PRIVACY POLICY

Last Review Date: 14/2/2023
Version 2

The PPR (Professional Paralegals Register) takes your privacy and your rights to your Personal Data extremely seriously and we are committed to protecting the privacy of all Personal Data that we obtain from individuals. Data is held in compliance with current UK Data Protection Legislation and other applicable Data Privacy Laws. This Privacy Policy outlines when and how we collect data; the type of data we collect; why we collect data; the legal basis for collecting data; how we keep your data secure and your privacy choices and rights.

Data will be collected and used only for the purposes for which it was originally submitted or in accordance, with your preferences.

If you are a PPR member, customer or subscriber or the National Paralegal Awards or just visiting our website, this Privacy Policy applies to you. If you are a member of the PPR, then you consent to this Privacy Policy under your Membership Contract with us.

This Privacy Policy does not extend to any websites that can be accessed from this Website including, but not limited to, any links that we may provide to social media websites and membership benefits offered through third-parties.

For further information on our use of Cookies, please read our Cookies Policy.

Our Responsibilities

If you are a member of the PPR or a visitor of the website, we act as the ‘Data Controller’ of Personal Data. This means that we determine how and why your data is processed. We are registered as a Data Controller at the UK Information Commissioner’s Office under the registration number ZA127401.

Your Responsibilities

  • Read this Privacy Policy.
  • If you are a member of the PPR, please also check the contract between us that may contain further details on how we collect and process your Personal Data.
  • If you provide us with personal information about other people or if others give us your personal information, we will only use it for the purpose that it was provided to us. By submitting the information, you confirm that you have the right to authorise us to process it on your behalf, in accordance with this Privacy Policy.

The Personal Data that We Collect

We collect Personal Data from people browsing our website, customers and members of the PPR. As soon as you interact with the PPR, we are collecting data. Sometimes it is provided by you and sometimes it is automatically collected by us.

Examples of Data Provided and Collected include:

  • Browsing our Website (See our Cookies Policy for further information).
  • Membership Request.
  • The PPR contact you or you receive communications from us.
  • You use PPR.
  • You sign a Membership Contact.
  • You communicate with our Membership Support Service.
  • You connect in Integrations.
  • You opt-in to Marketing Communications.

Types of Data that We Collect

We collect the following type of Personal Data:

  • Contact Details (Including Name, Work and Home Addresses, Work and Home Telephone Numbers/Mobile Numbers and Work and Home Email Addresses).
  • Financial Information (Including your bank account sort code and account number, name of the Bank or Building Society, Account Holder Name/s and Credit or Debit Card Details).
  • Data from our Membership Contract Application, Renewal and your Contact with us (including the Contact Details, Mail Addresses, Membership Activities, Signatures and Preferences).
  • Personal Data that identifies you.
  • Data on how you use PPR.

Lawful Basis for Processing Personal Data

The PPR only processes Personal Data, where we have a lawful basis to do so. This will depend on the data processing activity that we collect it for e.g., to provide membership services. In some instances, there may be more than one lawful basis for which we process your Personal Data.

The lawful bases for processing of Personal Data can include Consent of the Data Subject, Contractual Necessity, Compliance with a Legal Obligation, Vital Interests, Public Interest and Legitimate Interest.

The lawful bases, which are relevant to CILEX are primarily as follows:

  1. Consent of the Data Subject

The PPR processes Personal Data, where you have given consent for us to do so.  This includes, but is not limited to, newsletters, surveys, consultations, membership benefits, events, products, services and sending you marketing communications. In relation to marketing communications, you always have the right to withdraw your consent. 

You can change your mind and withdraw consent to our processing of your Personal Data at any time. You can do this by emailing us at  [email protected] 

If you do withdraw consent and we do not have another legal basis for processing your information, then we will stop processing your Personal Data.

  1. Compliance with a Legal Obligation

The PPR processes Personal Data, which is necessary for compliance with legal obligations to which PPR is subject. This includes, but is not limited to, providing Personal Data to regulators, law enforcement bodies and statutory bodies.

  1. Legitimate Interest

The PPR processes Personal Data, which is necessary for the pursuit of its legitimate interests, as a Professional Membership Body and in pursuing our objectives.  This includes, but is not limited to, responding to general enquiries, supporting our members, asking our members about member services that they would like to receive in the future and researching the ongoing relevance of our member services, delivering, developing and improving the PPR service, enabling us to enhance, customise or modify our services and communications, gaining insights from your behaviour on our website and determining, whether marketing campaigns are effective, enhancing Data Security and growing the Membership.

The law allows us to do so provided that the processing is fair, balanced and it does not unduly impact on your rights.

We may also rely on a third party’s legitimate interests, such as, when an organisation has requested information or services from us and your legitimate interests, which may be the case in some of the examples given above (such as where you have made an enquiry).

  1. Contractual Necessity

The PPR processes Personal Data to fulfil a contract or take steps linked to a contract. The PPR relies on contractual obligation to provide the products and/or services, to communicate with its customers, in relation to the provision of the contracted products and services or to provide administrative support.

The following would be further examples of where the lawful bases would be Contractual Necessity and Legitimate Interest:

  • Membership Services – We manage your membership requests and benefits, authentication, remember your settings, processing payments, hosting and back-end infrastructure.
  • To Improve Membership – To improve membership we test features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping our site, traffic optimisation and data analysis and research, including profiling and other techniques over your data and in some cases using 3rd parties to do this.
  • Member Support – Notifying you of any changes to our service, email, phone or text.

