This is the privacy notice of Intelligent Transport Systems, ITS UK. In this document, “we”, “our”, or “us” refer to ITS UK.

We are company number 02777485 registered in the United Kingdom.

Our registered office is at 107 Tower Bridge Business Centre, 46-48 East Smithfield London E1W 1AW.

ITS UK acknowledges that the lawful and correct treatment of personal data and information is crucial and is fully committed to the principles of data protection, as set out in the General Data Protection Regulation (GDPR).

Introduction

This privacy notice explains and will attempt to help you understand what information is collected, how we use this information and what to expect when ITS UK collects and processes it.Under the General Data Protection Regulation (GDPR), ITS UK is termed as a ‘data controller’ which means that we are responsible for how and why personal data is used and processed. ITS UK has appointed a Data Protection Officer – Mr Rukshan Soysa who can assist with any questions or queries regarding this privacy policy, rukshan.soysa@its-uk.org, +44 (0)20 7709 3005.

What information do we collect and receive about you

We collect personal data and information about you when you register with us as a member and/or subscribe to our newsletter.  We have an interest in ensuring that you receive only the communication that is relevant and applicable to yourself. The types of personal data we hold are listed below:

  • Your full name and title
  • The name and address of the organisation you work for or are associated with for the purposes of your membership of ITS UK
  • Your organisation email address or your personal email address if you have specifically asked us to contact you this way.
  • Your organisation telephone number (again, never your personal telephone number unless you have told us you prefer us to contact you this way).

We will use the personal information above to create a relationship with you and deliver the services you have told us you wish to use or to send you information that you have requested e.g. weekly newsletter, interest group mailouts, invitations to speak at events or conferences. We may also offer you the opportunity to receive additional information about our activities or those of our members, supporters, service providers and partners. You may opt out of this at any time by contacting us.

How we use the information about you

Information that you supply will be treated in confidence and in accordance with the principles of the GDPR.

We store this information on “Dropbox”, a third-party provider and a safe and secure database.  This information is kept as accurate as possible – all of our staff regularly take responsibility for keeping this database up to date and have been trained in data protection.  For further details please see Dropbox’s privacy notice here.

We use another third party-provider, MailChimp, to deliver our weekly newsletter mailouts to our members. With this we gather automated statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our newsletter. For more information, please see MailChimp’s privacy notice here.

We use Twitter and LinkedIn, to manage and handle our social media interactions. If you send us a private or direct message then we will store this for 3 months before deleting the correspondence. This will not be shared with anyone else.

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

In addition, we do also have hard copies of data, securely and safely stored in the office and this information is never shared.

We will amend your personal record as soon as you tell us that your details have changed (e.g. a change of job title or an organisation name). If you leave an organisation and would like us to delete your record, this will be done as soon as we are informed.

In summary, ITS UK communicates with you through certain means and on the following basis –

  • Newsletter mailouts, interest group mailings, invitations to events or to speak at meetings and conferences.You can opt out of these at any time.
  • Responding to queries, feedback or requests.If you contact us with a problem or question, we will use your information to respond.
  • Informing you about operational changes or to provide you with formal documentation as part of your membership –for instance services and administrative emails (e.g. an agenda for an upcoming meeting/event), billing information, key sector level information or offers that you may wish to benefit from, and important service related notices, such as security and fraud notices. These emails and messages are considered an essential part of the services provided by ITS UK and you may not opt-out of them unless someone else in your organisation is willing to be contacted instead.

We will not share any of the information you provide during the period of your membership with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.

Basis for information processing – why we use the information about you

All of the information you provide will only be used for the purpose of progressing your application and for its intended purpose, or to fulfil legal or regulatory requirements if necessary.  We ensure that we collect only the minimum personal data necessary and kept for only as long as necessary, after which it is deleted from our database.

There are certain bases under which we process different categories of your personal information. The four categories explained below are applicable from an ITS UK perspective –

Contract Obligations/Agreements

When an account is created via our website, or your organisation applies for membership via another means such as email or post, and an authorised representative has agreed to our terms and conditions, then a contract is formed between yourselves and ITS UK.  In order to carry out these obligations, the information that you provide us, personal or otherwise must be processed accordingly.

Consent

Certain actions by yourself require no contractual obligation, for example simply browsing our website or inquiring about events that we run. On the other hand, subscribing to our newsletter or becoming a fully paid up member would involve entering into a contract as explained above.  However, if, during the course of any of these actions you provide us with personal information, then you also now have to provide us with consent.

