IISS ("we", “us” or “our”) are committed to protecting and respecting your privacy.
This policy, together with our terms and conditions (http://www.iiss.org/en/terms-s--s-and-s-conditions) and any other documents referred to in it, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
By visiting or using our site (either www.iiss.org.uk and www.iissreview.org), providing your contact details or other personal data to us, registering to use our database, registering or subscribing for an event, information or services, making a purchase from us or via us or our site, or communicating with us (whether by phone, in person, or by electronic means) you are accepting and consenting to the practices described in this policy.
For the purpose of the GDPR and the Data Protection Act 1998 (the Act), the data controller is the International Institute for Strategic Studies (a private company limited by guarantee), with company number 00615259 whose registered address is Arundel House, 6 Temple Place, London, WC2R 2PG
Data Protection Principles
The IISS recognises that, as a Data Controller, it is directly responsible for compliance with all aspects of the GDPR, and that the IISS must demonstrate compliance with the GDPR principles.
The GDPR principles are:
- Information you give us.
- You may give us information about you, such as, your name, address, e-mail address and phone number, payment card information, personal description and photograph, professional affiliation and interests. This includes information you provide when you correspond with us by phone, e-mail, other electronic means or in writing, register to use our site, register for an IISS membership, request access to or view the IISS database, register for an event, search our site, subscribe to any of our services, purchase products or services from or via us, participate in discussion boards or other social media functions on our site, submit information or content to our site or to other users of our site, enter a competition, promotion or survey, submit job applications and when you report a problem with our site, events, products or other services.
- If you are making a purchase, we will use your payment card details, to process your purchase only, and such details are only provided to our payment provider (see here for more details). We do not store your payment card details, however, our payment provider may store your details if, for example, you pay for a subscription service. You can cancel this option at any time by logging in to your account [here], or contacting us [here].
- If you are enquiring about a job at IISS, then the information may also include your CV and other information about your qualifications, job history, and your right to work.
- If you use our social media features, then we may collect any personal data which you provide to us using those features in accordance with the policies for the applicable feature.
- Information we receive from other sources:
- We may receive information about you from our international offices where you have communicated with them, or asked them to contact us. For example, if you contacted our offices in Singapore regarding an event, then they may pass that to us. See here for more information on our international offices.
- We also work closely with third parties (for example, accommodation and other travel service providers, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them.
- Public Information - Information may be available about you publicly, for example in the media.
- We may also receive information about you from individuals (for example, where they communicate with you via our site, or where a relative uses your computer).
- If you are applying for a job at IISS, then we may receive information from your referees and former employers.
- Information we collect about you. We will use this information:
- to administer our site, the IISS database, and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to allow you to communicate with other users, or advertisers on our site;
- to make suggestions and recommendations to you and other users of our site about information that may interest you or them;
- to comply with any relevant legal obligations.
Disclosure of your information
We may share your personal information for the purposes stated above, with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
- Information we collect about you. With regard to each of your visits to our site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your site login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products services or issues you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Information about other people. If you provide information to us about any person other than yourself, such as your colleagues, personnel, relatives, your next of kin, your referees (if you are applying for a job), your clients, your advisers or your suppliers, you must ensure that they understand how their information will be used and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.
- Information from Clients 18 and Under. If you are aged 18 or under, you must obtain your parent or guardian's permission beforehand to use our site, any of our telephone services, and to purchase any of our services, and whenever you provide personal information to us. Users without this consent are not allowed to provide us with personal information.
- Sensitive Personal Data.
Unless we make it clear otherwise, our policy is not to ask for any sensitive personal data from you (that is information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offences). You may provide us with sensitive personal data when you communicate via our site or directly with us or any third parties we put you in contact with. We, and our outsourced service providers may, however, require certain sensitive personal data to provide our services to you, or to deal with your enquiries, for example if we are making special travel arrangements for you or if you attending an event, we may ask you for information on any dietary or accessibility requirements..