Special Categories of Personal Data

We may collect Special Categories of Personal Data (also known as Sensitive Personal Data), such as gender, ethnicity, whether you have a disability or any other protected characteristics (particularly related to where reasonable adjustments or access arrangements may be needed) and any information relating to a background check. 

Such Sensitive Personal Data will only be collected and/or provided to us, if you have provided your explicit consent or if we are otherwise permitted to receive and process it under the UK Data Protection Legislation. 

For the processing of Special Categories of Personal Data, we consider whether the risks associated with our use of this type of Personal Data will affect our other obligations around data minimisation and security. A Data Protection Impact Assessment (DPIA) and an appropriate policy document should be completed. 

The lawful bases for Special Categories of Personal Data can include one or more of the following lawful bases (and not all of which will be relevant to PPR): Explicit Consent, Employment Law, Vital Interests, Charity or Not for Profit Bodies, Data manifestly made public by the Data Subject, Legal Claims, Reason for Substantial Public Interest, Medical Diagnosis or Treatment, Public Health, Historical, Statistical or Scientific Purposes, processing for new purposes and processing not requiring identification.

How We Use Your Personal Data

For the purposes of the UK Data Protection Legislation, the Professional Paralegals Register is the ‘’Data Controller’’.

  • To operate your Membership
  • To help us Improve
  • To give personalised Membership Support
  • To send you marketing that is related to your membership (only, if you opt-in).

Third Parties Who Process Your Personal Data

This includes activities such as:

  • Payments: Stripe, PayPal and Bank for BACS payments.
  • Accounting Activities: XERO and Next Level Business
  • Communications: FranticApe and Lead Freak
  • Analytics: Google, Hotjar, Facebook and LinkedIn
  • Integrations: Google, ActiveCampaign and ActiveMember360
  • Infrastructure: WordPress and ActiveMember360
  • Recognised Bodies, who provide information on members fitness to practice and these currently include IoP, CIARb and APR.
  • Eventbrite for Event Management and Ticketing Website, which we use when holding events.
  • CILEX (Chartered Institute of Legal Executives) following their acquisition in 2023 of the IoP and PPR.

We use third-parties to help host our applications and websites, to communicate with members, to power emails and other integral processes. When we do this, it may be necessary to share your data, in order for these services to work well. Your data is only shared, when it is necessary to do so. We are compliant with PCI-DSS Level 1, with regard to card payments.

Our Main Third-Party Service Providers are:

Service ProviderData Collected or SharedPurpose
IoPContact Details and Data, such as qualifications that identify you.For the purpose of obtaining membership of the PPR and only, where consent is given.
Google AnalyticsTechnical data regarding site behaviour and usage statistics. whilst on the website. The IP is tracked.Google Analytics is a Web Analytics Service. We use it to track your use of the service and prepare reports on user activity.
PayPalMember and Customer Data, including contact details, name, address, email and account details for credit/debit card payments.   This is a payment method that may be chosen by Members or Customers.
StripeMember and Customer Data, including name, email and account details for credit/debit card payments.This is a payment method that may be chosen by Members or Customers.
XeroMember and Customer Data, including contact details, name, address, email, account details for BACS payments and credit/debit card details.This is Accounting Software used by the PPR and Next Level Business.
Next Level BusinessData processed and collected on behalf of PPR for accounting activities including having access to the data in Xero, Stripe and PayPal, as specified above.For the purpose of providing accounting and related services.
FranticapeData collected and processed on behalf of PPR marketing activities. Including, survey and questionnaire data, anonymised technical site usage data, membership data (including contact details, email, name and address). Access also to PPR PayPal and Stripe data.   To provide marketing services and analyse user behaviour for improving Member experience.
EventbriteEventbrite is an online Event Management and Ticketing Website.Receives data from Members, who book events or buy tickets.

Data Storage

Personal Data collected by the PPR is stored on secure IT systems and we have physical, electronic and managerial procedures to safeguard and secure the data that we collect. This Personal Data can generally be accessed throughout the PPR, except where it is unsuitable to do so, in which case appropriate measures are put in place to ensure Personal Data can only be accessed by those with a need to know.

No external person will have access to the PPR records, except in circumstances outlined in the Privacy Policy.

The Personal Data is processed at our offices and in any data processing facilities operated by third-parties. By submitting your Personal Data, you agree to this transfer, storing or processing by us.

Any third party contracted by the PPR to process Personal Data on its behalf will be requested to have security measures in place to protect the Personal Data and to treat such data, in accordance with UK Data Protection Legislation. We also set up Data Processing Agreements with our third party or supplier contracts. In the event of any contract relating to International Data Transfers the additional applicable documents will be in place such as EC SCCs (European Commission’s Standard Contractual Clauses), IDTA (International Data Transfer Assessment) or ICO Addendum. The PPR has put in place procedures to deal with any Potential Data Security Incident (PDSI) and they will notify you and the UK Information Commissioner’s Office (ICO), when appropriate of any data breach, where we are legally required to do so.

Please remember: 

  • You provide Personal Data at your own risk and that no data transmission can be guaranteed 100%. 
  • You are responsible for your username and password, so you need to keep them secret and safe 

If you believe your privacy has been breached, please contact us immediately on [email protected] 

Data Retention

The PPR will archive and stop actively using any personal identifiable data about you within 18 months of the last time you were an active paid-up Member of the PPR. We will delete your Personal Data from our archives no later than 3 years from the last date of you being an active paid-up Member or as agreed with you in writing.  

