Privacy Policy

Who we are 

CCMA (we, us, our)  is the Call Centre Management Association. Registered office: 2nd Floor, Regis House, 45 King William Street, London EC4R 9AN. Our company registration number is 5799326. Our VAT registration number is GB153131744. Our ICO registration number is ZA245650. We operate [the www.ccma.org.uk] (“website”).  

We take privacy, and the security of personal data, very seriously, and we are committed to ensuring that we safeguard the privacy and personal data of our website visitors and those with whom we communicate through that website, whether by email or electronically, at all times and in the best way possible. 

When we collect, use and process personal data we are subject to the provisions of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to personal data we collect, use and process in the European Economic Area (EEA).  

This privacy policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Services and the choices you have associated with that data. 

Leigh Hopwood is the Data Protection Manager and can be contacted on info@ccma.org.uk. 

Where we got your information 

Your information has been provided by you or a colleague in order to receive products, services or communications from us. Your data was provided through our websites, via email, print media or  the telephone. 

For information about your rights, please see ‘Your Rights’ section below. 

Please note that our website may link to other third-party websites that may also gather information about you. Third-party websites will operate in accordance with their own separate privacy policies, and we have no control over any personal data that they may acquire, store and use. For privacy information relating to these other third-party websites, you should consult their privacy policies as appropriate. 

Your Personal Data 

Personal data is collected about you whenever you access our website, register with us, contact us, send us feedback, purchase services via our website, post material to our website, complete forms on our website, take part in customer surveys, participate in competitions via our website, submit reviews to or via our website. 

Personal data is collected either directly (for example when you register with us, contact us, purchase services from us, complete forms or submit reviews on or via our website) or indirectly (for example where you are browsing our website through the use of ‘cookies’). 

The personal data we receive and process is dependent upon how you access our website, what you do whilst you are accessing it, and what you perceive the end result of accessing our website will be. 

In general, the sorts of personal data that we can acquire, depending upon the circumstances, include: 

  • your name, address, email, telephone number and other contact details; 
  • your bank account or other financial details; 
  • your account details, such as username, login details; 
  • your IP address, the browser you use, your operating system; and 
  • the pages of our website, or other resources on that website, that you have accessed and when you accessed them. 

What we do with your personal data 

 

The CCMA is a community of contact centre professionals and in order for us to service this community – for example by providing updates, resources, events and training – we collect personal data from site registrants, event attendees, training delegates and members. 

If you provide your data and give us permission, we will use your data to maintain email, telephone and offline contact with you, preferably at your place of business. 

We may also use your personal data to: 

  • create and manage your account with us; 
  • verify your identity; 
  • provide services to you; 
  • notify you of any changes to our website or to our services that may affect you; 
  • improve our services; 
  • receive your reviews and respond to them. 

The purposes for which your information is used  

Data protection law requires that we only use your personal data for the purposes for which it was acquired, or where we have a proper reason for using it. Those reasons may include the following: 

  • where you have given consent to the use of your personal data for one or more specific purposes. 
  • where the use is necessary for the performance of a contract to which you are party, or in order to take steps at your request prior to entering into a contract. 
  • where the use is necessary for compliance with a legal obligation that we are subject to. 
  • where the use is necessary for the purposes of our legitimate interests or those of a third party, except where those interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data. 

The reasons set out above represent the general position as to the purposes for which data may be used. The specific position in relation to your personal data, however, is that we may use it for the following purposes: 

  • In order to supply our services to you through or via our website. This processing relies upon the performance of a contract between us and the steps needed to deliver those contractual services; 
  • To prevent or detect fraud; 
  • To improve the operation of our website and provide those services which you have requested us to provide. This may include taking such security measures as are appropriate, backing up the data we hold, and contacting you. This processing relies upon your consent where this has been given, or upon factors related to our legitimate interests in processing the data (in that we are seeking to provide services as part of our business, or the performance of a contract between us, and the steps needed to deliver those contractual services); 
  • In relation to information which you wish to include in, or post on, our website (for example by submitting a review of our services, supplying a blog post or the publishing of other information). This processing relies upon your consent where this has been given, or upon factors related to our legitimate interests in processing the data (in that we are seeking to provide services as part of our business, or the performance of a contract between us, and the steps needed to deliver those contractual services); 
  • For dealing with an enquiry submitted by you to us in connection with our services; 
  • Where it is necessary for us to do so in order to establish, exercise or defend a legal claim, whether in court proceedings or in an administrative or out-of-court procedure. This processing relies upon factors related to our legitimate interests in processing the data; or 
  • In connection with the compliance by us with a legal obligation that we are subject to, or in order to protect your, or our, vital interests, or the vital interests of another natural person. 

