This website is operated by the Retail Motor Industry Federation Limited (00133095) (‘RMIF’), 201 Great Portland Street, London W1W 5AB (‘RMIF’).
This Privacy Policy also encompasses the following associated websites:
www.nfda-uk.co.uk
www.ukpra.co.uk
www.independentgarageassociation.co.uk
www.nbra.org.uk
www.nama-uk.co.uk
www.cnda.co.uk
www.rmitechnicalforum.co.uk
www.rmitechnical.com
www.vbra.co.uk
www.trustmygarage.co.uk
www.trusteddealers.co.uk
www.rmisc.co.uk
www.rmitrainingacademy.co.uk
www.promote.org.uk
www.apprenticeqa.co.uk
www.rmiwp.co.uk
www.nmda-bike.co.uk
www.drivemycareer.co.uk
We take your privacy very seriously and we ask that you read this Privacy Policy carefully as it contains important information on:
- The personal information we collect about you
- What we do with your information, and
- Who your information might be shared with and why
1. WHO WE ARE
The RMIF (‘we’ or ‘us’) is a ‘Data Controller’ registered with the Information Commissioner’s Office (Z5706542) for the purposes of the Data Protection Act 1998 (i.e. we are responsible for, and control the processing of, your personal information). The majority of processing is conducted at the following two offices:
- RMIF, 201 Great Portland Street, London, W1W 5AB
- RMIF, 2-3 Allerton Road, Rugby, CV23 0PA
1.2 Federated Associations and Departments
When a company becomes a Member of the RMIF, it is assigned to the federated Association most appropriate to its business activities to ensure that it receives the required specialist advice and assistance. From time to time, a Member’s business activities may change, which may result in their transfer to a more suited Association. In such an instance, this will be discussed with the Member, and when authorised by the Member, the transfer will be carried out by a simple data change on our secure Member Database.
Please see the following for details of the federated Associations and RMI divisions:
- Associate Membership
- Cherished Number Dealers Association (CNDA)
- Independent Garage Association (IGA)
- National Body Repair Association (NBRA)
- National Motorcycle Dealers Association (NMDA)
- National Franchised Dealers Association (NFDA)
- National Association of Motor Auctions (NAMA)
- Petrol Retailers Association (PRA)
- Vehicle Builders & Repairers Association (VBRA)
- RMI Training Academies – Southam and Runcorn
- Trust My Garage
- Trusted Dealers
- Drive My Career
- RMISC
- RMI Field Services
2. WHAT INFORMATION DO WE COLLECT?
2.1 Personal information provided by you
As a business and employer membership organisation, we may collect the following personal information about you when appropriate, including: when you register with us, become a Member or Subscriber, express an interest in or utilise any membership services including referrals to business partners or our service providers, or purchase products/services in connection with your business and trading activities:
- Company name and address
- Contact names
- Employee contact information i.e. email addresses, direct telephone numbers
- Social media account details
- Business information (including number of employees, types of business activities, turnover, site information etc)
- Employee/Member testimonials
- Photographs of businesses or individuals, for use on social media accounts, taken during scheduled audits/inspections
- From business cards provided to us for yourself or others within your business
- Photographs/videos of individuals/groups attending RMI or federated Association events, roadshows and workshops etc – in such scenarios, attendees will be made aware of a photographer’s presence. Any photographs or film taken will not be used out of context and will only be used for reporting that event and/or promoting similar future events. (Any individual has the right to request they not be included in any photographs or filming and/or that any such photographs/film taken of them not be used)
2.2 We also collect personal information when you:
- Contact us by telephone, through email or other written communication, submit an enquiry via the RMIF or federated association websites, and any other associated websites
- Send us feedback
- Post material including opinions and reviews to our website(s)
- Complete surveys or market research
- Participate in competitions
- When you consent to provide comment to be included in RMIF and federated association press releases
2.3 Personal information provided by third parties
Occasionally we may receive information about you from other sources (such as our industry partners, our legal, technical and other helplines), which we may add to the information we already hold about you in order to help us provide appropriate services to you and fulfil our obligations to you under your Membership or Subscription. We will always seek your permission to contact these people for your information.
2.4 Personal information about other individuals
If you give us information on behalf of someone else (see examples under 2.1), you must confirm that the other person has appointed you to act on their behalf and they have agreed that you can:
- Give consent on their behalf to the processing of their personal data
- Receive on their behalf any data protection notices
- Give consent to the transfer of their personal data abroad; and
- Give consent to the processing of their sensitive personal data
You will need to be able to provide us with proof of this consent and instruction and the RMIF holds the right to ask you for this proof before performing the specific task.
