chart

Privacy policy

Terms and conditions

Last updated: 18 May 2018

Summary

This Privacy Policy explains what information we gather about you, what we use that information for and who we give that information to. It also sets out your rights in relation to your information and who you can contact for more information or queries.

Please read this Privacy Policy carefully. If you have any requests concerning your personal information or any queries with regard to our processing, please contact us at privacy@cfauk.org.

We may make changes to this Privacy Policy from time to time and any changes will be made available to you on our website or by other means.

Contents

This privacy policy consists of the sections set out below. Please click on the section below for ease of navigation.

 

  1. Who are we?

    CFA Society of the UK (‘CFA UK’) is a not-for-profit professional body for investment professionals with its registered office at 4th floor Minster House, 42 Mincing Lane, London EC3R 7AE.  In this Privacy Policy, references to "we", "us" or "our" are references to CFA UK.

     

    CFA UK is a data controller for the purposes of the General Data Protection Regulation (the "GDPR"). This means we decide how and for what purposes your personal data is processed. The processing is governed by the GDPR and other applicable data protection laws.

     

  2. How do we collect your personal data?

    The term "personal data" is defined broadly under the GDPR as any data that from which a living individual can be identified. Personal data can include, but is not limited to, your name, address, email address, online identifiers (e.g., IP addresses), customer services data, feedback forms, location data, biometric data, financial information and much more.

     

    We collect your personal data both directly and indirectly. We collect your data directly when you:

    • register for an examination;
    • purchase training manuals;
    • apply for or renew your membership;
    • register for events or online webinars;
    • apply for or renew your Statement of Professional Standing (SPS);
    • apply for pre-employment verification, directly, via your company or via a screening agency;
    • register on CFA UK’s jobs board or Learning Management System;
    • register your interest in, or purchase, CFA UK’s products or services;
    • ovolunteer with CFA UK;
    • respond to surveys, or speak to us via telephone;

     

    The Investment Management Certificate (IMC) qualification includes the opportunity for candidates to request reasonable adjustments prior to taking the examination.  As part of this application process, personal data classified as a "special category" data may be collected. Such data is also collected where candidates wish to request special consideration. This classification of data includes data about your health.  Where you are requesting a reasonable adjustment or special consideration we will always seek explicit consent from you to process that information for the stated purpose only.

     

    We may collect your personal data indirectly via our relationship with your employer, CFA Institute or third parties who may purchase products or services on your behalf, for example, training providers.

     

  3. What personal data do we collect?

    We may collect the following personal information:

    • your name, gender, date of birth, contact details, employer, job role, training provider if you are an examination candidate;
    • identification documents for the purposes of verifying your name if you are an examination candidate;
    • examination result and assessment data, history of qualifications held if you are or were an examination candidate;
    • special categories of data, if you are an examination candidate and you wish to share this data with us for the purposes of a reasonable adjustment / special consideration application;
    • If you are a CFA UK member, your name, date of birth, contact details, employer, your job role and payment transactions;
    • details about your interactions with CFA UK if you volunteer with us;
    • details about products and services you have purchased to enable delivery of a contract;
    • any consents and preferences provided by you, via email or telephone;
    • your unique identification number(s) provided by the regulator or by other professional bodies;
    • information in relation to your application for an SPS and responses you may have provided in relation to CPD audit;
    • details on your membership with CFA Institute, including your CPD record;
    • details of any publically available criminal convictions, your disciplinary history with CFA UK and CFA Institute including our contact with other professional bodies and the regulator.

       

    Please note that we do not store payment card details on our systems. If you make a card payment online to pay for CFA UK services or products, you will be redirected to a secure payment service provider who will take your payment on our behalf and then return you to our website when your order has been completed.

    We may ask you to complete surveys or questionnaires from time to time. If you complete them we may use the information collected to personalise the website and to target marketing to relevant users.

    We also collect usage and tracking data from devices you may use to connect to our websites or services using cookies and other internet tracking software. For information on the cookies we use and the purposes for which we use them, please read our cookies policy.

     

  4. How do we process and use your personal data?

    There are a number of main methods of interaction with us: as an IMC Candidate, as a local CFA UK Member, as a CFA Institute Member with CFA UK as your local society or a person interested in CFA UK’s products and services.  Based on those that apply to you, we collect and use your personal data for the following purposes:

    • to communicate information about the products or services in which you have expressed an interest;
    • to verify your identity;
    • to manage our relationship with you and administer your account, including payments;
    • to provide the IMC qualification service, monitor examination results and performance, entitlements and ancillary products;
    • to maintain and manage your history of accreditations and qualifications;
    • to provide local membership services and associated benefits of membership;
    • to book places on CFA UK events including the delivery of the event and necessary follow-on processing;
    • to carry out statistical analysis, reporting, regulatory reporting and to improve our services;
    • to meet internal operational requirements;
    • to investigate and resolve complaints; and
    • to carry out disciplinary, audit and regulatory functions.

