Here at the Employee Ownership Association (EOA), we take privacy very seriously. This notice is written in the clearest way possible so you fully understand how we treat any personal information or personal data (any information about you which is personally identifiable). We encourage you to read this notice carefully. We appreciate there is a lot of information here, however we believe it is important for you to know how we treat your personal information. If anything is unclear, or you need further information, you just need to get in touch with us.
Amendments and updates to this Privacy Notice may be made from time-to-time. Any revisions will be posted on this page, so you will always be aware of what information we collect and how we use that information. Please review this page regularly so that you are aware of any changes.
Who we are
For the purpose of data protection legislation, the data controller is the Employee Ownership Association Limited (EOA), company registration number: 1419899, whose registered and correspondence address is: Mercury (Ground Floor East), Building 131, Humber Enterprise Park, Aviation Way, Brough, East Riding of Yorkshire, HU15 1YJ.
We are a not for profit organisation whose main aim is to raise the profile and awareness of employee ownership as a model of business ownership. To do this, we deliver a membership proposition to organisations that are either: employee owned, exploring/considering employee ownership as a model of ownership or those who offer support to employee owned businesses. Our services are generally intended to be used by organisations and membership is usually with an organisation, but to deliver our membership proposition, we engage with individuals who work in member or enquiring organisations, along with stakeholders with a mutual interest in this type of ownership or businesses models/ownership.
For simplicity throughout this notice, ‘we’ and ‘us’ means the Employee Ownership Association (EOA).
Where do we gather information?
We collect information from you when you contact us:
- via the phone, our website or social media;
- when we meet you in person;
- directly via email;
- if you respond to a research request regarding the EO sector;
- we research your organisation due to a mutual interest in employee ownership / business structure;
- you register for the UK Employee Ownership Awards, that are managed by the EOA
- if your organisation is referred to us by an existing contact of the EOA; or
- you register to attend an EOA or EO related event
If the organisation you work for becomes a member of the EOA, they also share with us key contacts within their organisation – in order for us to fulfil our obligation of delivering membership services.
In all of these instances, data is collected, stored and processed within our systems.
We hold data on electronic systems and in some instances in paper format, which is held securely at our contact address.
What information do we hold and use?
The information we store and process includes personal information, such as your full name and email address. In some instances, we may also record your social media username, which may identify you individually.
We also collect non-personal data such as your work telephone number, job title, business address and department. In addition, we also collect information relating to your organisation, including, but not limited to: company name, company annual revenues, the type of industry, number of staff and current ownership structure. Unless you are a sole trader or partnership – organisation information is not generally ‘personal data’.
We also keep a record on any interactions we have with you and your organisation, any events you attend, any questions you may ask or support you request.
How we use your personal data and the legal basis we rely on
We want to give you the best possible experience when we are in touch with each other.
We use your information in the provision and administration of the services/materials that you and/or your organisation have requested and/or to respond to your queries.
We may also use your information to meet our legal obligations, to deal with any complaints and for the enforcement of our terms and conditions.
We may use your information for our legitimate business interests and contractual obligations which includes delivering our membership proposition to you, understanding the sector via undertaking research or, if you are not a member of the EOA – to fulfil both your and our mutual interest relating to the employee ownership sector.
Our legitimate business interest may also include for security purposes, making improvements to our website, to personalise or enhance the member experience, to improve our services and for general marketing purposes.
In specific situations, we may collect and process your data with your consent.
We will not collect and process your personal data where our interests are outweighed by your interests, rights and freedoms. We may also use your information for a particular purpose that we have made known to you, where you have consented to us doing so.
If you wish to change how we use your data, you’ll find details in the ‘What are your rights?’ section of this notice.
In order to fulfil our membership position to our members and to correlate legitimate interests of the EOA and individuals identified as ‘stakeholders or enquirers’ we will regularly communicate, most often via email.
Our communications falls under four main categories:
Invitations: to events that form part of the EOA membership proposition, for example regional network meetings and the EOA Summer Dinner. Events that are relevant to the EO sector as a whole, for example The Robert Oakeshott Lecture, EOA Annual Conference or invitation to participate in the UK Employee Ownership Awards.
EOA & Sector News: News on organisations joining the EOA, member spotlights, case studies illustrating best practice and links to relevant reports and publications.
Research and Legislative Changes: Invitations to participate in EO related research, updates on research, relevant legislative framework and calls for responses.
Membership / Governance Updates: For example – Advising of changes within the EOA and its governance and notification of our Annual General Meeting.
As a business user of EOA services, our contacts will receive these communications as a matter of course. However, individuals can opt out of receiving such information from us by:
- clicking the unsubscribe link in any email marketing service generated email
- contacting the EOA via email: email@example.com; or
- via phone: 01482 667122
We will respect any existing preferences already notified to us.
Who do we share your personal data with?
We do not sell your personally identifiable information to third parties.
We do from time to time share your data in order to deliver our services to you, as detailed in this Privacy Notice.
In order to operate as a business we implement systems provided by third party organisations and use services provided by trusted suppliers. These organisations are known as ‘Data Processors’.
In the provision of these services to us, our Data Processors only have access to the information they need to perform their specific services. They only use your data for the exact purposes we specify in our contract with them.
