AIC General Data Protection Regulations (GDPR) Privacy Notice

1. What personal information do we collect/hold?
   a. Your name, job title and employer’s name
   b. Business contact details, including address, email address and telephone number. Home contact details may be collected if you offer this as an alternative or work from home.
   c. Educational qualifications and photographs are collected for Feed Adviser Register (FAR) registrations

2. How is it collected? (especially if assumed or obtained by electronic means)
   a. Your information is collected either directly from you, or may be sent to us by one of your business colleagues to register your details on your behalf.
   b. Your activity on the AIC website may also be monitored and information used to help tailor your services/ information preferences.

3. What is the lawful basis for collecting this information?
   a. To ensure we ‘fulfil our contract’ with you as an AIC Stakeholder, Member or Trade Assurance scheme participant.
   b. For certain legitimate business purposes, e.g. where the processing enables us to enhance, modify, personalise or otherwise improve your services / communications.

4. Who might we share your information with?
   a. Your information will not be shared with any outside party unless it is specifically to provide a service authorised by AIC.
   b. Certification bodies administer Trade Assurance schemes for AIC. They will therefore collect, store and process your personal and company contact details for this purpose only.
   c. All third parties sign a written contract with AIC specifying your information will not be used for unauthorised direct marketing purposes and that your information will be stored securely and processed in accordance with GDPR.

5. How is your information used?
   a. Your information will only be used to provide services and support associated with your AIC contract, Membership, FAR or Trade Assurance scheme participation and other legitimate business purposes.

6. How long do we keep hold of your information?
   a. Your information will be stored for as long is required to fulfil our contract with you. Once this contract has ceased and there is no legal requirement to retain it, all identifiable information will be deleted and only basic non- indefinable information retained for statistical purposes.

7. How secure is your data?
   a. At AIC we take the safety and security of your data very seriously and we are committed to protecting your personal and sensitive information. All information kept by us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
   b. Once we have received your information, we will use our strict procedures and security processes to try to ensure unauthorised access does not occur.
   c. If data is processed by third-party providers, we will have obtained surety from them about the security of any data they process on our behalf.

8. How to access the information we hold about you and your right to withdraw/amend information.
   a. Your information is collected, retained and processed under the legitimate business interest reason enabling us to provide our services to you. You have the right to ask us not to process your personal data where it is processed on the basis of legitimate interests provided that there are no compelling reasons for that processing.
   b. Please use the details below to contact us if you wish to withdraw from any AIC mailing list, correct any inaccuracies in the information that we hold, or prefer not to receive further contact from AIC.
   c. You may also request to receive a copy of the information we hold on you. Please allow 30 days following receipt of your request for this information to be sent.
   d. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time. The ICO’s contact details are available here: https://ico.org.uk/concerns/.