Privacy Statement

The website has three purposes:

1.    To provide information about the services offered by IASME.

2.    To allow businesses to place enquiries about services.

3.    To allow businesses to register for the certification schemes.

The data we collect will be different in each of the situations.

All uses of the website

We employ cookie technology to help log visitors to our website. You will have been informed about these when you first accessed the site.  You will have been asked to consent to the use of non-essential Cookies.

We collect anonymous statistics which allow us to identify the use of the website.  This information is used to inform us on how we can optimise the environment.

Viewing Services

In this situation, other than Cookie and anonymous analytics, we do not collect any information.

Making an Enquiry

If you make an enquiry we record your name, company, contact number, and email.  This will only be used for the purposes of responding to your question.  Details will be deleted after 18 months.

Visitors have the option to subscribe to the IASME newsletter.  The data entered will be used only for the purposed of this communication.  The information will be held in our transactional email system, which is hosted in the EU.

Registering for Assessments

When registering for an assessment we collect:

·      Name

·      Job title

·      Company

·      Country/region

·      VAT Number (if applicable)

·      Business Address

·      Email Address

·      Phone Number

All of this information is required to process the application.  We do not hold credit card details.  The data you provide at this point is shared with:

·      Our assessment platform used to record the assessment.  This is managed and hosted in the UK.

·      If you take up the cyber insurance offer, your business details will be passed to the insurance broker in order to set up your policy.

This data is retained for 18 months, when it is anonymised and used for statistical analysis.  IASME will use the information to contact you to remind you to renew your certification.

At the end of a successful assessment, the business will be asked if they wish to have congratulations sent out on social media.  If the business consents, the company name will be used in the messages.

If at any point you want to question the use of your data or invoke your rights under the Data Protection Act 2018, please email: [email protected] please use the subject ‘Data Protection Enquiry’.