In general, Personal Data is only retained for as long as necessary to fulfil the purposes for which it is being processed (including to comply with relevant UK Legislation or Regulatory requirements and/or to resolve legal disputes).

That length of time may vary depending on the reasons for which we are processing the Personal Data and whether we have a legal (for example, under financial regulations) or contractual obligation to keep it for a specific time period. 

Once the retention period has expired, Personal Data will be confidentially disposed of or permanently deleted. If you object to further contact from us, we will keep some basic information about you, in order to avoid sending you unwanted communications in the future. 

If before that date (i) your Personal Data is no longer required, in connection with such purpose(s), (ii) we are no longer lawfully entitled to process it or (iii) you validly exercise your right of erasure, we will remove it from our records at the relevant time.

Sharing Personal Data 

The Personal Data we collect will only be used for the purposes set out in this Statement or otherwise notified to you. We will not disclose your Personal Data to any third parties, except as set out in this Statement, including where required to or are permitted to by law or where those parties are conducting PPR activities on our behalf (For example, to regulators, law enforcement agencies or partner organisations) including with other entities, such as in CILEX.

In circumstances, where we engage a service provider or CILEX entity to provide services to us, we ensure that Personal Data is only processed in a manner compliant with the relevant UK Data Protection Legislation, subject to a formal Data Processing Agreement and only used for the purposes for which the Personal Data was originally collected.

We may need to share your Personal Data with our professional advisers including auditors, lawyers and insurers, who provide professional advice, accounting, banking, legal, insurance, and pension services or to meet our audit responsibilities. However, we do not allow our third-party service providers to use your Personal Data for their own purposes. They can process your Personal Data for specific purposes and under our instructions. 

Personal information may be shared with a third-party, who has a legitimate interest in the data, where disclosure is necessary and lawful and the processing is aligned with the purpose for which the Personal Data was originally collected. 

We also might share personal information with the Police or other organisations that have a crime prevention or law enforcement function. UK Data Protection Legislation allows organisations to share personal information, if it is needed to prevent or detect a crime or to catch and prosecute a suspect. 

The PPR is committed to keep children and vulnerable adults safe, when its employees and representatives come into contact with them during the course of their work. Where there is a safeguarding concern of a serious and/or urgent nature, confidential information related to the affected individual may be disclosed to emergency services or an external agency.

If we undergo a merger or re-organisation, in doing so we may acquire or transfer Personal Data as part of that transaction, but your Personal Data would continue to be used for the same purpose. Recent acquisitions by CILEX in 2023 have included the IOP (Insititute of Paralegals) and PPR (Professional Paralegal Register).

International Data Transfers 

We may transfer Personal Data to countries outside of the United Kingdom, where Personal Data is not protected in the same way (usually to other businesses, who provide services on our behalf). In such cases, we will make sure that suitable safeguards are in place to protect the Personal Data, such as a signed Data Processing Agreement, EC SCCs, IDTA and ICO Addendum, as applicable. Additional steps are taken to ensure that appropriate measures and controls are in place to protect that data, in accordance with the relevant UK Data Protection Legislation and Regulations.

Neither Party shall transfer Shared Data to any country outside the European Economic Area or the UK, unless that Party ensures that (as required to comply with applicable UK Data Protection Legislation): 

  • the transfer is to a country, territory or one or more specific sectors within a country approved by the UK’s Information Commissioner’s Office or the European Commission as providing adequate protection and the prior written consent of the data subject/s; 
  • there are appropriate safeguards in place as required by applicable UK Data Protection Legislation; or 
  • it can rely on a derogation from the relevant obligations under the UK Data Protection Legislation. 

From 28th June 2021, the UK has been granted an adequacy decision by the EU, which covers data transfers between the UK and the EU and this adequacy decision is due to be reviewed in four years’ time (on 28th June 2025) with a view to this safeguard remaining in place for UK/EU Data Transfers.

Verification Requests 

CILEX, the IoP and the PPR may sometimes respond to verification requests of qualification or membership status from current or prospective employers, employment agencies, regulators or other third-party contacts.

Complaints

Where you lodge a complaint, your Personal Data will be used to correspond with you.   A complaint can be made in writing or by telephone. Please contact PPR Customer Service with your complaint by email at [email protected] 

Access to your Personal Data 

We take reasonable steps to ensure that the Personal Data that we hold will be accurate and up-to-date. You can check the Personal Data that we hold about you, if you are a member through your PPR account or by emailing [email protected] 

Users 16 and Under

We do not knowingly collect or solicit Personal Data from anyone aged 16 or under or knowingly allow such persons to provide us with their Personal Data without Parental or Guardian consent. If you are aged 16 or under, please do not provide us with your Personal Data, without first asking your Parent or Guardian for their permission. In the event, that we learn that we have collected Personal Data from anybody aged 16 or under and we do not have the consent of a Parent or Guardian, we will delete that Personal Data, as quickly as possible. If you believe that we might have any Personal Data from or about anyone aged 16 or under without the consent of a Parent or Guardian, please email us at [email protected] 

Your Individual Rights 

Your Individual Rights are: 

The Right to be Informed – Data Subjects have the right to be informed about the collection, sharing, protection and use of their Personal Data. 

The Right of Access – Data Subjects have the right to request access to any personal information we hold on them. 

