The Journal for Executive and Governance Leaders

Privacy Policy

The Confederation of School Trusts (CST), the holding company has two subsidiary companies – National Teacher Accreditation (NTA) and CST Professional Development Ltd – which are also covered under this policy and will be referred to collectively throughout this policy as CST.

The Confederation of School Trusts (CST) is committed to protecting and respecting your privacy. For the purposes of the General Data Protection Regulations (GDPR) and any subsequent UK legislation covering data protection, the Data Controller is CST.

This Policy sets out why we collect personal information about individuals and how we use that information. It explains the legal basis for this and the rights you have over the way your information is used.

This Policy covers CST in relation to the collection and use of the information you give us. We may change this Policy from time to time. If we make any significant changes we will advertise this on the website or contact you directly with the information. Please check this page occasionally to make sure you are happy with any changes.

If you have any questions about this Policy or concerning your personal information please contact the CST office on 0115 917 0142 or by email at [email protected] or by post to CST, George Spencer Academy, Arthur Mee Road, Stapleford, Nottingham NG9 7EW

What type of personal information we collect

The type and amount of information we collect depends on why you are providing it.

The information we collect when you make an enquiry to CST includes your name, trust name/school, telephone number and email address.

If you are applying to be a member of CST, we will ask for details of your trust/school which will include the name of your MAT/group/school and the name of your Accountable Officer. We will also ask for details about your Trust/school and which type of membership you wish to apply for. We then ask for details of the leadership person, the Governance Leader and the Chief Financial Officer or equivalent applying to be part of the membership – this includes job title, title, name and email address and whether they are Leaders of Education or Governance.

If you are registering with NTA, we will ask for details of your school/trust which could include the name of your school and/or MAT/group, the name of the CEO/Headteacher/Induction Co-ordinator, the postal address, telephone number, email address and web address. We will ask for details about your school including type (e.g. secondary), status (e.g. academy), and your school DfE number.

If you sign up for an event, in addition to asking for the name, telephone number, email address and role/position of the person making the booking, we also ask for the school name and group or trust name if applicable. We then ask for the title, name, position and email address of each of the attendees being booked onto the event.

For any payment, we will keep copies of your bank details if we need to make regular payments to you – for example refunding travel expenses, doing consultancy work.

If you are a job applicant the information you are asked to provide is as set out in the application and necessary for the purposes of our considering the application.

How we collect information

We may collect information from you whenever you contact us or have any involvement with us for example when you:

Where we collect information from

We collect information:

  1. From you when you give it to us directly: You may provide your details when you ask us for information, join or register with us, attend our events or contact us for any other reason. Your information may be collected by an organisation we are working in partnership with but we are still responsible for your information.
  2. When you have given other organisations or individuals permission to share it: Your information may be provided to us by other organisations if you have given them your permission. This might for example be a charity working with us or might be when you buy a product or service from a third party organisation. The information we receive from other organisations depends on your settings or the option responses you have given them.
  3. When you use our website: When you use our website information about you is recorded and stored. See the information about the use of cookies under that heading below.
  4. When it is available on social media: Depending on your settings or the privacy policies applying for social media and messaging services you use, like Facebook, Instagram or Twitter, you might give us permission to access information from those accounts or services.

How we use your information

We will use your personal information in a number of ways which reflect the legal basis applying to processing of your data. These may include:

Our legal basis for processing your information

The use of your information for the purposes set out above is lawful because one or more of the following applies:

If you want to contact us about your marketing preferences please contact [email protected] or call on 0115 917 0142.

How we keep your information safe

We understand the importance of security of your personal information and take appropriate steps to safeguard it.

All electronic data is password protected and therefore stored securely. Our ICT Policy can be read here

We always ensure only authorised persons have access to your information, which means only our staff, trustees and contractors, and that everyone who has access is appropriately trained to manage your information.

No data transmission over the internet can however be guaranteed to be 100% secure. So while we strive to safeguard your information, we cannot guarantee the security of any information you provide online and you do this at your own risk.

Who has access to your information?

CST Professional Development are the commercial trading company for CST. They arrange all seminars, training and conferences and liaise with our commercial partners.

Third parties who provide services for us, for example, our accountants who process all payments to and from ourselves and our subsidiaries (Howard Wilson); the company who provide our website (ZEST) and CRM services (Rubiqa) and the company who provide our IT services (Advanced IT). We select our third party service providers with care. We provide these third parties with the information that is necessary to provide the service and we will have an agreement in place that requires them to operate with the same care over data protection as we do.

Third parties if we run an event in conjunction with them. We will let you know how your data is used when you register for any event.Analytics and search engine providers that help us to improve our website and its use.

Third parties in connection with restructuring or reorganisation of our operations, for example if we merge with another charity. In such event we will take steps to ensure your privacy rights will be protected by the third party.
We may also disclose your personal information if we are required to do so under any legal obligation and may use external data for the purposes of fraud prevention and credit risk reduction, or where doing so would not infringe your rights, but is necessary and in the public interest.

Other than this, we will not share your information with other organisations without your consent.

Keeping your information up to date

We really appreciate it if you let us know if your contact details change. You can do so by contacting us at [email protected]

Our use of “cookies”

“Cookies” are small pieces of information sent by a web server to a web browser, which enable the server to collect information from the browser. They are stored on your hard drive to allow our website to recognise you when you visit. Our website uses one cookie (called “PHPSESSID”), which is a necessary part of the functionality behind the Members section.

We also use Google Analytics for tracking aggregated website metrics and Google use a number of their own cookies too. Please read our cookies policy here.

How long we keep your information for

We will hold your personal information for as long as it is necessary for the relevant activity. Please see our Records Retention Policy here.

Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for three years. We may periodically ask you to renew your consent.

If you ask us to stop contacting you with marketing or fundraising materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.

Your rights

You have the right to request details of the processing activities that we carry out with your personal information through making a Subject Access Request. Such requests have to be made in writing. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request contact us at [email protected]

You also have the following rights:

All of these rights are subject to certain safeguards and limits or exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact the Executive Officer at the above address.

If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here.

Changes to this Privacy Policy

This Policy may be changed from time to time and we will advertise this on our website. If we make any significant changes we will contact you directly with the information.

Do please check this Policy each time you consider giving your personal information to us.