IPMA-SA Privacy Statement
We do our best to protect and respect your personal data. This statement explains how we collect that data, why we use it and how we keep it safe.
Who are we?
International Project Management Association - South Africa NPC (IPMA-SA) is a Non-Profit Company (Reg. No. 1998 / 018799 / 08).
Address of registered office: 1028 Hyde Avenue, Eldoraigne, Centurion, Gauteng, 0149. For general queries, contact us via the contact form. IPMA-SA is a Data Controller.
How do we collect your information?
We obtain information about you when you contact us. For example, when you register for our event (onsite / online), when you become a member, when you do certifications when you use our website form, and when you participate in our surveys.
On occasion, we may collect limited information about you indirectly, for example where a colleague has made an event delegate booking on your behalf.
What types of information do we hold?
The information we collect might include your name, address, email address and phone numbers. Depending on the relationship you have with IPMA-SA and any products or services you sign up for, you may be asked to provide further personal data. For example, when applying for certification or Awards, IPMA-SA will ask your detailed information about your professional achievements in order for us to assess your application.
On occasion, you may provide additional personal data, for example, biographic information for the purpose of publishing or if you are a speaker or host in our event. Where this occurs IPMA-SA will process this data on the basis of your consent.
We will store information on the products and services you hold or have shown an interest in. For example, if you are in one of our volunteer groups, your grade of membership, the events you have attended, your renewal dates, your membership applications and your communication preferences.
If you pay us by direct debit we will store your account details securely.
We will record the equal opportunities data you give us such as your age and ethnicity. We process this data on the basis of consent for the purpose of providing insight into the diversity of IPMA-SA’s membership and in the interests of promoting the interests of the project management profession. This is held securely and only used to give statistics to help plan our services.
When joining an IPMA-SA volunteer group your data may be processed by other IPMA-SA members/volunteers for the purposes of administering the membership group.
Photos and recordings
At our events, we may be filming or taking photos that may be shared online in news articles, on our website or on social media. This is for promotional purposes, and we will rely on Legitimate Interest for this. We will notify you before the event if there is a photographer present. Before posting or distributing material, we will always ensure that the images and videos are appropriate and do not offend or cause humiliation or similar harm to anyone.
Why do we collect your information?
We only use your information in accordance with the law. This gives us various powers to use your data. These are effectively the reasons for our processing and are:
to perform or take steps to enter a contract with you;
for the purposes of our legitimate interests. This includes being able to send you marketing or if you would like to apply formal role at IPMA-SA;
compliance with a legal obligation;
if you consent for us to do so.
Collecting and using your data will mean we are able to manage your membership, process any orders or requests you have and provide you with relevant and topical information relating to your interests, including events and publications. We may also ask for your views on our services and matters relating to the profession, for research purposes.
We will send you marketing information in relation to IPMA-SA’s products and services on the basis of our legitimate interests. IPMA-SA reserves the right to send all members a monthly membership letter. A recurring membership letter will be sent to all members on a regular basis until the date membership ceases. This is to ensure that our entire community has the same access to the latest news and information.
You can opt not to receive any other marketing information from us at any time by using the unsubscribe link within any other marketing communication.
Data protection applies to personal data held about individuals. It does not always cover ‘business to business’ contacts or information. However, we will also do our best to secure and protect the contact details of our corporate contacts.
Who has access to your information?
IPMA-SA will share personal data with third-party training providers as necessary for the administration of training and examinations. In addition, data is shared with appointed examiners and/or assessors for the purpose of assessment, and in order to maintain records of your qualifications. The staff and contractors of IPMA-SA will have controlled access to your information to enable us to provide you with membership services. If you choose to become involved with one of our volunteer groups, then data will be shared with volunteers running these services, for the purpose of offering you those services.
We will not sell or rent your information to third parties.
We will not share your information with third parties for them to market to you. We may pass your information to our third-party service providers, subcontractors, and other associated organisations to provide services on our behalf (for example digital qualification badges, Professional Congress Organizer).
However, when we use third parties, we disclose only the personal information that is necessary to deliver the service and we require them to keep your information secure and not to use it for other purposes. Third-party service providers will delete all personal data when no longer required to perform services.
Customers wishing to access the benefits associated with being employed by a corporate partner can do so by agreeing that their name and their access to those benefits are shared with that corporate partner.
In some instances, we use third-party payment providers to process payments such as Sage, whom we use to process your Direct Debit payments. More information on how Sage processes your personal data, and your data protection rights, including your right to object, is available here.
Legal rights over your information
You have various legal rights over your information which we will always respect. These rights include the right to access a copy of the data we hold about you, and to ask us to rectify or erase the data. You also have the right to data portability, you can ask us to restrict the processing of your data, or you can raise an objection to the processing. Where processing is based on your consent then you have the right to withdraw that consent.
If you wish to invoke any of these rights in regard to your data, then please contact us via the contact form. Should you exercise your right by making a verbal request, then we recommend that you follow this up in writing to provide a clear trail of correspondence and evidence of your actions. If you are unhappy with the way in which your personal data is handled by IPMA-SA then you also have the right to make a complaint to IPMA-SA.
Retention of your data
We will retain your personal data for no longer than is necessary in order to comply with our legal and membership obligations, noting that this may extend beyond your actual relationship with us. Following the end of your relationship with us, we will restrict the processing of your data to those purposes which form a legal obligation for us, such as financial reporting.
How do we protect your data?
We take several steps to protect your data. This includes IT security. All staff receive data protection training and our premises are secured. We have contracts with providers requiring them to protect your information. IPMA-SA uses contracted services outside of Africa. When doing so, IPMA-SA ensures the relevant data protection is in place to ensure adequate security of your personal data.
Links to other websites
Our website contains links to websites run by other organisations. This statement applies only to our website, and we are not responsible for the policies and practices of other sites.
16 or under?
We particularly wish to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission before you provide us with personal information.
Review of this statement
We keep this statement under review as part of our overall Data Protection Policy. It was last updated in February 2023.