The Right to Rectification – Individuals have a right to have inaccurate Personal Data rectified, removed or completed, if it is incomplete. If the Personal Data is found to be incorrect, but is unable to be updated, this should be removed.  

The Right to Erasure – Under certain circumstances, a Data Subject may request for us to delete their information that we retain regarding them, with the exception of any information that we are legally required to retain and for the other exemptions set out in UK Data Protection legislation (Your right to get your data deleted | ICO). 

The Right to Restrict Processing – Data Subjects have the right to request the restriction or suppression of their Personal Data, in certain circumstances. 

The Right to Data Portability – Individuals may request a copy of their data for reuse across different services, which should be provided in a way so that information can be copied or transferred from one IT environment to another safely and securely without affecting tis usability. 

The Right to Object – Data Subjects have the right to object to the processing of their Personal Data, in certain circumstances. For example, individuals have an absolute right to stop their data being used for direct marketing. 

Rights Concerning Automated Decision Making and Profiling – We may only carry out this type of decision-making, where the decision is either necessary for the entry into or performance of a contract, authorised by EU or UK law applicable to the Data Controller or it is based on the individual’s explicit consent. 

In certain cases, the PPR can refuse to comply with a request, if it is manifestly unfounded or excessive. In order to decide, if a request is manifestly unfounded or excessive, the PPR must consider each request on a case-by-case basis. 

If you have any questions about how PPR process your Personal Data or you would like to exercise any of your rights under the UK Data Protection legislation, please email: [email protected] 

You also have the right to lodge a complaint with the UK’s Information Commissioner’s Office (ICO). Their contact details are: 

Information Commissioner’s Office 
Wycliffe House 
Water Lane 
Wilmslow 
Cheshire 
SK9 5AF 

Tel No: 0303 123 1113 (local rate) or 01625 545 745 (national rate) 
Website: www.ico.org.uk 

Legislation 

“UK Data Protection Legislation” means All applicable UK Data Protection and Privacy legislation in force from time-to-time, including the General Data Protection Regulation (EU) 2016/679, the UK Data Protection Act 2018 and the Privacy and Electronic Communications (EU Directive) Regulations 2003 (as amended) (PECR) and any  superseding legislation and all other applicable laws, regulations, statutory instruments and/or any codes, practice or guidelines issued by the relevant Data Protection or Supervisory Authority in force from time to time and applicable to a Party, relating to the processing of Personal Data and/or governing individual’s rights to privacy.  

Freedom of Information Act 2000 (FOIA) 

The PPR is not listed as a ‘public body’ for the purposes of the FOIA and therefore, it is not under a duty to comply with the provisions of the FOIA.  

Change of Business Ownership and Control

The Professional Paralegals Register may from time to time expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of the Professional Paralegals Register. Data provided by Users will, where it is relevant to any part of our business so transferred, can be transferred along with that part and the new owner or newly controlling party will under the terms of this Privacy Policy be permitted to use the Data for the purposes for which it was originally supplied to us.

We may also disclose Data to a prospective purchaser of our business or any part of it.

In the above instances, we will take steps with the aim of ensuring your privacy is protected.

CILEX (Chartered Institute of Legal Executives) acquired the IoP and PPR in 2023.

Reviewing the Privacy Statement 

The PPR will review and update this Privacy Policy from time to time, when changes to our processes or procedures and systems are made, if UK legislation and regulations change or if new circumstances require it.   

If this Privacy Policy changes in any way, we will put an updated version on the website. Regular review of this page ensures that you are always aware of what Personal Data we collect, how we use it and under what circumstances. 

The PPR will make reasonable efforts to contact and update those affected, if the changes are significant in nature.

For information on CILEX’s Privacy Notice and Privacy Statement, please visit the CILEX website: https://www.cilex.org.uk/ and click on the links.

COOKIES POLICY

Correct as of: February 2023
Next Formal Review Date: January 2024

Introduction

This Cookies Policy is to help members of the public and our members to understand how we use Cookies on our PPR website. Our Cookies Banner provider is One Trust. For the Cookies Policies, relating to the CILEX, CILEX Law School, CILEX Regulation and IoP websites, please follow the link to the Cookies Policy via that website.

About Cookies

A Cookie is a small file, typically of letters and numbers and downloaded onto a device, when the user accesses certain websites. Cookies are then sent back to the originating website on each subsequent visit. Cookies are useful, because they allow a website to recognise a user’s device. 

The main purpose of the PPR Cookies is to provide the user with the best user experience possible. Some of the PPR Cookies are essential for a website (known as Strictly Necessary Cookies) and therefore, they cannot be disabled, while others allow the PPR to provide users with a better service. 

In relation to Cookies, the PPR is committed to ensuring that we:

  • Notify people that the Cookies are there, 
  • Explain what the Cookies are doing and 
  • Obtain their consent to store a Cookie on their device.

For administration of its website PPR may use Session Cookies; a Session Cookie is a temporary file stored in a web browser that is deleted, when either it expires or the browser is closed. No personal information is stored permanently within a Cookie from this website.

The data that we collect, which identifies you includes your IP address, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, your operating system and its version.

The data that we collect on how you use our website includes your URL clickstreams (the path you take through our site), products/services viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often you visit those pages and other actions.

The PPR Cookies Policy

The main purpose of our use of Cookies is to provide you with the most optimised user experience possible.

