The Chartered Association of Building Engineers (CABE), recognises that your privacy is very important and we take it seriously.
This Privacy & Cookies Policy describes our policies and procedures on the collection, use and disclosure of your information when you use the services, websites, and applications offered by CABE (the "Services") and tells you about your privacy rights and how the law protects you. By using the services, you consent to our use of your information in accordance with this Privacy & Cookies Policy. We will not use or share your personal information with anyone except as described in this Privacy & Cookies Policy.
With that in mind, this Privacy and Cookies Policy is designed to describe:
- Who we are and how to contact us
- Your rights relating to your Personal Data
- What Personal Data we collect
- How we use your Personal Data and why
- Who we share your Personal Data with
- How long we store your Personal Data
- Where we store your Personal Data
- How we protect your Personal Data
- Marketing communications preferences
- Links to other websites
- Changes to our Privacy & Cookies Policy
- International Chapters
Chartered Association of Building Engineers
Billing Brook Road
Data Processing Controller:- Dr Gavin Dunn
Data Processing Officer:- Jackie Macaulay
This Privacy & Cookies Policy is intended to meet our duties of transparency under the "General Data Protection Regulation" or "GDPR". We will post any modifications or changes to this Privacy & Cookies Policy on all of our relevant web pages.
You have the right under this Privacy and Cookies Policy, and by law, if you are within the United Kingdom and/or EU, to:
- Request access to your Personal Data. If you are within the United Kingdom and/or the EU, this enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request removal of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. Where there is a legitimate reason within the regulations under our responsibilities to maintain information for the services within your membership and the 'Public Interest' we reserve the right to retain such information.
- Object to the processing of your Personal Data. This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to the processing of your Personal Data on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
- Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example, if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your Personal Data. If you are within the EU, we will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
How to Exercise your Rights.
If you want to exercise any of the rights described above, please contact us using the contact details in Who we are and How to contact us.
Typically, you will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, we will ensure we provide you with the full details of our reasons and reserve the right to refuse to comply with your request.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
CABE uses the Personal Data we collect to provide the services, personalise content, maintain information to help you efficiently access your membership, analyse how the services are used, diagnose service or technical problems and maintain security.
Information you directly provide to us
There are many occasions when you provide information that may enable us to identify you personally ("Personal Data") while using our services. The Personal Data we may collect from you is outlined in the table below.
|Category of Personal Data collected||What this can include|
|Identity Data||First name, surname, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender, picture, NI number, password, copies of passports or other forms of identification.|
|Contact Data||Your home address, work address, billing address, email address and telephone numbers, Skype, Linkedin and facebook id’s|
|Professional Background Data||Educational and professional history, interests and accomplishments, job role, current and previous employer information, third-party recommendations, projects and diary submissions, professional resumes and CVs, also any academic or professional qualifications.|
|Transaction Data||Any details about payments to and from you and other details of subscriptions and services you have purchased from us. Data in respect of your transactions with third parties.|
|Content Data||Any content you post to the Services not already included in another category, including without limitation, your profiles, questions, preference settings, answers, messages, comments, and other contributions on the Services, and metadata about them (such as when you posted them) ( "Content").|
|Communications Data||Your preferences in receiving information from us and our external parties and your communication preferences. If you correspond with us by email or messaging through the Services, we may retain the content of such messages and our responses.|
|Technical Data||Your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website or use our services.|
We may also collect and use "Aggregated Data" such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data, but once in an aggregated form, it will not constitute Personal Data for the purposes of the GDPR as this data does not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy & Cookies Policy.
No special categories of Personal Data
We do not collect any "Special Categories of Personal Data" about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
We generally use Personal Data for the following: to deliver and improve our services; to manage your membership and provide you with services stated within your membership criteria.
In respect of each of the purposes for which we use your Personal Data, the GDPR requires us to ensure that we have a legal basis for that use if you are within the United Kingdom and/or EU. The legal basis depends on the Services you use and how you use them. This means we collect and use your Personal Data only where:
- It satisfies a legitimate interest (which is not overridden by your data protection interests) and information pertaining to an individual is considered within the Public Interest.