     

  5. What is the legal basis for processing your personal data?

    We rely on one or more of the following processing conditions in order to process your personal data:

    • to perform our obligations under any contracts that have been agreed with you in relation to membership, the IMC qualification, verification services or Statements of Professional Standing (SPS);
    • oour legitimate interests in the effective delivery of information and services to you and in the effective and lawful operation of our businesses (provided these do not interfere with your rights);

     

  6. Who do we share your personal data with?

    We share your personal data on your behalf for the purposes described in this Privacy Policy with service providers.  We take reasonable steps to ensure they act in accordance with our instructions and that they put suitable security measures in place to adequately protect your data.  Where we share this data, we may allow them to process it for the purposes of providing their services to us or complying with their own legal obligations.  We do not allow our service providers to market to you for their own purposes without your explicit consent.

     

    We share your personal data with the following parties:

    • Pearson VUE and NCS Pearson Inc., based in the European Economic Area (‘EEA’) and in the USA, who deliver examinations on our behalf, or any other examination partners selected from time to time;
    • third party providers for delivery of products and services, based in the EEA or in the USA;
    • training providers who administer examinations on your or your employer’s behalf;
    • your employers who may book you onto an examination or purchase services or products on your behalf;
    • event venues, providers or firms for managing events;
    • CFA Institute, based in the EEA and in the USA, where you are or were a joint member or a CFA Program candidate;
    • oother CFA UK and CFA Institute volunteers where you provide consent;
    • oother professional bodies and regulators; and
    • oother third parties where you provide consent to do so.

       

  7. International data transfers

    We transfer your personal data to countries outside of the EEA for the purposes of delivery of examinations and for the purposes of administering your membership record. If you are a joint member of CFA UK and CFA Institute, or if you are a CFA Program candidate, your data will be transferred outside of the EEA as part of our data sharing arrangements with CFA Institute.

     

    Where we collect your personal data within the EEA, transfer outside the EEA will be only:

    • to a recipient located in a country which provides an adequate level of protection for your personal information; and/or
    • under an agreement or mechanism which satisfies EU requirements for the transfer of personal data to data processors or data controllers outside the EEA, such as standard contractual clauses approved by the European Commission or the EU-US Privacy Shield Framework in relation to transfers of personal data from the EEA to the USA.

     

  8. How long do we keep your personal data?

    We retain your personal data for as long as it remains necessary in relation to the purposes for which it was collected.  For examination candidates we hold your data indefinitely as proof of your examination history or your having sat the examination. After you cease being a customer of CFA UK we may continue to hold your data to enable CFA UK to respond to questions or to complaints or to comply with legal or regulatory requirements.

     

  9. How do we protect your personal data?

    To protect the security of your personal data, we have appropriate technical and security measures in place including both physical and technical safeguards.  We have a governance model that ensures adequate policies, procedures and controls are in place to manage the risks.

     

    Although we use appropriate security measures once we have received your personal data, the transmission of data over the Internet (including by email) is never completely secure. We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to or by us.

     

  10. What are your rights under the GDPR?

    Under the GDPR you have the rights listed below, however they do not all apply in all circumstances.  If you wish to exercise any of these rights, we will explain at the time if they apply or not. You have the right to:

    • access, rectify or request erasure of your personal data;
    • restrict the processing of your personal data;
    • request the portability of your personal data;
    • oobject to our processing of your personal data; and

     

    You also have the right to lodge a complaint with the UK’s data protection regulator, the Information Commissioner’s Office:  https://ico.org.uk/for-the-public/.

     

  11. Direct marketing and unsubscribing from marketing

    Where we are legally required to obtain your consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.

     

    If you want to unsubscribe from mailing lists or any marketing, you should look for and follow the instructions we have provided within the appropriate area(s) of the website or in the relevant communications to you.

     

    If you do not wish to receive marketing communications from us, you can at any time contact us to request that such communications cease.  If you choose to unsubscribe from any or all mailings, we may retain information sufficient to identify you so that we can honour your request.

     

    You can manage your email preferences by logging into your account and then into the CFA UK preference centre which is also sent to you via a link on emails you receive.

     

  12. How can you contact us?
  • correspond with us by phone, email or otherwise; and
  • use our website.
  • to satisfy any legal and regulatory obligations to which we are subject; and
  • where no other condition for processing is available, if you have agreed to us processing your personal data for the relevant purpose.
  • withdraw your consent to our processing of your personal data (to the extent such processing is based on consent and consent is the only permissible basis for processing).

If you wish to make a subject access request, please do so via email to privacy@cfauk.org with Subject Access Request in the title of the email, or in writing to Subject Access Request, CFA Society of the UK, 4th floor Minster House, 42 Mincing Lane, London EC3R 7AE.

 

If you have any questions or concerns about our use of your personal data, or would like to exercise one of your rights set out above, please contact us at CFA Society of the UK, 4th floor Minster House, 42 Mincing Lane, London EC3R 7AE or at privacy@cfauk.org .

Back-to-top

Last updated: 18 May 2018