1. Navigation and Function

The PPR uses Cookies for navigational and functional purposes. When a user accesses a PPR website, encrypted session Cookies are used to validate the Users access to different parts of the website. For example, for PPR Members this relates to items, such as keeping a record of log-in details, so that they do not have to type in their username and password.

2. Analytics

The PPR collects information about how people access and use its websites using an analytics tool. The PPR websites use Google Analytics. This is an analytics service provided by Google, Inc. Google Analytics uses Cookies to help the PPR to understand how users use its websites. This ensures that the PPR can optimise and improve the user experience of the websites. Read more about how Google uses cookies.

3. Cookies used by Analytics Platforms

This category comprises of Cookies used to evaluate site performance, in terms of number of visits, unique visitors, drop-off rate for transactions and so on:

NameExpirationDescription
_ga2 yearsThis Cookie is installed by Google Analytics. The Cookie is used to calculate visitor, session and campaign data and to keep track of the site usage for the site’s analytics report. The Cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid1 dayThis Cookie is installed by Google Analytics. The Cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is performing. The data collected, including the number of visitors, the source of where they have come from and the pages visited in an anonymous form.
_gat_*1 yearUsed by Google Analytics to throttle request rate (to limit the collection of data on high traffic sites).
__utma2 years from set / updateHelps to calculate unique visitor numbers.
__utmb30 minutes from set / updateHelps to calculate visitor session length.
__utmcNot setHelps to calculate visitor session length and whether a session has expired.
__utmz6 months from set / updateWorks out referrals from other domains.
bscookie2 yearsThis Cookie is a browser ID Cookie set by LinkedIn share Buttons and ad tags.
bcookie2 yearsThis Cookie is set by LinkedIn. The purpose of the Cookie is to enable LinkedIn functionalities on the page.

Considerations about Third-Party Cookies

Whilst the PPR takes all reasonable precautions to make sure that other organisations, who it deals with have good security practices, The PPR is not responsible for the privacy practices of other organisations, whose websites may be linked to its services or whose contact details it may provide on the website. The PPR is not responsible for the Privacy Policies of social media or other Third-Party providers with whom it has pages or accounts.

The Cookies That We Use

The following list gives the details of the Cookies that we use across our PPR website.

1. Strictly Necessary Cookies

These Cookies are necessary for the website to function and they cannot be switched off in our systems. They are usually only set in response to actions made by you, which amount to a request for services, such as log-in, saving language preferences, privacy preferences, filling in forms, performance measurement and improvement, routing traffic between web servers, detection of the size of the screen, measuring page load times, improving user experience including relevance, audience measurement, detecting fraud and abuse, securing our product, personalisation essential to the user experience, first party measurement and analytics of site usage. You can set your browser to block or alert you to these Cookies, but some parts of the site will not function, if these are blocked. These Cookies do not store any personally identifiable information.

FIRST PARTY
HostCookie NameDescriptionExpiry Duration
ppr.org.ukPHPSESSIDPHP Session Cookie associated with embedded content from this domain.
 
0 Days

2. Performance Cookies

These Cookies allow us to count visits and traffic sources, so that we can measure and improve the performance of our site. They help us to know, which pages are the most and least popular and to see how visitors move around the site. All information these Cookies collect is aggregated and therefore, anonymous. If you do not allow these Cookies we will not know, when you have visited our site and we will not be able to monitor its performance.

FIRST PARTY
HostCookie NameDescriptionExpiry Duration
ppr.org.uk_gaThis Cookie name is associated with Google Universal Analytics, which is a significant update to Google’s more commonly used analytics service. This Cookie is used to distinguish unique users by assigning a randomly generated number, as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default, it is set to expire, after 2 years, although this is customisable by website owners._ga729 Days
ppr.org.uk__utmbThis is one of the four main Cookies set by the Google Analytics service, which enables website owners to track visitor behaviour and measure site performance. This Cookie determines new sessions and visits and expires. after 30 minutes. The Cookie is updated every time data is sent to Google Analytics. Any activity by a user within the 30-minute life span will count as a single visit, even if the user leaves and then returns to the site. A return, after 30 minutes will count as a new visit, by a returning visitor.0 Days
ppr.org.uk_gidThis Cookie name is associated with Google Universal Analytics. This appears to be a new Cookie and as of Spring 2017, no information is available from Google. It appears to store and update a unique value for each page visited._gid0 Days
ppr.org.uk__utmtThis Cookie is set by Google Analytics.  According to their documentation, it is used to throttle the request rate for the service by limiting the collection of data on high traffic sites. It expires after 10 minutes.0 Days
org.uk_gaThis Cookie name is associated with Google Universal Analytics, which is a significant update to Google’s more commonly used analytics service. This Cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the site’s analytics reports. By default, it is set to expire after 2 years, although this is customisable by website owners.730 Days
ppr.org.uk__utmzThis is one of the four main Cookies set by the Google Analytics service, which enables website owners to track visitor behaviour measure of site performance. This Cookie identifies the source of traffic to the site, so that Google Analytics can tell site owners, where visitors came from, when arriving on the site. The Cookie has a life span of 6 months and is updated every time data is sent to Google Analytics.182 Days
ppr.org.uk_gat_UA-123897440-1This is a pattern type Cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website that it relates to. It appears to be a variation of the _gat Cookie, which is used to limit the amount of data recorded by Google on high traffic volume websites.0 Days
ppr.org.uk__utmaThis is one of the four main Cookies set by the Google Analytics service, which enables website owners to track visitor behaviour and measure site performance. This Cookie lasts for 2 years by default and distinguishes between users and sessions. It is used to calculate new and returning visitor statistics. The Cookie is updated every time data is sent to Google Analytics. The lifespan of the Cookie can be customised by website owners.729 Days
ppr.org.uk__utmcThis is one of the four main Cookies set by the Google Analytics service, which enables website owners to track visitor behaviour and measure site performance. It is not used in most sites, but it is set to enable interoperability with the older version of Google Analytics code known as Urchin.  In this older version, this was used in combination with the __utmb cookie to identify new sessions/visits for returning visitors.
When used by Google Analytics, this is always a Session Cookie, which is destroyed, when the user closes their browser. Where it is seen as a Persistent Cookie it is, therefore, likely to be a different technology setting the Cookie.
0 Days