- We need to process your data to comply with a legal or regulatory obligation.
We may also rely on your consent as a legal basis for using your Personal Data where we have expressly sought it for a specific purpose. If we do rely on your consent to a use of your Personal Data, you have the right to change your mind at any time (but this will not affect any processing that has already taken place).
We have set out below, in a table format, more detailed examples of relevant purposes for which we may use your Personal Data.
|Purpose||Why do we do this?|
|Providing, updating, and maintaining our Services||To deliver the services you have requested, including, for example, registering you as a user, managing your membership and profile, and authenticating you when you log in.|
|Processing payments||To process payment for any purchases, subscriptions or bookings made on our website, via the telephone or written communication to protect against or identify possible money-laundering or other fraudulent transactions, and otherwise as needed to manage our business.|
|Research and development||To enable us to improve the Services and better understand our users and the markets in which we operate. For example, we may conduct or facilitate research and use learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns, areas for additional features and improvement of the Services and other insights. We also test and analyse certain new features with some users before introducing the feature to all users.|
|Communicating with users about the Services||To send communications via email and within the Services, including, for example, responding to your comments, questions and requests, providing customer support, and sending you technical notices, product updates, security alerts, and administrative, billing and membership management related messages. We may also provide tailored communications based on your activity and interactions with us. For example, we may provide you with updates regarding events and training courses, notify you of CABE initiatives, and provide information regarding your CABE membership. These communications are part of the services provided and in most cases, you cannot opt out of them. If an opt-out is available, you will find that option within the communication itself or in your membership settings.|
|Communication with volunteer members/Panel members||Communication with Regional Officers and Committees in order to service the needs of both parties to provide local services to our members. Information provided to Regional Officers is issued in line with individual privacy statements. Communication with Panel members to support the membership application process.|
|Providing customer support||To resolve technical issues you encounter, to respond to your requests for assistance, comments and questions, and provide other membership support.|
|Enhancing security||To keep our website, our Services and associated systems operational and secure, including, for example, verifying memberships and activity, monitoring and investigating suspicious or fraudulent activity and to identify violations of our terms and policies.|
|Complaints casework||In order to protect the public interest CABE has a disciplinary policy which enables the board to respond to complaints made by the public about the conduct of CABE members. We need to hold evidence submitted and casework files as part of this process in order to ensure that we can take suitable actions against members whose conduct is deemed not to be aligned with the Code of Professional Conduct.|
|Driving engagement with the services and third-party products and services||To send promotional communications that may be of specific interest to you, including, for example, by email and by displaying products, events, promotions and other information on our website or other companies' websites. You generally can control whether you receive these communications as described in this policy under Communications Preferences.|
|To comply with applicable law, legal process and regulations and protect legitimate interests||As we believe is reasonably necessary to comply with a law, regulation, order, subpoena, rule of a self-regulatory organisation or audit or to protect the safety of any person, to address fraud, security or technical issues, or to protect our legal rights, interests and the interests of others.|
What happens when you do not provide necessary Personal Data?
Where we need to process your Personal Data either to comply with law, or to perform the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with the functionalities of the services). In this case, we may have to stop you from using our Services.
We may share your Personal with third parties in the ways that are described in the table below. We consider this information to be a vital part of our relationship with you.