We aim to obtain your consent to process any personal information through an opt-in process. Essentially this means that whenever you will be asked for personal information by ITS UK you will first be asked for your explicit consent by us – that you are content and in agreement that we will process your data and information in a legal and safe manner and for a specific purpose.  This consent has to be stated clearly and explicitly and must be an active traceable action by the individual rather than passive acceptance through pre-ticked boxes or opt-outs.

Separate consent language may need to be provided for different types of data usage and processing e.g. different formats for emails or texts and types of communications (marketing emails or event updates).

The withdrawal of consent can also easily be exercised at which point we will discontinue processing your information.

You may withdraw your consent at any time by instructing us wirving@its-uk.org.uk.

Legal obligation

On occasions we must process your personal information in order to comply with a statutory obligation. For example, we may be required to provide information to legal authorities upon their request or if they have proper authorisation.

Legitimate Interest

If you have expressed a specific interest e.g. joining a particular ITS UK Forum, then this gives us the basis to process your information in order to exercise this legitimate interest appropriately.

Other information we may retain

ITS UK may also collect and receive:

  • Billing and other information: members pay a subscription to ITS UK depending on the type of membership purchased. In doing so, we may collect and store the billing address, credit card information or other payment methods provided to us by yourself or your organisation. Credit card and personal banking information will be destroyed and discarded immediately once the payment has been processed and confirmed.
  • Service usage information: from time to time, we conduct surveys and interviews with individuals and organisations from the sector. We will explain any specific privacy notices as part of the activity, should it differ from this privacy policy.
  • Website traffic and newsletter readings: we also store some information to enable us to see how popular pages on our website are and news items in our newsletters. This typically involves assessing aggregate level information, such as IP addresses. Analysing this information allows us to tailor our services to meet your needs.

How do we protect the security of your information?

ITS UK takes the security and privacy of your personal data seriously taking into account the potential sensitivity of this information. Various organisational and technical measures are taken to protect information you provide to us from loss, misuse, and unauthorised access, alteration or disclosure.  All staff are trained to handle this information appropriately and in accordance with principles set out in GDPR.

The personal data you provide in order to enable us to treat you as a Member is held on our Members Database which is stored securely and only accessible to accredited and appropriately trained staff.

To learn more about current practices and policies regarding security and confidentiality of Customer Data and other information, please contact our Data Protection Officer here.

Cookie policy

Like most other organisations, ITS UK uses cookies on its websites.

Cookies are small text files sent by us to your computer and from your computer or any other related device to us each time you visit our website. Cookies do not identify the individual user, just the computer used.

Cookies provide information to the website owner and some are essential to allow parts of the website to operate. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.

ITS UK uses third parties like Google Analytics for website analytics. You may opt-out of third party cookies from Google Analytics by clicking here.

When can we share and disclose your information 

For the majority of the time, we do not share the information described in this privacy policy with other organisations. However, on occasions where we run a joint event with another organisation, we do share information such as your name, email address, the organisations you work for and any special dietary or accessibility requirements for use only for that event. This is necessary in order to run the event.

You can determine your own preferences for such sharing and disclosure by contacting us at any time.

ITS UK may also share information with others as follows:

  • With third party service providers and agents: We may engage third party companies or individuals, such as third-party payment processors, mailing houses etc, to process information on our behalf.
  • To comply with laws: To comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
  • To enforce our rights, prevent fraud and for safety: To protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud.

Requesting access about the data we have

You have the right to access the information we hold about you.  This is called a subject access request.  To make this request please contact our data protection officer, Rukshan Soysa here or on 020 7709 3005.


First party cookies:

Here’s a list of the cookies we use, and what we use them for:

CookieNamePurpose
ITSUK_jidWe use a session cookie to remember if you are currently logged into the members section of the website.
Cookiecookie_acceptWe use a persistent cookie to remember when you have closed our website cookie usage message.

Third party cookies:

We may also store cookie files from third parties related to settings for embedded content on our website. We don’t control these cookies or the information they contain. You should check the relevant third-party website for more information about their cookies.

CookieNamePurpose
Disqus Blog_utma, _utmb, _utmc, _utmz, testCookieUsed by third party Disqus as part of their user comments tool that is featured across the ITS UK web site.