3. Functional Cookies

These Cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third-party providers, whose services we have added to our pages. If you do not allow these Cookies, then some or all of these services may not function properly.

FIRST PARTY
HostCookie NameDescriptionExpiry Duration
ppr.org.uk__stripe_midStripe is used to making credit card payments. Stripe uses a Cookie to remember, who you are and to enable the website to process payments without storing any credit card information on its own servers.364
ppr.org.uk__stripe_sidStripe is used to making credit card payments. Stripe uses a Cookie to remember, who you are and to enable the website to process payments without storing any credit card information on its own servers.0
THIRD PARTY
HostCookie NameDescriptionExpiry Duration
vimeo.comvuidThis domain is owned by Vimeo. The main business activity is Video Hosting/Sharing729
vimeo.com__cf_bmThis is a CloudFoundry Cookie.0

4.4 Targeting Cookies

These Cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these Cookies, you will experience less targeted advertising.

FIRST PARTY
HostCookie NameDescriptionExpiry Duration
ppr.org.ukawxxxxUsed to attribute commission to affiliates, when you arrive at the website from an affiliate referral link. It is set, when you click on one of our links and used to let the advertiser and us know the website from which you came.0 Days
ppr.org.uk_fbpUsed by Facebook to deliver a series of advertisement products, such as real time bidding from third-party advertisers.89 Days
THIRD PARTY
HostCookie NameDescriptionExpiry Duration
youtube.comCONSENTYouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services, in order to display targeted advertising to web visitors across a broad range of their own and other websites.6073 Days
www.facebook.comThis domain is owned by Facebook, which is the world’s largest social networking service.  As a third-party host provider, it mostly collects data on the interests of users via widgets such as the ‘Like’ button found on many websites. This is used to serve targeted advertising to its users, when logged into its services. In 2014, it also started serving up behaviourally targeted advertising on other websites similar to most dedicated online marketing companies.0 Days

5. Social Media Cookies

Social Media Plugin

We use services, such as social sharing and these are offered by different companies. These companies may drop Cookies onto your computer, when you use them on our website or if you are already logged in to them.

These Social Media Cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They can track your browser across other sites and build up a profile of your interests. This may impact the content and messages you see on the other websites that you visit. If you do not allow these Cookies, you may not be able to use or see these sharing tools.

Here is a list of places where you can find out more about specific services that we may use and their use of Cookies:

Facebook – Privacy policy
Google +1 – Privacy policyPrivacy & Terms – Google
Twitter – Privacy policy

If you would like to disable “Third-Party” Cookies generated by these providers, you can turn them off by going to the Third-Party’s website and getting them to generate a one-time “Decline All/No Thanks” Cookie that will stop any further Cookies being written to your machine.

If you would like to disable “Third-Party” Cookies generated by these providers, you can turn them off by going to the Third-Party’s website and getting them to generate a one-time “Decline All/No Thanks” Cookie that will stop any further Cookies being written to your machine.

6. Other Cookies

FIRST PARTY
HostCookie NameExpiry Duration
ppr.org.uk_utmv#########0 Days
THIRD PARTY
HostCookie NameExpiry Duration
survey.zohopublic.comJSESSIONID0 Days
m.stripe.comm729 Days
survey.zohopublic.com53aac31ef00 Days
survey.zohopublic.comaprmjrnpkcrkks0 Days
webfonts.zoho.comJSESSIONID0 Days
survey.zohopublic.com_zcsr_tmp0 Days
webfonts.zoho.come0b837f51c0 Days

Disabling/Enabling Cookies

You have the ability to Accept All, Decline All or Manage Preferences for the use of Cookies from the Cookies Notice that appears when you view the website. However, we would like you to have the best experience of our website and it is likely that disabling cookies will limit the functionality of the PPR website.

In the Manage Preferences section, there is an explanation of each of the Cookies’ functions and you can choose to opt in or remain opted out of each Cookie Type listed except for the Strictly Necessary Cookies. The other Cookies are Performance Cookies, Functional Cookies, Targeting Cookies and Social Media Cookies. Please see the Cookies Banner Notice for further information.

If you are concerned about the use of Cookies, in relation to “spyware” you can use anti-spyware software to delete Cookies that may be considered invasive, rather than disabling the Cookies altogether.

Consent

By accepting Cookies with your browser settings and using the PPR website, you consent to the processing of data about you by the PPR, its subsidiaries and Google in the manner and for the purposes set out above.

As long as the PPR does obtain consent the first time that Cookies are set, the PPR does not have to repeat it every time the same person visits the website. However, it is good to keep in mind that devices may be used by different people. If there is likely to be more than one user, so the PPR repeats this process at suitable intervals. You can also clear Cookies from your web browser settings prompting all websites to initiate their Cookie Notice consent with a view to actioning your Cookies Preferences and this can be done at any time.

