If you are a member of the PPR or a visitor of the website, we act as the ‘data controller’ of personal data. This means that we determine how and why your data are processed. We are registered as a data controller at the UK Information Commissioner’s Office under number ZA127401.
- If you are a member of the PPR please also check the contract between us that may contain further details on how we collect and process your data.
When and How We Collect Data
We collect data from people browsing our website, customers and members of the PPR. As soon as you interact with the PPR we are collecting data. Sometimes it is provided by you and sometimes it is automatically collected.
Types of Data We Collect
We collect the following types of data:
- Contact details
- Financial information
- Data from your membership application /renewal (your contract with us)
- Data that identifies you
- Data on how you use PPR
Your name, Address, Telephone, E Mail, Work E Mail, Work Telephone, Work address
Your bank account number, sort code, Credit/debit card details
Data from your contract with us
Your membership application form- contact details as above plus mail addresses, activity on membership, signatures, preferences
Data that Identifies You
Your IP address, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version.
Data on how you use PPR
Your URL clickstreams (the path you take through our site), products/services viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often, and other actions.
We do not collect data about you like racial or ethnic origin, offences or alleged offences without your specific consent or when we have to comply with the law.
Do you collect my data?
We collect data from people browsing our website, customers and members of PPR and people who view/sign contract with PPR.
Third Parties Who Process Your Data
This includes activities such as:
- Payments: Stripe, PayPal,Bank for BACS payments
- Accounting activities: XERO, Next Level Business
- Communications: LeadFreak
- Analytics: Google, Hotjar, Facebook, LinkedIn
- Integrations: Google, ActiveCampaign, ActiveMember360
- Infastructure: WordPress, ActiveMember360
- Recognised Bodies who provide information on members fitness to practice, currently, IoP, CIARb and APR
- EventBrite – event management and ticketing website which we use when holding events
- Before the website places Cookies on your computer, you will be presented with a message bar requesting your consent to set these Cookies. By giving your consent to the placing of Cookies, you are enabling us to provide a better experience and service to you.
The website may place the following Cookies:
- Analytical/performance Cookies that allow us to count the number of visitors to our website and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Targeting Cookies that record your visit to the website, the pages you have visited and the links you have followed. We will use this information to make our website and any advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
- You can turn off cookies, but this will mean we cannot recognize you in-app messaging etc. and certain features of the website may not function fully or as intended.
- It is recommended that you ensure that your internet browser is up to date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
How We Use Your Data
For the purposes of the Data Protection Act 1998 and the Data Protection Directive (Dir 95/46/EC), the Professional Paralegal Register is the ‘’data controller’’.
- To operate your membership
- To help us improve
- To give personalized membership support
- To send you marketing that is related to your membership (only if you tell us to)
Data Protection law means that we may only use your data for certain reasons and where we have a legal basis to do so. We process your data for the following reasons:
Membership Services – We manage your membership requests and benefits, authentication, remember your settings, processing payments, hosting and back-end infrastructure.
Legal Basis: Contract; Legitimate Interest
To Improve Membership – To improve membership we test features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping our site, traffic optimization and data analysis and research, including profiling and other techniques over your data and in some cases using 3rd parties to do this.
Legal Basis for data usage: Contract; Legitimate Interest
Member Support – Notifying you of any changes to our service, e mail, phone or text.
Legal Basis for data usage: Contract; Legitimate Interest
Marketing Purposes – This usage is only with your consent. Sending you e mails and messages about new features, membership benefits or events products and services.
Legal Basis for data usage: Consent
Here is what each of the ‘legal bases’ mean:
- You have given clear consent for us to process your personal data for a specific purpose.
- You can change your mind and withdraw consent to our processing your data at anytime. You can do this by e mailing us at email@example.com
- If you do withdraw consent and we do not have another legal basis for processing your information then we will stop processing your personal data.
Processing your data is necessary for the membership contract you have with us, to take specific steps before entering into the contract.
Processing your data is necessary for our legitimate interest or the legitimate interests of a third party, provided that those legitimate interests are not outweighed by your rights and interests. These legitimate interests are:
- Gaining insights from your behavior on our website
- Delivering, developing and improving the PPR service
- Enabling us to enhance, customize or modify our services and communications
- Determining whether marketing campaigns are effective
- Enhancing data security
- Growing the membership
In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.
Your Privacy Choices and Rights
You can choose not to provide us with personal data. If you choose to do this, you can continue to use the website and browse our pages, but we will not be able to process transactions without personal data.
You can turn off cookies in your browser by changing its settings.
You can ask us not to use your data for marketing. You can opt out of marketing by e mailing firstname.lastname@example.org
You have a right to be forgotten by us and to erase any personal data we hold about you, if it is no longer necessary for us to hold the data for the purposes of your membership.
You have a right to ask for a copy of your data held by us (where such data is held).
You have a right to lodge a complaint regarding our use of data, however, please tell us first so we can address your concerns. If we fail to satisfy you, you can address complaints to the UK Information Commissioners Office, by calling their helpline or as directed on their website at www.ico.org.uk
How secure is the data we collect?
We have physical, electronic and managerial procedures to safeguard and secure the data we collect. Please read our data security policy.
- You provide personal data at your own risk: no data transmission can be guaranteed 100%.
- You are responsible for your username and password: keep them secret and safe
If you believe your privacy has been breached, please contact us immediately on email@example.com
Where do we store the data?
The personal data is processed at our offices and in any data processing facilities operated by third parties identified below.
By submitting your personal data, you agree to this transfer, storing or processing by us.
How long do we store your data?
We will archive and stop actively using any personal identifiable data about you within 18 months of the last time you were an active paid up member of the IoP. We will delete your personal data from our archives no later than 3 years from the last date of you being an active paid up member or as agreed with you in writing.
Third Parties who process your data
We use third parties to help host our applications and websites, to communicate with members, power e mails and other integral processes.
When we do this, it may be necessary to share your data in order for these services to work well. Your data is only shared when it is necessary to do so.
Our main third-party service providers are:
Change of Business Ownership and Control
We may also disclose Data to a prospective purchaser of our business or any part of it.
In the above instances, we will take steps with the aim of ensuring your privacy is protected.