rights can be found here: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/