How to Control and Delete Cookies

We will not use Cookies to collect personally identifiable information about you. However, if you wish to restrict or block the Cookies, which are set by our websites or indeed any other website, you can do this through your web browser settings. The ‘Help’ function within your browser, should tell you how to do this. Alternatively, you may wish to visit the following website: https://www.aboutcookies.org/ 

This website contains comprehensive information on how to manage Cookies across a wide variety of browsers. You will also find details on how to delete Cookies from your device, as well as more general information about Cookies.

A comprehensive set of guidelines for the use of Cookies can be accessed from the UK’s Information Commissioner’s Office: https://ico.org.uk   

Information on how to clear Cookies are provided by the ICO here: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/, as well as further information about cookies can be found here: https://ico.org.uk/for-the-public/online/cookies/

If you wish to view your Cookie Code, just click on a Cookie to open it. You will see a short string of text and numbers. The numbers are your identification card, which can only be seen by the server that provided the Cookie.

For information on how to do this within the web browser of your mobile phone, you will need to refer to your mobile handset manual or visit the help section of your mobile provider’s website.

To opt-out of third-parties collecting any data regarding your interaction on our website, please refer to their websites for further information.

Withdrawing Consent for Cookies

Once consent has been obtained by the PPR, users or subscribers may choose to withdraw that consent at any time. They can withdraw the consent by clearing the Cookies via the Internet Browser settings. (Please see the above ICO link for the instructions on how to clear the Cookies). However, if a user decides to disable the Cookies, this may detrimentally affect the general functionality of the PPR website experience.

Contact PPR

If users have any questions about how the PPR process their Personal Data, you can email: [email protected] 

Contact the ICO (Information Commissioner s Office)

You also have the right to lodge a complaint with the UK’s Information Commissioner’s Office.

Their Contact Details are:

Information Commissioner’s Office, 
Wycliffe House,
Water Lane, 
Wilmslow,
Cheshire
SK9 5AF.     

Tel No: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Website: www.ico.org.uk

Legal Obligations

The statutory and/or regulatory directives and legislation on which this Policy is based upon is the current UK Data Protection Legislation.

This is all applicable UK Data Protection and Privacy legislation in force from time-to-time, including the General Data Protection Regulation (EU) 2016/679, the UK Data Protection Act 2018 and the Privacy and Electronic Communications (EU Directive) Regulations 2003 (as amended) (PECR) and any superseding legislation and all other applicable laws, regulations, statutory instruments and/or any codes, practice or guidelines issued by the relevant Data Protection or Supervisory Authority in force from time to time and applicable to a Party, relating to the processing of personal data and/or governing individual’s rights to privacy.

From 28th June 2021, the UK has been granted an adequacy decision by the EU, which covers data transfers between the UK and the EU and this adequacy decision is due to be reviewed in four years’ time on 28th June 2025 with a view to this safeguard remaining in place for UK/EU Data Transfers.

The PPR complies with its obligations set up in Privacy and Electronic Communications Regulations (PECR) related to the use of Cookies by:

  • Informing people that its Cookies are there;
  • Explaining what the Cookies are doing and why; and
  • Obtaining the person’s consent to store a Cookie on their device.

For further information on Data Protection, please see our Privacy Policy. Our Cookies Policy is reviewed and updated regularly.

ACCESSIBILITY

The IoP website has been developed, in order to promote accessibility, in accordance with W3C Web Content Accessibility Guidelines. The site is constructed, so that screen readers can navigate the site successfully. This includes adding descriptive text to navigable images and summary text in the website code for tables included on the website. Also, the content of the site can be read in a logical manner, even when styles are disabled. We are continually working to improve the accessibility and usability of our website.

STANDARDS COMPLIANCE AND LEGAL OBLIGATIONS

The statutory and/or regulatory directives and legislation on which this statement is based are the Equality Act 2010, W3C Web Content Accessibility Guidelines and Accessibility Regulations 2018.

The website conforms to Level A compliance, as established by the Web Content Accessibility Guidelines.

Details on the World Wide Web Consortium’s Web Accessibility Initiative are available at www.w3.org/WAI and  Web Content Accessibility Guidelines. The initiative promotes usability and accessibility for people with disabilities.

Browser Accessibility Options

Each browser has different methods for font size, formatting and screen colour options:

The BBC also has information on how to customise your computer and your browser, to make them more accessible in their ‘My web my way’ section.

Headers

We use header elements to structure the pages and to make information clearer.

Navigation

There are several ways to navigate our site, which are via a search engine, the navigation bar or the sitemap.

Most browsers support jumping to specific links by typing keys defined on the website. You can navigate most of the website using the keyboard. The following access keys are available throughout the IoP Website:

ACCESS KEY S – Skip Navigation – Example: ALT + S
ACCESS KEY 1 – Home Page – Example: ALT + 1

ACCESS KEY 2 – Open Search Field – Example: ALT + 2
ACCESS KEY 3 – Site Map – Example: ALT + 3
ACCESS KEY 0 – Accessibility Statement – Example:  ALT + 0

These Access Keys have been chosen to follow the UK Government Access Keys Standard. Wherever possible, they do not conflict with the commonly used screen reader and browser keyboard shortcuts.

