CMCE Privacy Policy

Who we are

The Centre for Management Consulting Excellence (CMCE) has been set up by the Worshipful Company of Management Consultants (WCoMC) and aims to share academic research and practitioner experience to the benefit of the consulting community

CMCE holds data for its own purposes and has developed a Privacy Policy to conform with UK legislation on Data Protection (The General Data Protection Regulation, GDPR) and to complement that of WCoMC which may be found online.

Types of data collected and stored

CMCE collects data which has been supplied by you either through our website or in email correspondence.  We may supplement this with information which is in the public domain such as further details about your organisation.  As well as name and contact details for you and your organisation we also hold information about the events that you have attended. 

We also keep some email correspondence. All of this is stored on computer platforms that we believe to be secure. We make sure that only those with authorisation are permitted have access to your data.

You are under no obligation to provide us with personal data, however, your information will help us to provide you with the best possible support and resources for you.

CMCE may collect and use personal data for the following purposes:

  • To send a newsletter and information about CMCE events and other CMCE activities to people who have expressed an interest.
  • To enable people to book to attend CMCE events, and to manage the bookings.
  • To invite people to take part in CMCE research. 
  • During research some personal data may be collected from people who agree to participate for use in anonymised form to analyse research data.  The data we collect for research depends on the research project.  We would not expect to collect data within any of the special categories identified by GDPR. 
  • To enable those involved in running CMCE to provide the best possible support and resources.

Lawful basis for data processing

If you ask to receive the CMCE newsletter or to be kept informed of CMCE events and activities, or explicitly agree to do so, we believe that this consent represents a lawful basis for processing such personal data as is necessary to provide you with this information.  We would expect to confirm your consent periodically. 

Making a booking for an event is a form of contract.  We consider that this contract is a lawful basis for processing relevant personal data.

Research is ‘a task in the public interest’, and as such a lawful basis for data processing providing the necessary consent to take part in research has been obtained and the researching organisation follows good practice in the safeguarding of data.

We will ask those helping to run CMCE events for their explicit consent to process their personal data (e.g. contact details) needed by CMCE.  This consent will be the lawful basis for processing their personal data.

Transfer and sharing of data

The CMCE website, where requests to receive the CMCE newsletter are registered, is externally hosted, but the process of capturing the requests and forwarding them to CMCE is fully automated.

Event booking is handled either by an automated system such as Eventbrite or by a system operated by WCoMC, the parent organisation of CMCE.  Their data privacy policy can be viewed online.

An event venue will normally require a list of attendee’s names for security and practical reasons.

Where CMCE runs a research project with other organisations, typically university departments, research data would be shared with them as required, subject to appropriate organisational and technical safeguards.

We will never share any personal data (such as email addresses) with third parties or sell it.

We may share anonymised data, without email addresses or personal details, to funders or potential funders to demonstrate the impact of our services. 

Retention of data

We will only keep your data as long as is reasonable and necessary.

We will remove all personal data if you request to be removed from our lists.

You may ask to unsubscribe from emails at any time.  If you no longer wish to be contacted, please click the ‘opt out’ link at the bottom of any email.  We will hold your data until we have checked that your ‘opt out' was intentional.

We retain data on the event booking system for as long as your Registered Event Account is live. 

How long we store research data for depends on the requirements of the project for which it was collected; it may potentially be stored indefinitely.  We would implement appropriate organisational and technical safeguards to ensure it was stored securely.

Your rights

  • To complain: Please submit any complaints to us by email at gdpr@cmce.org.uk.  You also have the right to complain at any time to the Office of the Information Commissioner.
  • To ensure that your personal data is correct: CMCE will be happy to correct errors.  If you are a registered Account Holder of the event booking system, you can correct any errors yourself.
  • To require CMCE to erase data which it holds about you: CMCE will be happy to erase the data which it holds about you.  The right to require CMCE to erase data does not include research data if erasing it would render impossible or seriously impair the achievement of the specific purposes of the research, providing that CMCE implements appropriate organisational and technical safeguards to ensure the data is stored securely.

CMCE website

This policy applies when you use the CMCE website.  There is a link to the policy on the website. 

Our website does not automatically capture or store personal information, other than logging your IP address and session information such as the duration of the visit and the type of browser used.  This is recognised by the Web server and is only used for system administration and to provide important statistics which CMCE draws on to evaluate use of the site.

We do not use cookies for collecting user information from the site. You may be asked for personal information if you want to take advantage of specific services we offer. In each case we will only use the personal information you provide to deliver the services you have told us you wish to take part in.

Our website has links to other websites, such as those of our sponsors or for other resources.  Other websites are not covered by this policy.

Review and updates

This policy will be reviewed at least each year on the anniversary of its introduction, and in response to changes in the law relating to GDPR.  If CMCE holds your personal data, we will advise you when this policy is updated or amended.

Date of issue of this policy: December 2018