Uses made of the information
We use information held about you in the following ways:
- If you are enquiring about, registering for, or purchasing products, services or events from us or via us on behalf of our other offices or network of organisations, then we may disclose your information to the third parties for those purposes;
- If you ask us to make travel arrangements for you, we will share information about you with accommodation, airlines, and other travel services providers for that purpose;
- If you are attending one of our events, we may also provide your information to security organisations, such as the Singapore Police Force where they require advance visitor information to allow security checks in order to provide access to the secure conference facilities.
- Advisers, consultants and other professional experts, complainants, correspondents and enquirers, and suppliers and service providers of any of the above, and each of their associated businesses.
- Business partners, suppliers and sub-contractors only for the purposes of performance of any contract we enter into with them or you. For example, we use a website hosting provider who will have access to your information only for the purposes of managing and maintaining our site. We take reasonable steps to ensure that our staff protect your information, and are aware of their information security obligations. For example, all personal are vetted prior to employment and are required to sign the relevant company policies outlining their responsibilities with regard to personal data protection.
- Suppliers which advertise via our site, where you have indicated you wish to be contacted by such supplier.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
We may disclose your personal information to third parties:
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions (http://www.iiss.org/en/terms-s--s-and-s-conditions) and other agreements; or to protect the rights, property, or safety of IISS, our users, our customers, or others;
- If you are enquiring about a job, or making an application, then we may disclose your information to third parties such as your referees, or current and previous employers (if you ask us to contact them).
- For the purposes of crime prevention and fraud protection.
- Information you give to us. We will use this information:
- if you are registering for membership of IISS, to allocate you a membership number which we will use to identify you;
- if you wish to access the IISS database, to manage your access, and the access by authorised users within your organisation;
- if you are a member, to administer your membership;
- if you are a member, delegate or sponsor, to communicate with you about events conferences and other activities in which you have requested information;
- if you are a delegate of an event, to manage your registration for such event;
- if you are a supporter or sponsor of IISS, or an event or activity of IISS, to manage our interaction with you and your organisation, and your participation in the event or activity;
- to ensure that content from our site is presented in the most effective manner for you and for your computer;
- to provide you with our newsletter, and the information, products and services that you request (or have previously consented to) from us. You can unsubscribe from the mailing list at any time within the relevant email, or by emailing at or by contacting us at [email protected];
- to carry out our obligations arising from any contracts entered into between you and us, which may include transferring your information to other organisations, such as travel service providers (if you have registered for an event) or supplier (if you have purchased products or services from or via us);
- to facilitate any services which are provided to you by our international offices, or our network of organisations, or other business partners, where you have requested this. For example, if you have requested information on certain products, services or events, then we may put you in contact with the relevant office or business;
- to provide relevant information to suppliers, where you have indicated that you wish to be contacted by such suppliers (for example where you email, or call us, submit a request form, or click on a supplier’s advert);
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- to process your job application;
- to notify you about changes to our events, products, services or our site.
Where we store your personal data
The data that we collect from you is stored at our UK office and processed by third party data processers within the European Economic Area (“EEA”). However, from time to time, that data may be transferred to, accessible at, and stored at, a destination outside the European Economic Area ("EEA"), including by our international offices and members of our network which are based outside the UK. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting personal data, you agree to this transfer, storing or processing. For more information on where your data is stored, see here.
Where you have a username or password (or other identification information) which enables you to access certain services or parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
The GDPR provides the following rights for individuals:
• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling.
The IISS recognises that it processes data in respect of individuals and employees, and has a dedicated policy which details how the Institute is compliant with the GDPR and the data protection obligations it has in relation to the processing of individual and employee personal data, by the IISS and by any data processors with whom it works.
Specifically, you have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at the contact address set out below.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these sites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or the processing of your data by those sites. Please check these policies before you submit any personal data to these sites.
Access to information
GDPR and the Act gives you the right to access information held about you. Your right of access can be exercised in accordance with GDPR and the Act.