Privacy & Data Protection Policy

1.0 Introduction

1.1 The Association of Corporate Investigators (herein ‘ACi’) takes your privacy and data protection extremely seriously. We treat your privacy and the protection of your personal data as an ongoing responsibility.

1.2 The Association of Corporate Investigators (ACi) operates the https://my-aci.com website.

1.3 This policy informs you regarding our collection, use and disclosure of your personal data when you use our services, and the choices you have associated with that data. We use your data to provide and improve the service we offer to you. By using our website, you agree to the collection and use of the information in accordance with this policy.

2.0 Definitions

2.1 ‘Website’ the website hosted on the internet domain www.my-aci.com

2.2 ‘Services’ the information, membership, training and events offered to Members and the corporate investigations community via the ACi Website.

2.3 ‘Personal Data’ the data about living individuals who can be identified from that data.

2.4 ‘Data Use’ the use for which the ACi collects your personal data.

2.5 ‘Cookies’ the small pieces of data stored on your digital devices.

2.6 ‘Data Controller’ and ‘Data Protection Officer’ is the person who determines (either alone or jointly) the purpose and manner in which any personal data are, or are to be, processed. For the purposes of this policy, the ACi Chief Operating Officer is the Data Controller and the Data Protection Officer.

2.7 ‘Data Processors’ is any natural or legal person (service providers) who process the data on behalf of the Data Controller. We may use the services of various service providers in order to process your data more effectively. Examples include Mailchimp for e-mail distributions and Eventzilla for processing ACi event and training registrations.

2.8 ‘Data Subject’ is any living individual who is using our services and is the subject of personal data.

3.0 How we Collect, Use and Process your Personal Data

3.1 The ACi collects personal data via its members application process and via individuals who give consent via our events, webinars, training and other initiatives (networking etc.) The personal data the ACi collects (with consent) includes, but is not limited to:

  • Name
  • Organisation
  • Role/Position
  • Phone number
  • E-mail (for ACi communications)

3.2 We do not sell your personal data and we only share your personal data with third parties who are facilitating the delivery of ACi services such as training. Training suppliers are only permitted to retain your personal data for the duration of the time needed to deliver the training service. Sponsors of ACi events, namely symposiums, networking, webinars etc. are only provided with your data if you give consent at registration. The ACi use third-party applications (i.e. Mailchimp) to process and deliver services to both members and non-members.

3.3 We may also collect data about how the ACi website is accessed and used and this may include your computer’s internet protocol address (IP), browser type, browser version, the pages of our website you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

3.4 We use cookies and similar tracking technologies to track the activity on our Website and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies used are beacons, tags, and scripts to collect and track information and improve and analyse our Website.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Website.

Examples of Cookies we use;

• Session Cookies. We use Session Cookies to operate our Website.
• Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
• Security Cookies. We use Security Cookies for security purposes.

3.5 The Association of Corporate Investigators uses the collected data for various purposes:

• To provide and maintain our services
• To notify you about changes to our services
• To allow you to participate in interactive features of our Website when you choose to do so
• To provide Member support
• To gather analysis of valuable information so that we can improve our services.
• To monitor the usage of our services
• To detect, prevent and address technical issues
• To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information

3.6 Legal Basis for Processing Personal Data Under the General Data Protection Regulation (GDPR). If you are from the European Economic Area (EEA), the ACi’s legal basis for collecting and using the personal information described in this Policy depends on the personal data we collect and the specific context in which we collect it.
The Association of Corporate Investigators may process your personal data because:

• We need to communicate with you
• You have given us permission to do so
• The processing is in our legitimate interests
• For payment processing purposes
• To comply with the law

4.0 Data Retention, Transfer and Storage

4.1 The Association of Corporate Investigators will retain your personal data only for as long as is necessary for the purposes set out in this Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. The Association of Corporate Investigators will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Website and services, or we are legally obligated to retain this data for longer time periods.
4.2 Your information, including personal data, may be transferred to and maintained on computers located outside of your country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the data, including personal data, to the United Kingdom and process it there. Your consent to this Policy followed by your submission of such information represents your agreement to that transfer.
The Association of Corporate Investigators will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.

5.0 Disclosure of Data

5.1 Disclosure of Data may be required under law or regulation. Disclosure for Law Enforcement – under certain circumstances, Association of Corporate Investigators may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Legal Requirements – The Association of Corporate Investigators may disclose your personal data in the good faith belief that such action is necessary to:
• comply with a legal obligation
• protect and defend the rights or property of the Association of Corporate Investigators
• prevent or investigate possible wrongdoing in connection with the Website or services
• protect the personal safety of users of the Website or the public
• protect against legal liability

6.0 Data Security

6.1 The security of your data is important to us, but please note that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. We do not store credit card details, nor do we share financial details with any third parties.
Your Data Protection Rights Under General Data Protection Regulation (GDPR). If you are a resident of the European Economic Area (EEA), you have certain data protection rights, The Association of Corporate Investigators takes reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data. If you wish to be informed what personal data we hold about you, and if you want it to be removed from our database, please contact us via admin@my-aci.com.

6.2 In certain circumstances, you have the following data protection rights:

• The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
• The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
• The right to object. You have the right to object to our processing of your Personal Data.
• The right of restriction. You have the right to request that we restrict the processing of your personal information.
• The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
• The right to withdraw consent. You have the right to withdraw your consent at any time where the Association of Corporate Investigators relied on your consent to process your personal information.
Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

7.0 Service Providers

7.1 We may employ third party companies and individuals to facilitate our services (“Service Providers”), to provide the service on our behalf, to perform service-related services or to assist us in analysing how our Website and Services are used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. For Association of Corporate Investigator events, we currently work with:

• Eventzilla – Their Privacy Policy can be viewed at: https://www.eventzilla.net/en/privacy
• Mailchimp – Their Privacy policy can be viewed at: https://mailchimp.com/legal/privacy/

7.2 Payments – We may provide paid products and/or services within the service. In that case, we use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
Payment Processors – The payment processors we currently work with are:

• Stripe – Their Privacy Policy can be viewed at:
https://stripe.com/en-gb-ch/privacy

7.3 Links to other Sites – Our service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

8.0 Children’s Privacy

8.1 Our service does not address anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers and records.

9.0 Changes to this Policy

9.1 We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Policy on this page. We will let you know via email and/or a prominent news notice on our Website. The effective date for changes becoming effective is the date the policy is posted on our website. You are advised to review this Privacy Policy periodically for any changes.

10.0 Further Information

10.1 For further information concerning ACi Privacy and Data Protection or your use of our Website and services, please contact the ACi Chief Operating Officer, who is the ACi Data Controller and Data Protection Officer, via admin@my-aci.com.