2.5 Sensitive personal information
We may ask you to provide sensitive personal information (‘special category’ information), for example where you require us to provide advice and assistance. If we request such information, we will explain why we are requesting it and how we intend to use it.
Sensitive personal information includes information relating to your:
- Ethnic origin
- Political opinions
- Religious beliefs
- Whether you belong to a trade union
- Physical or mental health or condition
- Sexual life or gender identity and
- Whether you have committed a criminal offence
We will only collect your sensitive personal information with your explicit consent and only where it is absolutely necessary.
2.6 Visitors to our websites
When someone visits www.rmif.co.uk (or one of our federated Association/organisation websites) we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will tell you. We will make it clear when we collect personal information and will explain what we intend to do with it.
3. MONITORING AND RECORDING COMMUNICATIONS?
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance. If telephone calls are recorded, the caller will be notified at the start of the call. The RMI may monitor, at any time, email traffic and content for the purposes of security and staff training.
4. HOW WILL WE USE THIS INFORMATION ABOUT YOU?
We collect information about you so that we can:
- Identify you and manage any accounts you hold with us
- Process your enquiries
- Provide advice and assistance through our legal, technical and other helplines
- Conduct research and statistical analysis
- Contact you by telephone to ensure you are aware of the services and benefits available to you thereby ensuring you receive value for your subscription
- Carry out Member/business profiling and analyse your membership service usage
- Let you know about other products or services that may be of interest to you—see ‘Communication’ section below
- Detect and prevent fraud
- Verify your identity and carry out business health and anti-fraud checks
- Monitor your use of our Websites and any response to communication campaigns
- Information provided during telephone enquiries may be recorded, where appropriate, on our secure Member Database, to assist our provision of services to you
5. COMMUNICATION
The RMIF is a membership organisation created to represent the best interests of its members and to disseminate information. As an integral part of your membership/subscription, we will provide you with information by post, email and telephone to:
- Keep you up to date on industry matters and news, through bulletins/newsletters and other e-mail and postal communications
- Seek your opinion on Government issues and lobbying we carry out on your behalf
- Invite you to participate in surveys or other research specific to your sector
- Invite you to relevant regional meetings and workshops
- Inform you of available training relevant to your business, including on-site training and courses carried out by the RMI academies
- Contact you by telephone periodically to ensure you are receiving the most benefit from your membership
- Provide you with details of our business partners’ products and services that might be of use to your busi-ness – we will never pass your details to any business partner/third party unless you specifically ask us to
- Ensure that you are kept up to date with the latest member services and benefits available to you
We consider our lawful basis for communication between the RMIF (and its Federated Associations and other internal departments and organisations) and its Members, to be that of “Legitimate Interest” for GDPR/Data Protection purposes.
However, you can choose not to receive any of these types of communications – see Section 9 of this policy – with the exception of those required in order for us to fulfil our contractual obligations to you. Please bear in mind that should you choose to opt out of any communications, you may miss information and important news, and of course details of membership services which could be of significant benefit to your business.
We may, where appropriate, contact you with details of relevant, and association specific, supplier and business partner products – we will never pass your details to any third party for commercial or marketing purposes unless you have specifically requested that we do so. Similarly, we will only pass your details to a business partner/service provider at your specific request.
6. RMIF TRAINING ACADEMIES
The RMIF operates a number of training academies, from which a variety of training courses are available to both Members of the RMIF, and non-members.
The RMIF will notify members of any upcoming courses which may be of relevance to their business. Such communications may be by post, email or telephone. An individual can request that they be removed from such communications at any time – see Section 9 of this policy.
6.1 The information we collect
In order to be able to provide the requested training and certification for delegates, it is necessary for us to collect certain information, which may be provided by the employer company or the delegate themselves. Some of this information is required to verify eligibility for MOT training and the requirements can be found at www.gov.uk/become-an-mot-tester/eligibility.
- Contact names (of both employer company and delegate(s))
- Email addresses (of both employer company and delegate(s))
- Telephone numbers, which may include mobile telephone numbers
- Home and work addresses
- Driving Licence Information
- Criminal conviction details
- Date of birth
- Equality information
- Disability information including learning disabilities
- Special dietary requirements
- Work history
- Payment details (processed in line with RMIF Credit/Debit Card Processing Policy)
- Qualification certificate details
6.2 How we use your data/information
Information, including all Personal Data, will be held in the strictest confidence and will not be divulged to any third party for commercial/marketing purposes.
Relevant data provided will be recorded on our secure database and will only be used for legitimate purposes in order to: identify you and manage any courses you are completing with us; process payments appropriate to the training course(s); provide the appropriate support for the training and respond to your enquiries and queries; and to provide the relevant qualification and certification.
