The following Privacy Notice is a summary of the IWW Privacy and Data Protection Policy. Please read the full text of our Privacy and Data Protection Policy at the following page: https://iww.org.uk/privacy
We are committed to keeping your data secure and to never using it in ways you would not expect.
The IWW is the Data Controller for the personal information you provide when interacting with the IWW, participating in the IWW and using its services. We use this data to improve our work as a union.
The principal lawful basis for our collecting and processing personal data is the IWW pursuing our legitimate interests as a trade union (namely, when we collect and process personal data from membership applicants and members, or when people contact us). In certain cases of supplementary personal data collection and processing, we will do so on the basis of your informed consent (in particular, when we collect data that is considered sensitive and specially protected under data protection laws, or specific instances where we intend to share your data with third-parties not listed in our Privacy and Data Protection Policy, or when we actively solicit data from non-members).
Please click here to see the full list of personal data we may collect and how we may collect it.
Please click here to see the full list of purposes for which we may collect personal data.
As a trade union, we have a statutory requirement to keep an accurate register of members’ names and addresses. If you wish to be an IWW member, you must provide this information to us.
As with most websites, the IWW uses cookies to improve our users’ experience. Cookies may also collect personally identifiable information. Our cookies policy explains which cookies we use and why, along with where you can find more information about cookies.
We may disclose information about you to IWW officers, staff, administrators, organisers, accredited IWW trainers, accredited IWW worker’s representatives (‘Reps’), or any other IWW Data Processors, insofar as reasonably necessary for the lawful bases and purposes as set out in our Privacy and Data Protection Policy, our Rule Book and our Manual of Policies and Practices.
All IWW Data Processors must sign a Data Processor Agreement with us, in which they commit to comply with our Privacy and Data Protection Policy and with applicable UK data protection laws.
The IWW will not disclose any of your personally identifiable information to any third party unless it is justified by:
- the lawful basis of pursuing our legitimate interests as a trade union, and the data is shared as described in the full text of the IWW WISE-RA Privacy and Data Protection Policy;
- or it is necessary to fulfil our contractual obligations;
- or we have your explicit consent to do so;
- or it is necessary to protect someone’s life;
- or we are required to do so by law.
We do not routinely transfer your data outside of the UK or the European Economic Area (which share the same data protection standards). However, if it is necessary, we will ensure appropriate data protection measures (as applicable under UK law) are in place.
You have rights as a data subject. These rights include: subject access; erasure; rectification; the right to restrict or object to processing; the right to data portability; and the right to complain to the Information Commissioner’s Office (ICO).
The IWW is fully committed to upholding these rights. If you believe we have not done so, please get in touch so that we can put things right.
Where you have given consent for the IWW to process your data, you may withdraw it at any time by contacting us, as well as exercise all your data subject rights listed above.
Where we collect and process your data on the basis of pursuing our legitimate interest as a trade union (namely, for members), you likewise can exercise all of your rights listed above, but keep in mind that as a Trade Union, we have statutory requirements as well as other lawful bases to hold and process certain essential elements of members’ personal data, without which their membership in the IWW cannot be maintained.
Subject access requests, the provision of data portability, or requests of erasure, rectification, or to restrict or object to processing of your data may be refused or partially refused by the Data Protection Officer in certain cases as provided by the relevant legislation or regulatory authorities. These grounds for refusal are outlined for each type of request on the Information Commissioner's Office Website. Data erasure requests and subject access requests, in particular, may be refused in part or in whole if the data are relevant to, or if you are subject to, any formal internal process reasonably requiring the data to be retained, such as a formal complaint or investigation, or if the Data Protection Officer decides the data needs to be retained for any reason compatible with the present Privacy Policy or as provided by the relevant legislation or regulatory authorities.
You can opt-out/unsubscribe from receiving emails and communications from us at any time. Opt-out/unsubscription methods will be accessibly signposted in our regular communications. However, we will retain the right to send you a minimal number of important communications for the purposes of pursuing the legitimate interests or meeting the statutory requirements of the IWW as a trade union (namely for union ballots and communicating our Annual Returns Statement).
We will keep your personal data confidential and will take appropriate measures to protect it against loss, theft or misuse and to safeguard your privacy. The IWW uses industry standard efforts to safeguard the confidentiality of your personally identifiable information
We retain your data only for the period necessary to enable us to fulfil the purpose(s) for which we collected it, to comply with our legal obligations and/or whilst we maintain your consent or a legitimate interest in retaining it.
Personal data about members in good standing and any personal data we hold about non-members will be retained in our Membership Database and/or organising and casework records for as long as members remain in good standing or we maintain a lawful basis and purpose to retain it according to our Privacy and Data Protection Policy and the applicable legislation.
Additionally, the standard retention period is 7 years, In the IWW WISE-RA Membership Database and/or in our organising and casework records, for personal data about lapsed, cancelled or deceased members, and for personal data about non-members, where we no longer maintain a lawful basis and purpose for retaining the data longer according to our Privacy and Data Protection Policy or applicable laws. At the end of this standard retention period, the personal data will be erased (either deleted, or anonymised so that it is no longer personally identifiable), except in rare cases where we maintain a lawful basis and purpose for retaining it for longer. If you make a legitimate personal data erasure request, your personal data may be erased (deleted or anonymised) sooner than this.
By default, contents that you have emailed, posted or uploaded yourself via IWW communications services (email accounts, email lists, internal chat, forum, file repository, etc.) will remain indefinitely stored and visible to users on those platforms, even if you are no longer a member, unless you delete them yourself or explicitly request their erasure (the default, when we apply such requests, is anonymisation).
Likewise, on third-party communications (or data processing) platforms where you have given your consent to the IWW to share your personal data in order to connect/subscribe you and communicate with you (e.g., Whatsapp or Signal chat groups, Slack Channels, Loomio, etc.), contents that you post may remain indefinitely stored there unless you take action to delete them yourself or request their erasure by that third party Data Controller. You can ask us us to remove the subscription/connection/contact-data, that you had initially given us to add/subscribe you to a third-party platform, and we will comply with your request (except in rare cases where we maintain a lawful basis to delay or refrain from doing so), but we cannot, on your behalf, erase the content you posted yourself from those platforms, and it is your responsibility to do so.
If you have any questions or concerns about our Data Protection and Privacy Policy or would like to request access, deletion or restricted use of your personal data directly from the Data Protection Officer, you can send an email to the IWW Data Protection Officer (click here); members can also do this by clicking here to submit a request via the members’ website contact form (password protected site) (select the ‘Personal data requests’ category), or by post at the following address:
Data Protection Officer, IWW, PO Box 111, Minehead, TA24 9DH, United Kingdom.