Privacy
This Privacy Policy describes the manner in which SFIA Foundation collects, uses, maintains and discloses information collected from users through our website by accessing our services and information collected from Individuals and Partners as part of the SFIA accreditation scheme. This privacy policy applies to the SFIA website and all products and services offered by the SFIA Foundation.
This Privacy Policy reflects data protection law (GDPR) and aims to provide users a clear understanding of how the SFIA Foundation manages all user data.
This privacy policy applies to all products and services offered by the SFIA Foundation. This Privacy Policy does not apply to any third party applications or software that integrates the SFIA Framework or any other third party products, services or business.
Information we collect
In order for you to create an account with SFIA and use our Services, we need to collect and process certain information. Depending on your use of the Services, that may include:
Personal identification information when you register on the website or when applying and maintaining Accreditation/Partnership Status. Users, including SFIA Accredited Consultants and Partners and those applying for SFIA Accreditation (“Users”) may be asked for, as appropriate; name, email address, postal address, country of main operation, telephone number and billing information. We will solely process this information to provide you with the service you signed up for.
When sharing ‘Opted in’ user data with Partner organisations, the foundation will ask them to comply with the current regulations and they will be explicitly notified not to share user data with any other third Party.
SFIA will request that these organisations contact SFIA ‘opt in’ users directly on receiving the list to obtain permission to hold their data and to reconfirm that they continue to accept contact in this manner. SFIA will never sell/pass users personal information on to third party organisations without user’s permission.
We will not use ‘user names’ or ‘company names’ in any marketing statements (Including accreditation listings on the SFIA website) without first obtaining the users’ permission in writing (normally this will be collected via Email).
If you Contact us via email — for example, when you ask for support, send us questions or comments, or report a problem, we will collect your name, email address, message, etc. We use this data solely in connection with answering the queries we receive.
We also collect non-personally-identifiable information about users to tell us about the number and location, interests and native language of website users. This may include: The website from which you visited us from, the parts of our app you visit, the date and duration of your visit, your anonymised IP address, information from the device (device type, operating system, screen resolution, language, country you are located in, and web browser type) you used during your visit. We process this usage data for statistical purposes, to improve our site and to recognize and stop any misuse.
Web browser cookies
Our site uses ’cookies‘. These are small files which are saved to your device and can be read by our website. We do not use 'third-party cookies'. The cookies we use record the language you prefer and ensure that logged-in users stay logged-in between pages during a session.
We may also use cookies to return information to Matomo Analytics, which in turn gives us anonymous statistical data about who uses the site. You can choose to set your web browser to refuse cookies, or to alert when cookies are being sent. If you refuse all cookies, you will not be able to log in to the site easily.
How we use user data
If you agree to be contacted by us, we will tell you about changes and developments in SFIA and occasionally ask you about how you use or plan to use SFIA. This information is used to help the Foundation understand how SFIA is used by individuals and organisations and to support future updates. From time to time, we may send you relevant marketing materials such as planned conferences and events, SFIA training dates, releases of SFIA products and service and copies of the SFIA newsletter,
In the licencing of SFIA Partners and Consultants, we collect information when you request accreditation. We collect and store this personal data in a database stored on Sharepoint for the performance of a contract, and as part of our legal obligation for business accounting and tax purposes.
The option of being listed publicly on the SFIA website is provided on accreditation and we will not list you unless you provide written confirmation (normally via email).
As a registered user on the SFIA website you can edit your data at any time by logging in and making the relevant changes to your account. Partners, training providers, Consultants and Practitioners who no longer wish to be listed as a SFIA user or Partner can contact the SFIA Business Administrator at any time and ask for their information and account be deleted from both the website listings and the Accreditation database stored on Sharepoint.
If you agree to be contacted by SFIA Foundation Accredited Partner organisations, you may receive relevant marketing and promotional material, training and event dates and SFIA product and service information etc.
Your rights
You have the right to access the personal information we hold about you at any time You can have inaccurate data corrected or removed (where permitted by law). You can object to or restrict the use we make of your data. You can request this by logging onto the SFIA website to view/change details on your online account, or by contacting the Business Administrator at [email protected]
Sharing and disclosing your personal information
We will not share your personal data outside the SFIA Foundation without your permission unless we are legally obliged to do so. Personal information is stored on our website servers and some data is held and updated on databases stored on Sharepoint. For the purpose of SFIA email marketing, data including a user’s name, email address and country are stored on Mailchimp under the SFIA Account on https://mailchimp.com/ for the purpose of SFIA Marketing and update Mailings.
The SFIA website maintenance/development is currently performed by Deburen https://deburen.uk and Zest software https://zestsoftware.nl They have access to the SFIA website, servers and they manage the website data and safety backups.
SFIA Accounts are processed by the BCS Accounts team: BCS, The Chartered Institute for IT 3 Newbridge Square, Swindon SN1 1BY
An accounts audit is completed annually by AZETS Address: Carnac Place, Cams Hall Estate, Fareham, Portsmouth, Hampshire, PO16 8UY
In the case of SFIA Accreditations copies of the relevant SFIA licence may be sent to the SFIA Business Secretary. JTC (UK) Limited: The Scalpel, 18th Floor, 52 Lime Street, London EC3M 7AF
The only information we provide them with is Partners name, address and order/licence details and or those that meet business and legal requirements.
Instructions for third party SFIA data holders
If Organisations have ‘opted in’ for contact from a SFIA Partner organisation we will from time to time, or on request of the third party, provide a list of SFIA users who have ‘opted in’ for contact. This information may be sent, to countries outside of the European Union. When this information is sent we require that these third Parties store, hold and use user information correctly as per current European legal requirements. The SFIA Foundation requires that this data is not shared externally from the organisation without first obtaining permission from the user.
Those holding SFIA user data for legal obligation and or for business accounting and tax purposes will be asked to ensure that they are in compliance with current European legal requirements.
Consequences of users not providing their data
If users choose not to provide the data that we have requested, they will be not be able to progress with their registration on the SFIA website and will subsequently be unable to download a copy of the SFIA Framework.
In the case of Partner and Consultant accreditation, due to the invoicing and licensing process, if the information we request is not provided then we will be unable to offer accreditation and they will not be able to exploit the SFIA Framework commercially.
Data retention
We keep data for five years following the termination of a licence unless there are outstanding fees in which case data will be retained until five years after debts are paid.
In the case of free-of-charge licences, data will be held for a period of seven years.
Lodging a complaint
You have the right to complain about the way your data has been handled at any time by contacting either the business administrator at [email protected] the Operations Manager at [email protected]. If you feel that your complaint has not been dealt with satisfactorily, you have the right to ask for your complaint to be passed on to the SFIA Board for resolution.
You have the right to ask us to change or remove your data from our records at any time. We will close your account on request.
Privacy Policy Changes
We may update this policy from time to time. If we do changes will be published on the website.