Who are we?
The Institute of Legal Finance & Management Ltd (ILFM) is committed to protecting and respecting your privacy. We understand the importance you place on the privacy and security of information which personally identifies you and we value our relationship with you. ILFM is a “controller” under the General Data Protection regulations.
Our registered address is: 2nd Floor, Marlowe House, 109 Station Road, Sidcup, Kent DA15 7ET
VAT No. 626 0395 47 Registered in England Company No. 10245337
Whose data do we hold?
We may hold data about our employees, our members, our customers, suppliers and service providers, advisers, consultants, Directors, complainants and enquirers.
What data will we collect?
We will only collect information from you that is relevant. In particular we may collect, store and use the following kinds of personal information:
- Personal details
- Financial details
- Employers and employment details and business activities
- Qualification, education details
Using personal information
We may use your information for the following purposes:
- Provision of membership services and services of a Professional Institute
- Deal with enquiries and complaints
- Maintaining accounts and records
- Supporting and managing employees
- Supporting and managing our Members
- Supporting and managing Independent Contractors
- Promotion of our services
Technical information does not identify the individual, but we may collect data about your visits to and use of our website, including your IP address, operating system and browser type for system administration. This is statistical data about browsing patterns and does not identify individuals.
We use a range of cookies to improve your experience of our site. To comply with the e-Privacy Directive we need to seek your consent to set these cookies. Our website uses standard cookies. We use a third-party web design company to host and manage our website.
Who will we share your information with?
There are very strict rules over who we may share your information with and this will be limited to relevant people. This may include our employees and independent contractors.
How long will we keep your information for?
We will only keep your information while it is still needed to provide our services to you and afterwards for a period of time as we may be required to do by law and also as a professional institute to record professional qualifications etc.
More information is set out in our data retention policy which is available on request from us.
International data transfers
Your personal data will remain in the EU or countries considered by the EU to have equivalent policies such as Jersey, Guernsey, Switzerland, New Zealand and Canada.
Companies based in the USA that have certified with the EU-US Privacy Shield programme are also considered to be permitted destinations by the EU (this includes popular US products like Microsoft, Gmail, DropBox and MailChimp).
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all personal information you provide on our secure password and firewall protected servers. We cannot guarantee the security of data sent over the internet. In the event of a data breach, we have in place procedures to ensure that the effects of such a breach are minimised and shall liaise with the ICO and with you as appropriate.
What rights do you have?
You have the following rights
- Right to be informed
- Right of access
You have a right to see the information we hold about you. To access this, you need to provide a request in writing to our data protection lead together with proof of your identity. No payment is required.
- Right to rectification
- Right to erasure
You have a right to ask us to erase personal data that we hold, but we reserve the right to refuse to erase information that we are required to retain by law or regulation, or that is required to exercise or defend legal claims.
- Right to restriction of processing
- Right to data portability
- Right to object
- Rights concerning automated decision-making and profiling
Who can you complain to?
If you are unhappy about how we are using your information or have responded to your request, then initially you should contact our data protection lead, at firstname.lastname@example.org. If your complaint remains unresolved then you can contact the Information Commissioners Office, details available at www.ico.org.uk