6.3 Who your data/information is shared with
In order to be able to provide the training, qualifications and certification – particularly in respect of regulated qualifications, it may be necessary to share some of your personal data with external parties, including awarding bodies such as the IMI and ABC, specifically in relation to assessment paperwork and certification. For a full list of all third parties who have access to any data through the RMIF, its federated associations and divisions such as the RMI Academies, please click here.
6.4 How long your information is kept for
We retain data in accordance with the requirements of the awarding bodies referred to in 6.3 above (who may change from time to time – please check this policy periodically to be kept up to date with any changes). As of February 2018 these are:
- IMI 5 Years
- ABC Awards 3 Years
All information/data collected or processed through the RMI Academies is handled in accordance with this RMIF Privacy Policy.
7. WHO YOUR INFORMATION MIGHT BE SHARED WITH
We may disclose your personal data with your permission to:
- Other companies within our group, where appropriate (RMISC, Trusted Dealers, Trust My Garage, Big Oil, Drive My Career)
- Our agents and service providers – for details of our current agents and service providers click here. Please note this list also includes service providers specific to RMIF and association staff and employees, who have no access to Member/customer information
- Law enforcement agencies in connection with any investigation to help prevent unlawful activity
- Our business partners in accordance with the Communication section above
8. KEEPING YOUR DATA SECURED
We will use technical and organisational measures to safeguard your personal data, for example:
- Access to website “Members Only” or other online Membership accounts is controlled by a password and user name that are unique to you or your business
- Where your business is shown online, we minimise and limit the personal data collected or transferred
- We store your personal data on secure servers; and
- Enforce strict and stringent policies and practices in relation to taking and processing card payments for Membership or Subscriptions in line with the PCI DSS (Payment Card Industry Data Security Standard)
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How can you contact us?’ below).
8.1 What can you do to keep your information safe?
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
9. WHAT RIGHTS DO YOU HAVE?
9.1 Right to request a copy of your information
You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or all of this information, please:
- Email, call or write to us (see ‘How can you contact us?’ – see section 10 below)
- Click here to download request form
- Let us have appropriate proof of your identity and address (eg a copy of your driving licence or passport and a recent utility or credit card bill; or written authorisation on company letterhead etc), and
- Let us know the information you want a copy of, including any account or reference numbers, if you have them
There is no charge for such requests, unless the request is deemed “manifestly unfounded or excessive, in particular because they are repetitive”, in which case we may charge a reasonable fee taking into account the administrative costs of providing the information, or may refuse to respond.
Subject access requests will be fulfilled within one calendar month of receiving the request, or receiving any additional information required to be able to fulfil the request. Should there be any legitimate or permissible delay (under the General Data Protection Regulation), you will be notified and kept informed of expected timeframes for delivery.
The information will be provided in a format appropriate to the request and the data held, i.e. electronically or hard copy.
9.2 Right to correct any mistakes in your information
You can require us to correct any mistakes in your information which we hold, free of charge. This will be completed within one calendar month. If you would like to do this, please:
- Email, call or write to us (see ‘How can you contact us?’ – see section 10 below)
- Let us have enough information to identify you (e.g. account number, user name, registration details), and
- Let us know the information that is incorrect and what it should be replaced with
9.3 Right to ask us to stop contacting you
You can ask us to stop including you in Member or other communications. However, this would not apply where the communication is required for contractual purposes eg annual subscription renewals.
If you would like to opt out of any Member communications, please:
- Email, call or write to us (see ‘How can you contact us?’ – see section 10 below). It may take up to 10 working days for this to take place
- Let us have appropriate proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill or written authorisation on company letterhead; etc), and
- Let us know what method of contact you are not happy with if you are unhappy with only certain ways of contacting you (for example, you may be happy for us to contact you by email but not by telephone)
9.4 Right to be forgotten (the Right to Erasure)
Individuals have a right to have personal data erased and to prevent processing in specific circumstances.
The right to erasure does not provide an absolute “right to be forgotten”.
10. HOW TO CONTACT US
Please contact us if you have any questions about this Privacy Policy or the information we hold about you.
If you wish to contact us, please send an email to dpm@rmif.co.uk or write to the Data Protection Manager, RMIF, 2-3 Allerton Road, Rugby, CV23 0PA, or call on 0207 307 3580.
11. CHANGES TO THE PRIVACY POLICY
We may change this Privacy Policy from time to time. You should check this policy periodically to ensure you are aware of the most recent version.
12. DO YOU NEED EXTRA HELP?
If you would like this policy in another format (for example: audio, large print, braille) please contact us (see ‘How can you contact us?’ above).