Privacy policy
We are committed to letting you know what data we collect, why we collect it, and what we do with it. If you have any questions about how we use your personal information or comply with data protection legislation, please contact us.
On this page:
- Our principles regarding user privacy and data protection
- Personal information
- About this website's server
- Our third-party data processors
- Other websites
- Website data breaches
- Requesting your personal data
- Relevant legislation
- Data controller
- Changes to our privacy policy
1.0 Our principles regarding user privacy and data protection
- We believe user privacy and data protection are human rights
- We take protecting your privacy seriously, and we recognise we have a duty of care to the people whose data we hold
- We will only collect and process data when it is absolutely necessary, and when we do, we will make it clear why we are doing so and how it will be used
- We will not share your personal information with anyone else without your permission
2.0 Personal information
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We are not collecting any personal data through this website.
This website collects and uses information in the following ways, for the reasons specified:
2.1 Cookies and tracking site visitors
Like most websites, this site makes use of cookies, which are small amounts of textual data that are stored on the device (computer, mobile phone, tablet etc.) that you use to access our website. This data is used to enhance your experience of this site.
Cookies may be set and accessed by third-party data processors, including Google Analytics (GA, privacy policy). We use this data to monitor how many people are using our site and to better understand how they use it, in order to improve the experience we provide. Although GA records information such as your geographical location, device, internet browser and operating system, none of this data personally identifies you to us.
On your first visit to our site you will be asked whether to accept cookies on your device, and given a clear option not to. If you choose not to, we will not track you in any way.
Disabling cookies on your internet browser will stop this site from tracking any part of your visit to this website. Further information on how to enable and disable cookies is available from www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to do this. However, some of our website features may not function correctly as a result.
2.2 Uses made of information
We use information:
- As part of our efforts to keep our website safe and secure
- To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and research purposes
- To personalise and optimise your experiences as part of our provision of the service, and
- To ensure that content from our website is presented in the most effective manner for you and for your computer. This involves conducting data and system analytics to develop and improve our service.
2.3 Contact forms and email links
Should you complete a contact form on our site, none of the data that you supply will be stored by this website or passed to/be processed by any third-party data processors.
2.4 Email newsletter
We use third-party data processor Mailchimp to provide us with email marketing services, so if you subscribe to our email newsletter, the email address and associated information that you submit to us will be forwarded to Mailchimp. You can read Mailchimp’s privacy policy in Section 4.0.
We embed invisible gifs, also known as web beacons, in our HTML-based email newsletters. This is the industry standard for email tracking and allows us to see which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of our newsletters.
Because it relies on a hidden graphic you can block any tracking by turning off automatic images loading in your email. Alternatively, you can use the update preference link at the bottom of any of our emails and choose plain text as your preferred email format.
Your details will remain within Mailchimp’s database for as long as we continue to use Mailchimp’s services for email marketing or until you specifically request removal from the list. You can do this by using the unsubscribe links contained in any email newsletters that we send you.
3.0 About this website’s server
This website is managed by the International Institute for Environment and Development (IIED) and hosted by Vohm, within a data centre located in the United Kingdom.
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
4.0 Our third-party data processors
We use a number of third-party service providers who process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in Section 8.0.
5.0 Other websites
This website contains many links to and from other websites. If you follow a link to any of these websites, please note that they will have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
5.1 Community and social networks
IIED, the manager of this site, is a member of several third-party community and social networks. It manages a presence on their platforms and this website contains links to these networks. These companies process personal data, and you should check their privacy policies before sharing personal information:
- Facebook (Privacy policy)
- LinkedIn (Privacy policy)
- YouTube (Privacy policy)
- Flickr (Privacy policy)
6.0 Website data breaches
In the event of an unlawful data breach of this website’s database or the database(s) of any of our third-party data processors, it will be assessed and if appropriate reported to any and all affected persons and relevant authorities without undue delay, and if feasible, within 72 hours of the discovery of the breach.
7.0 Requesting your personal data
Individuals have the right to the personal data that an organisation such as IIED holds on them. You can request your personal data by making a subject access request.
There is no fee for making a subject access request. This should be done by completing a form to provide IIED with the necessary information needed to deal with your request.
The right of access extends to all information held on an individual, and includes staff files, databases, interview notes and emails referring to the individual.
However, there are a number of exemptions which effectively allow personal data to be withheld. To consider and apply an exemption will be dependent on the purpose for which the personal data is being processed, and will be considered and undertaken on a case-by-case basis. There is more detailed guidance on exemptions available from the Information Commissioner's Office.
The data controller (see section 9.0) is required to communicate to the data subject the information it holds in an intelligible form within 1 month or up to 2 months if the request is complex. This timeframe starts from the date that the data controller receives the request, and when the data subject has provided sufficient information for the data controller to locate the requested information.
8.0 Relevant legislation
This website is designed to comply with the following national and international legislation with regard to data protection and user privacy:
- Privacy and Electronic Communications Regulations (PECR) 2003
- EU General Data Protection Regulation 2016 (GDPR)
- Data Protection Act 2018
This site’s and IIED’s compliance with the above legislation, all of which are stringent in nature, means that this site and the institute are likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
If you are unsure about whether this site is compliant with your own country of residence’s specific data protection and user privacy legislation, you can contact IIED’s data protection leads (details of whom can be found in section 9.0) for clarification.
9.0 Data controllers
The data controller of this website is:
The International Institute for Environment and Development (IIED): an independent charity registered in England (charity number 800066) and in Scotland (OSCR number SC039864).
IIED’s registered office is 44 Southampton Buildings, London WC2A 1AP.
IIED data protection lead: Catherine Baker | Tel: +44 20 3463 7399 | Email: data-protection@iied.org
10.0 Changes to our privacy policy
This privacy policy may change from time to time in line with legislation or industry developments. Any changes we make will be posted on this page, and specific policy changes and updates will be mentioned in a change log below.
10.1 How to contact us
Questions, comments and requests regarding how we use information or comply with data protection legislation, please complete the contact form.