Think Privacy

Cafe Associates respects your privacy and is committed to protecting your personal data. This privacy notice will:

  • inform you as to how we look after your personal data when you visit our websites;
  • tell you about your privacy rights;
  • tell you how the law protects you.

Cafe Associates is the controller for the personal information we gather for the purpose of providing information and services. During engagements clients may share information with us  that they control and in such case we will be acting on behalf of that client. This will be handled in accordance with applicable service Terms & Conditions.

If you wish to contact us regarding privacy matters, please email operations@cafeassociates.co.uk

Personal data we collect

We collect data that you provide directly to us, through your interaction with Cafe Associates, how you use our website, and how our website performs. This may include personal data.

Personal data, or personal information, means any information related to an individual. It does not include data where the identity has been removed to make it anonymous, for example where we aggregate information for reporting purposes.

We may collect, use, store and transfer different categories of personal data which we have listed below:

  • Identity data – includes first name, last name, title and username.
  • Contact data -includes postal address, email address and telephone numbers.
  • Communication information – your communication preferences along with records of communications and interactions we have had with you
  • Transaction data -includes details about payments to and from you and other details of subscriptions and events you have purchased from us.
  • Event data – includes events booked by users including any guests, along with attendance at events
  • Technical data – includes your Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • User profile data – includes your affiliations, preferences, feedback and survey responses.
  • Usage data – information on how you use the website, using cookies and page tagging techniques
  • Email usage – how you access our emails. For example, whether you open them, and which links you click on

We do not collect or store any credit/debit card details in our database, these are processed by third-party payment service providers. To allow us to reconcile transactions, we hold an identifier generated by the payment provider.

This data can be viewed by authorised people at Café Associates, and trusted third parties to:

  • improve the site by monitoring how you use it e.g. pages you visit on the site and browser versions used
  • allow us to organise attendance at events such as training courses and webinars that we might run
  • gather feedback to improve our services
  • help us respond to your feedback, if you’ve asked us to
  • send email alerts or notifications to people who request them
  • allow you to access Café Associates services and make transactions

We collect the minimum data required in order to provide our services to our clients and people who view our website.

Information used for special events

Some events we organise such as training courses or seminars require us to handle additional information. This is typically in order to plan events and arrange accommodation such as classroom based training. Such additional information may include:

  • dietary requirements in order to provide refreshments during an event
  • information relating to access needs

If we request such information we will state the purpose and arrangements to securely handle this information on a case-by-case basis, typically in the event details or email communication.

How we use your personal data

We will only use your personal data when there is a legal basis to do so. Most commonly, we will use your personal data in the following circumstances:

  • where we need to perform the contract we are about to enter into or have entered into with you in order to provide services to our clients
  • where it is necessary for our legitimate interests as a business to provide information to our clients and wider community
  • where we need to comply with a legal or regulatory obligation
  • to understand the behaviour of visitors to the site as input to site design.

We use tools to ensure that our website meets the needs of people using it. To do so we process anonymised data to assess:

  • the number of visitors to different pages
  • the types of information being searched for via the sites search engine
  • to identify any anomalies in site usage.

Where we store your data

We use Bluehost to run this website and they in turn host it with industry standard data centres.  We use Microsoft 365 and Hubspot for our business applications, including email and collaboration tools.

Due to the nature of cloud hosting, these providers run applications in data centres that are in various locations subject to their operational considerations. Details of how they meet data protection obligations are provided in the Third Party section of this notice.

How we keep your data secure

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those people and third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

How long we use and retain personal data

We only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Third Parties that have access to personal data

In order to provide our services, we make use of the following third-party organisations as data processors.

Third Party Contact and data protection details
For our website we use WordPress & WooCommerce products hosted by Bluehost. Bluehost 1500 N Priest Drive, Suite 200, Tempe, AZ 85281

Details of how Bluehost handles person information are provided in their Data Processing Agreement
Hubspot provides our customer relations management system that we use to record contact information for our clients and other external parties inlcuding our Design Partners Hubspot (European HQ) Ground Floor, Two Dockland Central, Guild Street, Dublin 1

Details of how Hubspot hands personal information are provided in their Data Processing Agreement
Green-Box provides our website technical support and therefore has administrator access to our website and associated systems. Green Box Software Limited, 6 Polperro Close, Orpington, England, BR6 0WB
Eventbrite may be used for promoting events such as training and webinars and for selling tickets.

People booking events via this channel will provide their personal information to Eventbrite who will be data controller for the personal data entered this way. Cafe Associates will collate data for people who have booked events through Eventbrite in order to manage participation

 Eventbrite, Inc., Attn: 155 5th Street, Floor 7, San Francisco, CA 94103, USA

Details of how Eventbrite handles personal information are provided in their Privacy Policy 
Cafe Associates administrative email and collaboration tools are provided by Microsoft as part of their Microsoft 365 service.

Our collaboration platform is Microsoft Teams and we use this to host online meetings.

Please ensure that any information you send to our email addresses is managed securely and do not send sensitive personal information via unencrypted emails across the public internet. When participating in online meetings, be aware that your video and audio will be accessed by other people involved in the meeting. If a meeting is recorded, the host will ask permission to do so and explain how it may be used. For example a training seminar might be recorded and the material later shared with participants.

 Microsoft Ireland One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18

Details of how Microsoft handles personal information are provided on their  GDPR page

Disclosing your information

Café Associates does not share personal information with other organisations unless we have a legal obligation to do so or where we have your consent to do so, for example when arranging events.

Your rights

You can find out what information we hold about you if you have registered with us by reviewing your basic profile information in “My Details” or by submitting a data subject request. Similarly you may update your own details or change communication preferences, alternatively you may submit a request for us to do so on your behalf.

You also have the right to have data erased if it is no longer necessary for the purpose for which it was originally collected, or if there are no overriding legitimate grounds for the processing.

If you wish to submit a data subject request, please contact operations@cafeassociates.co.uk. Please provide information sufficient for us to authenticate you. For example contact us via an email address that is known to us. We may ask for further information to ensure we are are able to securely handle a data subject request.

Defining your preferences

Opting out of communication

You may change your communication preferences using the “My Details” form available from our home page. If you are subscribed to any email notifications, you can change your preferences or unsubscribe by clicking on the link at the bottom of the emails that you receive from us.

You may also request us to change how we communicate with you by contacting operations@cafeassociates.co.uk

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our websites may become inaccessible or not function properly. For example, you may be unable to login as a registered user or be unable to purchase products and services. If you prefer not to use our online services and wish to take up a product or service please contact Café directly.

Please refer to our Cookie Declaration to find out about the different types of cookies we use.

Links to other websites

This website contain links to other websites.

This privacy policy only applies to this website and does not cover other websites that we link to. Such services have their own terms and conditions and privacy policies. If you do go to another website from this one, we recommend that you read the privacy notice on that website to find out what it does with any information that you may enter.

Updates to this Privacy Notice

We may update this Privacy Notice from time to time in response to legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, which will be consistent with the significance of the changes we make.

You can see when this Privacy Notice was last updated by checking the table provided below.

Date Summary of Changes
15 June 2020 Privacy notice written for launch of Cafe Associates website and services
21 July 2020 Updated to detail website products, hosting and support arrangements