|Recipients||Why we share it|
|Our Affiliates/Partners||Our affiliates/partners may access your Personal Data to help us develop, maintain and provide our services and help manage our external relationships.|
|Volunteer Members||Our volunteers may have regulated access to limited Personal Data to assist us in the development and delivery of services and with regional and local liaison and engagement, the use of this data will be managed in line with the relevant Privacy Statements. They may also access your Personal Data to assess applications, participate in Association panels including membership and awards and to manage the delivery of other events such as conferences, CPD seminars and training courses.|
|Regional Officers||Our Regional Officers receive monthly membership data in order to assist us in the development and delivery of services and engagement/liaison at a regional and local level, the use of this data will be managed in line with the relevant Privacy Statements.|
|Service Providers||Our service providers provide support for our services, including, for example, website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis, identity verification, background and compliance reviews, and other services for us, which may require them to access or use Personal Data about you.|
|Professional Advisers||Our lawyers, accountants, bankers, auditors, insurers and other qualified professionals may need to review your personal data to provide consultancy, compliance, legal, insurance, membership and similar services.|
|Legal and Taxing Authorities, Regulators and Participants in Judicial Proceedings||CABE may disclose your Personal Data if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, rule of a self-regulatory organisation or audit or to protect the safety of any person, to address fraud, security or technical issues, or to protect our legal rights, interests and the interests of others.|
|Communication with all viable internal and external contacts||Tailored communications are sent to all members and those held as non-member contacts who have consented to receive communications from us through a variety of communication channels in order to ensure they are aware of future events, training and initiatives undertaken by the Association.|
|Communication with third parties and external contacts||Communications involving member information are regulated by the use of Non-Disclosure Agreements alongside privacy statements in order to ensure the Association remains compliant.|
|To comply with applicable law, legal process and regulations and protect legitimate business interests||As we believe is reasonably necessary to comply with a law, regulation, order, subpoena, rule of a self-regulatory organisation or audit or to protect the safety of any person, to address fraud, security or technical issues, or to protect our legal rights, interests and the interests of others.|
In addition, Personal Data you choose to add to your membership profile will be available for public viewing on the site under the CABE Member Directory. You can control the data that is displayed, including telephone number, address, e-mail address and a personal biography. By submitting this information to your public profile, you understand that you may be contacted by other CABE members or members of the public in relation to the services that you offer.
Under the conditions of the Royal Charter, CABE publishes an online list of Chartered Members which is visible to all website users. Chartered Members are not able to opt-out of this list. The information published contains your name, membership number and region.
We may also share non-Personal Data (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain Services or conduct independent research based on such anonymous usage data.
If you request that we remove your Personal Data as described in Your rights relating to your Personal Data, we will convey that request to any third-party with whom we have shared your data. We are not, however, responsible for revising or removing your Personal Data obtained by any third party who has previously been provided with your information by us in accordance with this policy or any third party to whom you have provided such information (whether by sharing your login and password, or otherwise).
We will retain your information for as long as your membership is active or it is reasonably needed for the purposes set out in ‘How We Use Your Personal Data and Why’ unless you request that we remove your Personal Data as described in ‘Your Rights Relating to Your Personal Data’. We will only retain your Personal Data for so long as we reasonably need to use it for these purposes unless a longer retention period is required by law (for example for regulatory purposes). This may include keeping your Personal Data after you have deactivated your membership for the period of time needed for us to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.
Personal Data that you provide us may be stored, processed and accessed by us, our staff, sub-contractors and third parties with whom we share Personal Data in the United Kingdom or elsewhere inside or outside of the EU for the purposes described in this policy. We may also store Personal Data in locations outside the direct control of CABE (for instance, on servers or databases co-located with hosting providers).
CABE uses industry-standard physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality. We cannot, however, ensure or warrant the security of any information you transmit to CABE or guarantee that your information on the Services may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, managerial, or technical safeguards.
We have put in place procedures to deal with any actual or suspected Personal Data Breach. In the event that personal information is compromised as a result of such a breach of security, CABE will promptly notify those persons whose personal information has been compromised, in accordance with the notification procedures set forth in this Privacy & Cookies Policy, or as otherwise required by applicable law.
CABE cannot ensure that your Personal Data will be protected, controlled or otherwise managed pursuant to this Privacy & Cookies Policy if you share your login and password information with any third party, including any third party operating a website or providing other services.
You can ask us to stop sending you communication messages or modify your email preferences at any time through any of the following methods:
- by following the opt-out links on any marketing message sent to you; or
- through your membership settings at cbuilde.com/members-area;
- by contacting us at any time using the contact details in Who We Are and How to Contact Us.