The purposes set out above will not apply to what is termed ‘special category personal information’. This includes personal information revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, or trade union membership, genetic and biometric data, and data concerning health, sex life or sexual orientation. We will only ever process information of that nature with your explicit consent. 

Who we share your data with 

Notwithstanding the fact that we will not share your personal data for marketing purposes, it may be necessary for us to share your personal data with others in order to perform our services for you, to comply with our contractual obligations to you, to comply with our legal or regulatory obligations to you, or to comply with any contractual, legal or regulatory obligations that we are subject to.  

When sharing your personal data, we will ensure at all times that those with whom it is shared process it in an appropriate manner and take all necessary measures in order to protect it. We will only ever allow others to handle your personal data if we are satisfied that the measures which they take to protect that personal data are satisfactory. 

Please be aware that, from time to time, we may be required to disclose your personal data to, and exchange information about you or relating to you with, government, law enforcement and regulatory bodies and agencies in order to comply with our own legal and regulatory obligations. 

Other than as set out above, we will not share your personal data with any other third party. 

How long we hold your data 

We will retain your personal data for only as long as it is necessary for the processing, or for purposes relating to or arising from the processing. 

Where your personal data is retained after we have finished providing our services to you, or where the contract with you has ended in any other way, this will generally be for one of the following reasons: 

  • so that we can respond to any questions, complaints or claims made by you or on your behalf; 
  • so that we are able to demonstrate that your matter was dealt with adequately and that you were treated fairly; or 
  • in order to comply with legal and regulatory requirements. 

Transferring your data out of the UK and the EEA 

From time to time, it may be necessary for us to transfer your personal data out of the UK and/or EEA where, for example, the sites of our data processors, or electronic services and resources are based outside the UK in countries that have not been assessed by the UK Secretary of State, or non-EEA countries that have not been assessed by the European Commission, as providing adequate protection. In such cases we will always take steps to ensure that, wherever possible, the transfer complies with data protection law, and that your personal data will be secure.  

How we keep data secure 

In order to ensure that your personal data is kept secure, and to prevent there being any breach of confidentiality, we have put in place security measures which are intended to prevent your personal data from being accidentally lost or used or accessed unlawfully.  

Access to your personal data is restricted to those with a need to access it, and regard will be had to the need for confidentiality when that personal data is processed. 

In the event that there is a suspected data security breach you will be notified. Where relevant we will also inform the appropriate regulator (including the Information Commissioner’s Office) of a suspected data security breach where we are legally required to do so. 

Our use of cookies 

Cookies are small text files that are placed on your computer, with your permission, in order to let websites do several important things, including remember what’s in your shopping basket and which pages you have visited. 

When you first visit our website we ask for your consent to use cookies. You can choose not to accept cookies, but please be aware that services you request may not be available. If you delete your cookies or clear your cache you may be asked to give your consent again. 

If you wish to revoke your consent to the use of cookies on this website you can either delete the cookies in your browsers memory or clear your cache. 

If this policy changes 

This policy was last updated on [ XX January 2024]. 

We may change this privacy policy from time to time and when we do so the updated privacy policy will be published here 

Your rights 

In certain circumstances, you have the right: 

  • To access and receive a copy of the personal data we hold about you. 
  • To rectify any personal data held about you that is inaccurate. 
  • To request restriction of processing of your personal data which enables you to ask us to suspend. the processing of your personal data in certain circumstances. 
  • To object to processing of your personal data in certain circumstances. 
  • To request the deletion of personal data held about you. 
  • You have the right to data portability for the information you provide to us. You can request to obtain a copy of your personal data in a commonly used electronic format so that you can manage and move it. 

Please note that we may ask you to verify your identity before responding to such requests. 

If you would like to exercise any of those rights, please: 

  • email, call or write to us or our Data Protection Manager — see below: ‘How to contact us’; and 
  • let us have enough information to identify you (eg your full name, address or project reference number) 

let us know what right you want to exercise and the information to which your request relates. 

Promotional Communications 

You may opt out of receiving information from us by email, telephone or post. If you wish to opt out, you can do so at the bottom of any formal CCMA email communications or please email info@ccma.org.uk. 

Concerns or complaints 

If you have any complaints about how we are collecting, storing or processing your data, please contact us on 0333 939 9964 or email info@ccma.org.uk. 

You may also complain to the ICO (Information Commissioners Office), the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. 

How to contact us 

Please contact us by post, email or telephone if you have any questions about this privacy policy or the information we hold about you. 

Our contact details can be found on the Contact Us page of our website and our Data Protection Manager’s contact details can be found at the top of this privacy policy.