Notice to members: Personal data held by the Institute
The Institute requires to hold personal data of its members in order to ensure they continue to satisfy criteria for membership. We also hold data of courses and events that members have attended, and their areas of interest, where they have indicated permission for us to do this. We hold contact details of members nationally and at local section level in order for us to communicate with them.
The Institute has a data protection policy that complies with the General Data Protection Regulations 2018 (GDPR). A copy of this policy is available from the Institute’s Data Protection Officer dpo@instmc.org. Under the policy, personal data is kept confidential and in a secure environment and is not shared unless necessary for the purposes of servicing members’ interests.
A data subject is entitled to know what data we hold about them. A member of the Institute wishing to exercise this right should email a subject access request form to the data protection officer dpo@instmc.org. This form is available here You will also need to provide proof of identity by including a scanned recent utility bill addressed to you at the address we hold for you on our records.
A data subject is also entitled to request the deletion of some or all personal data held about them. To exercise this right, you should contact the data protection officer dpo@instmc.org stating what data you wish to be deleted, and providing proof of identity in the form of a scanned recent utility bill addressed to you at the address we hold for you on our records. Please note that we require to keep information relating to your entitlement to membership: if you request that this is deleted, your membership will be terminated as a result.
If you have any queries or complaints about our data protection process, please contact the data protection officer dpo@instmc.org . If your complaint has not been satisfied, you can contact the Information Commissioner’s Officer www.ico.org.uk