However, if you wish to restrict or block cookies which are set as a result of visiting this website, or indeed any other website, you can do this with your browser settings. The Help menu within your browser should tell you how to do this. Useful information about cookies and how to control them on a wide variety of browsers can be found at www.aboutcookies.org.
Please be aware that restricting cookies may impact on the functionality of this website.
This site uses a limited number of third-party suppliers to provide specific functionality and these cookies are included in the list below. Further information on the nature of the information collected and the options you have to control these are provided as links in this list.
|JSESSIONID||JSESSIONIDUsed to store a unique random identifier for each visit to this website. No other information is written to this cookie on your computer/device. This cookie is required by the webserver software to remember certain settings such as whether you have logged into the site. This cookie is destroyed each time you close your browser and all information stored against this unique identifier is automatically deleted from the server 30 minutes after your last access of the website. This cookie is essential to ensure that all website functionality is available to you. For normal visitors, no information will be stored in the session and will only be used for administrative access to the CMS (i.e. only used for site administration).|
|cookies||Used by the privacy module to store the fact you have implicitly agreed to having cookies set on your machine by proceeding past the warning notification. This cookie is set each time you view any page on a site using the privacy module, and expires 90 days after the date you last visited the site. If this cookie is not set you will see the cookie notification on every page you visit, instead of merely the first one.|
|This website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets cookies in order to evaluate your use of the website and compile reports for us on activity on the site. Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using the website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. How to reject or delete this cookie
|Set by Google’s CAPTCHA form-authentication system ReCAPTCHA to save user-settings between different views of the ReCaptcha system. This cookie is set by a third party system and it expires exactly two years after it is first set. If you block this cookie you can still use the form authentication system.|
|Set by a number of Google services and libraries to store any user-preferences and to track users from site to site. As this cookie is set by a third party system it is impossible for us to specify under exactly which conditions it is set, but it appears to be set when the user views a page containing any one of a number of Google services (including ReCAPTCHA, embedded Google Maps and the like), and expires after six months. If this cookie is not accepted then Google will not be able to track users between different sites.|
|TinyMCE||This cookie only exists for administrators of the CABE website and is set by TinyMCE WYSIWYG editor when a user resizes the WYSIWYG editor pane in order to remember how large the user would like their WYSIWYG editor pane in future. It expires as soon as you close your browser. This cookie will not be set for regular users of the CABE site.|
|3Si OMWebtoolsSession||Set by 3Si’s OM.Net WebTools (the CRM system’s web front-end) when you log into the members' area. It expires as soon as your browser is closed. If this cookie is not set you will be unable to book events or navigate the members' area once logged in.|
|3Si ASP.NET_SessionId||Set by 3Si’s OM.Net WebTools (the CRM system’s web front-end) when Log into the members' area. As this cookie is set by a third party system it is impossible for us to specify under exactly which conditions it is set. It expires as soon as your browser is closed. If this cookie is not set then the third party functionality around the members' area and event bookings will not function|
|3Si WebToolsParam||Set by 3Si’s OM.Net WebTools (the CRM system’s web front-end) when you hit the event booking page. As this cookie is set by a third party system it is impossible for us to specify under exactly which conditions it is set. It expires as soon as your browser is closed. If this cookie is not set then the third party functionality around the members' area will not function|
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
This Privacy & Cookies Policy applies only to the Services offered by CABE. The Services may contain links to other websites not operated or controlled by CABE. We are not responsible for the content, accuracy or opinions expressed in such websites, and such websites are not investigated, monitored or checked for accuracy or completeness by us. Please remember that when you use a link to go from the Services to another website, our Privacy & Cookies Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our Site, is subject to that website's own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.
We reserve the right, in our sole discretion, to change, modify, add, or remove portions of this Privacy & Cookies Policy at any time. Any changes or updates will be effective immediately upon posting to this page You should review this Privacy & Cookies Policy regularly for changes. You can determine if changes have been made by checking the Effective Date below. Your continued use of our services following the posting of any changes to this Privacy & Cookies Policy means you consent to such changes.
The information on this page was last updated on Tuesday, 24 July 2018.