Access Keys are selected in different ways in different browsers:

Windows 7Internet Explorer 9, 8, 7Alt + [the access key]
Windows 7Chrome 26, 25Alt + [the access key]
Windows 7Firefox 20, 19, 18Shift + Alt + [the access key]
Windows 7Safari 5.1.2Alt + [the access key]
Windows/MacOperaShift + Esc + [the access key]
MacInternet ExplorerCtrl + [the access key]
MacFirefoxCntrl + Alt + [the access key]
MacSafari 6Cntrl + Alt + [the access key]
MacChromeCtrl + Opt + [the access key]

Please Note: Some browsers do not support the numbers on the Number Pad being used as Access Keys. Therefore, please use the numbers at the top of the keyboard.

Search Tips

A search box appears at the top of each page. To get the best results follow these tips:

Use keywords. The search will not work well using natural language and keywords will find better results. You can also use quotes to search for an exact phrase.

To Change the Window Size:

On the browser View menu select ‘Full screen’ or press ‘F11’.

Text Size

Some users might find the site easier to read by increasing the size at which the text is displayed. To do this you can adjust your browser’s settings by going to the View menu, then selecting either ‘text size’, ‘text zoom’ or ‘zoom’ and then increasing the size of the text.

To enlarge Texts and Images on a Website

On a PC:

  1. Hold down the ‘Ctrl’ key and press ‘+’ to enlarge.
  2. Hold down the ‘Ctrl’ key and press ‘-‘ to reduce.
  3. To reset hold down ‘Ctrl’ and press ‘0’.

On an Apple Macintosh computer hold the ‘Cmd’ (Apple) key instead of ‘Ctrl’.

Colours

The colours of the text and background contrast sufficiently, so that legibility is optimised and navigable links use visual identifiers that are not reliant on the colour alone. 

The website design has been tested against colour contrast to ensure that all information is still clear. Most of the text is written as white on grey and is perfectly contrasting. The W3C recommends a standard of 500 or greater for the colour difference and a standard of 125 or greater for colour brightness. Both colour difference and colour brightness of the website meet the recommended standard. A colour code, such as blue text over grey background can be achieved. For further information on how to change the colour combination on a website, please click on the below link:

Font Sizes

Relative units have been used in markup language and CSS, therefore, the website layout accommodates resizing text.

Some users might find the site easier to read by increasing the size at which the text is displayed. To do this you can adjust your browser’s settings by going to the View menu, then selecting either ‘text size’, ‘text zoom’ or ‘zoom’ and then increasing the size of the text. If you find the text on this website is too small or too large, you can change it by adjusting your browser’s settings or using the shortcuts below:

Microsoft Internet ExplorerGo to the View Menu, select Text Size and then Larger/Largest or Smaller/Smallest.
Mozilla FirefoxGo to the View Menu, select Text Size and choose Increase or Decrease.
Google ChromeClick the Chrome Menu on the browser toolbar. Select Settings.
Click Show Advanced Settings.
In the “Web Content” section, use the “Font size” drop-down menu to make the adjustments.

Alternately you can use the zoom options to make everything on a page larger or smaller.

  • To Zoom in you can use the keyboard shortcuts Ctrl and + (Windows, Linux, and Chrome OS) and ⌘and + (Mac)
  • To Zoom out you can use the keyboard shortcuts Ctrl and – (Windows, Linux, and Chrome OS) and ⌘ and – (Mac)

You can change colours, contrast levels and fonts and zoom in and out on both mobile and desktop versions of the website.

To Zoom on a mobile phone, the user can scale the content by using the touchscreen with two fingers to expand and contract the image or by using Ctrl and + or Ctrl and -.

Layout

The site uses Cascading Style Sheets (CSS) to control all the presentation and layout.

Therefore, screen reader users can use the screen reader’s navigation key to get around the site. If you are listening to the site, then the menus are grouped together in a more logical fashion.

Images

Descriptive and meaningful text equivalents are provided for all content images, graphical buttons, symbols and objects. Images are not used to represent text and all headings are styled with the help of CSS and can be resized to suit user’s needs.

Content

The content has been written and formatted to make it accessible. For example:

  • Headings highlight sections of text (a H1 starts the content area of each page).
  • Links use meaningful text.
  • Forms can be navigated using the tab key.

Semantic Markup

Structured and semantic markup is used to represent document structure. H1 tags are used for main titles, H2 tags for subtitles and so on. Cascading style sheets are used for visual layout and JavaScript is used to enhance usability and for decorative purposes. Pages are still fully accessible, if these technologies are ignored or unsupported.

Documents

Some of the files on this website are supplied in PDF format. Other documents are supplied in the Microsoft Office Word format. 

PDF Downloads:

There are PDF documents available to download from the website. For further information on the Accessibility Features of Adobe Reader (that can be used to view the PDFs), please click on the below link:

Accessibility features in PDFs (adobe.com) 

If you are using an alternative PDF Reader, please see the provider’s website for their Accessibility information.

Our aim is to ensure that all our documents are accessible. 

If you would like to read the documents in a large print size, you can request them by completing a ‘Contact Us’ Form available on our website or by emailing: [email protected].

Problems Accessing the Site 

If you have difficulty accessing the site or have any comments, please complete a ‘Contact Us’ Form available on our IoP Website, call Tel: 0203 011 2610 or email: [email protected]

Statement Approval
Last Review Date:February 2023
Version:Version 2
Owner:Corporate Compliance 
Approved By:Corporate Policy Review Panel (CPRP)
Review Date:March 2024