We work closely with them to ensure that your privacy is respected and protected at all times and we work hard to ensure that they adher to the relevant data protection legislation.
If we stop using their services any of your data held by them is deleted.
Our Data Processors are:
- Integral IT
- 360 Accountants
- First Events
- Google Analytics
- Ken Lindsay
* Two of our suppliers host the data we provide to them outside of the European Economic Area (EEA). These are: Mailchimp and OpenWater. We check the safeguards that are in place in these countries in order to protect your personal data.
Employee Ownership Events:
We work annually with an event partner to deliver the EOA Annual Conference. As part of delivering our membership proposition or our mutual interest in employee ownership, your data will be shared with them. As part of our contract with them, they comply with all relevant data protection legislation. If attending the event, your name and organisation will also be shared with the event sponsors to facilitate such things as seating plans and the venue to confirm hotel bookings etc.
Part of the EOA Membership Proposition is delivering networking opportunities. In order to do this we engage ‘Regional Network Coordinators’. These coordinators facilitate the network events on behalf of the EOA. In order to do this, if you register to attend an event, your name and organisation name may be supplied to both the regional network coordinator and our event host. In all instances this is to facilitate and support attendance at the event only (examples of how the information is used for events: enabling access to the venue, for the production of a name badge and event sign in sheet).
How we protect your personal data
We take security of data seriously. All staff treat your data with the utmost care and take all appropriate steps to protect it. Access to personal data within our systems is password protected and all transfers to third party suppliers is undertaken securely.
We work with our IT suppliers to monitor security and assess risk.
We also know that some people who enquire to us are at the very early stages of exploring employee ownership and may not wish their staff, suppliers, customers or competitors to know. We understand and respect this and provide anonymity as required.
How long do we hold your data?
Members of the EOA:
We will hold your personal data for the duration of your organisations membership, unless you advise us to the contrary. If your organisation chooses to end its membership of the EOA; or you leave the employment of an organisation that is a member, we will retain your personal data for up to a further 12 months, in order to deal with any queries.
An exception to this is if you have at any point been nominated as our main contact or invoice contact. In this instance, your personal information may be retained for up to 6 years, to ensure adherence to UK legislation relating to holding of invoice information.
Enquirers to the EOA:
If you contact us to enquire about employee ownership or membership to the EOA we will retain your personal data for a period of 18 months following the date of first contact, unless we are still in active communication with you.
We will retain personal information on stakeholders for a maximum period of three years, at which point their relevance to the EO sector will be re-assessed before retention commences again or deletion occurs.
We will hold personal data relating to individuals who work for our suppliers for the duration of our business relationship, plus a further 6 months to deal with any queries. The only exception to this is if any of our named contacts are included on invoices to us in which instance this information will be retained for up to 6 years, to ensure adherence to UK legislation relating to holding of invoice information.
At the end of the retention period
At the end of the relevant retention period personal information will be deleted or anonymised from all of our systems and that of our data processors.
For non-personal data, for example, information on an organisation, we will retain this information indefinitely. This is to assist the EOA in understanding the size or potential size of the EO sector as a whole.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies via Google Analytics to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Cookies used by Employee Ownership Association:
|Cookie Name||Purpose||Expiry date|
|_utma||This cookie collects information on each unique browser that visits a page on our site and provides each user with a unique ID. The information collected is completely anonymous.||This cookie expires after two years.|
|_utmb||This is created when a user first logs onto the website and is used to calculate how long a visit takes.||This cookie will expire after thirty minutes.|
|_utmc||Works alongside _utmb to calculate how long a visit takes.||Expires when a user leaves the site.|
|_utmz||Is designed to provide information on the type of referral used by the visitor to reach our site.||This cookie expires after six months.|
|_atuvc||This cookie is used to track usage of on page social share buttons.||This cookie will expire after one year.|
|_qca||Used for user reviews and customer feedback.||Expires after three years.|
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
What are your rights?
You have a number of rights in relation to your personal information. You have the right at any time to:
- request details of the information we hold in relation to you and the source(s) of that information. You can request a copy of any personal data we hold about you. This service is usually free of charge, although we have the right to charge a ‘reasonable fee’ in some circumstances;
- request that we rectify any inaccuracies in relation to the personal data we hold;
- in some circumstances, request the erasure of your personal data
- object to the processing of your data and, if you wish, withdraw consent to us for processing your personal data.
- object to any direct marketing
- request that we restrict the processing of your data
- portability of your data
- request that your data is erased
You can make any of the above requests by contacting the Head of Operations & Finance at the EOA Office on 01482 667122 or via firstname.lastname@example.org.
Contacting the Regulator
If you have a concern about your rights or our use of your personal data, or you feel that we have not handled your data or enquiry relating to your data correctly – you can contact the Information Commissioners Office:
- Contact Number: 0303 123 1113.
- Online: a link to their website can be found here.
If you have any questions then please contact the Head of Operations & Finance who will be happy to help.
Write to us: Mercury (Ground Floor East), Building 131, Humber Enterprise Park, Aviation Way, Brough, East Riding of Yorkshire, HU15 1YJ.
This notice was last updated on: 14/01/2020