Legal Information

Last revised on 8th May 2018, effective as of 25th May, 2018

This website is owned and controlled by the IoP. The information and data on this website is subject to revision without notice and IoP may revise this Disclaimer at any time by updating this notice. All material included in our website is intended for information purposes only and does not represent legal advice. Users should take appropriate steps to verify such information. No user should act or refrain from acting on the information contained in this website without first verifying the information and as necessary obtaining legal and/or professional advice.

By using our site, you are agreeing to comply and be bound by all terms and conditions herein. Please review the following terms carefully. If you do not agree to these terms, you should not use this site.

This Agreement is a legal document which sets out your rights and obligations, and those of IoP, a IoP whose Registered Number is 04919219 in relation to the IoP website (the “Site”, “Website” or “Service”) and the services offered by IoP through it.

The IoP is registered as a data controller at the UK Information Commissioner’s Office under number Z1496346.

Acceptance of Agreement

You agree to the terms and conditions outlined in this Terms of use Agreement.

We reserve the right to update or revise these Terms without giving you any notice. Please check the Terms periodically for changes. Your continued use of our Website following the posting of any changes to the Terms constitutes acceptance of those changes. Our Terms will be kept up to date at https://theiop.org/legal-information

Copyright

IoP alone shall own all right, title and interest, including all related intellectual property rights, in and to our technology, the content and the service. The IoP name, the IoP logo, and the product names associated with IoP are trademarks of IoP or third parties, and rights granted to use them are with express permission of IoP. The copying, redistribution, use or publication by you of any such matters or any part of the IoP website is strictly prohibited. You do not acquire ownership rights to any content, document or other materials viewed on the IoP website. Any posting of information or materials on the IoP website does not constitute a waiver of any right in such information and materials. The content on the website is the copyrighted work of IoP or third parties.

In the normal course of browsing through the website IoP agree to your printing or downloading to a standalone personal computer, extracts for personal use provided both the IoP is the acknowledged source, including the reference www.theiop.org and that IoP may revoke this permission at any time. Any unauthorised use of material is prohibited. Information contained in the members area is for members use only and should not be copied or distributed to third parties.

Privacy Policy

Privacy and security policies may be viewed on the IoP website. We reserve the right to modify our privacy and security policies at our reasonable discretion from time to time.

Use of your information

The IoP does not own any data, information or material that you or other users submit. You shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use any and all the data that you submit, and IoP shall not be responsible or liable for the deletion, correction, destruction, damage, loss or failure to store any customer data. Upon request by the Head of Membership, the IoP may remove, modify, edit or otherwise alter any applicable member data. The Head of Membership shall also have the power to block, delete or otherwise modify the access of members under its membership account, and shall be solely responsible for the addition and removal of members under its account.

IoP reserves the right to withhold, remove and/or discard member/customer data without notice for any breach of the Agreement. The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with UK data protection law.

Payment, Refunds, Upgrading and Downgrading Terms

Your membership is payable yearly and may be paid by PayPal, Credit/Debit Card, Bank Transfer or yearly Direct Debit. There will be no membership fee refunds available after the 14-day cooling-off period. There are no registration fee refunds. There are no downgrade refunds or refunds for months unused in any one year.

Cancellation and Termination

You are solely responsible for properly cancelling your membership. A phone request to cancel your membership is not considered cancellation. You can cancel your membership at any time by e mail or by letter providing 14 days notice. All of your data will be archived or deleted in accordance with the Privacy Policy.

IoP, in its sole discretion, has the right to suspend or terminate your membership and refuse any and all current or future use of the Service, for any reason at any time. IoP reserves the right to refuse service to anyone for any reason at any time.

Third Party Content

Third party content may appear on the Website or may be accessible via links. Any such activity, and any terms, conditions, warranties or representations associated with such activity, is solely between you and the applicable third-party. IoP shall have no liability, obligation or responsibility for any such correspondence, purchase or promotion between you and any such third-party. We do not endorse any sites on the Internet that are linked through IoP, and in no event shall IoP or its licensors be responsible for any content, products, or other materials on or available from such sites. We provide membership services to you pursuant to the terms and conditions of this Agreement, the terms of your membership contract (Application for membership), acceptance of our Privacy Policy and adherence to the code of conduct and complaints procedure.

Representations and Warranties

Each party represents and warrants that it has the legal power and authority to enter into this Agreement. IoP represents and warrants that it will provide membership services in a manner consistent with general industry standards reasonably applicable to the provision thereof. You represent and warrant that you have not falsely identified yourself nor provided any false information to gain membership of IoP and that your information is correct.

Disclaimer

The IoP expressly disclaims all liability for any direct, indirect or consequential loss, damage or injury occasioned from the use or inability to use this website whether directly or indirectly resulting from inaccuracies, defects, errors, whether typographical or otherwise, omissions, out of date information or otherwise, even if such loss was reasonably foreseeable and the IoP had been advised of the possibility of the same. consequential and indirect loss and damage shall include but not be limited to loss of profits, loss of goodwill, and wasted expenditure.

Internet delays

IoP website and services may be subjected to limitations, delays and other problems inherent in the use of the internet and electronic communications.

IoP IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS.

Changes in terms and conditions

IoP reserves the right to modify the terms and conditions of this Agreement or its policies relating to IoP at any time, effective upon posting of an updated version of this Agreement on IoP website. You are responsible for regularly reviewing this Agreement. Continued use of IoP website after any such changes shall constitute your consent to such changes. Our Terms will be kept up to date at https://theiop.org/legal-information

Assignment

This Agreement may not be assigned by you without the prior written approval of IoP but may be assigned without your consent by IoP to (a) a parent or subsidiary, (b) an acquirer of assets, or (c) a successor by merger. Any purported assignment in violation of this section shall be void.

Definitions

“Consent” of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

By “IoP technology” we mean all of IoP’s proprietary technology (including software, hardware, products, processes, algorithms, user interfaces, know-how, techniques, designs and other tangible or intangible technical material or information) made available to you by IoP.

“Controller” is given the same meaning as in the GDPR, which we summarize as the party that determines the purposes and means of the processing of personal data – the customer is the controller with respect to consumer personal data. Each party may be the controller of personal data it processes about the other’s personnel.

By “Customer data” we mean any data, information or material provided or submitted by you to IoP in the course of using IoP website/services.

“Incident” means: (a) a complaint or a request with respect to the exercise of an individual’s rights under the GDPR; (b) an investigation into or seizure of the personal data by government officials, or a specific indication that such an investigation or seizure is imminent; or (c) any breach of the security and/or confidentiality as set out in this DPA leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, the personal data, or any indication of such breach having taken place or being about to take place.

By “Intellectual property rights” we mean unpatented inventions, patent applications, patents, design rights, copyrights, trademarks, service marks, trade names, domain name rights, mask work rights, know-how and other trade secret rights, and all other intellectual property rights, derivatives thereof, and forms of protection of a similar nature anywhere in the world.

“Personnel” refers to those individuals who are employed by or are under contract to perform a service on behalf of one of the parties. Personnel may have rights in their personal data (including business contact information) if they reside in the EU. It is important to be clear about how personnel’s rights are protected.

“Data Subjects” refers to those individuals residing in the EU who are consumers or users of IoP goods or services (also “consumers”), as well as any personnel who reside in the EU.

“Personal Data” is given the same meaning as in the GDPR which we summarize here as: any data relating directly or indirectly to an identifiable data subject. Personal data does not include any data that is anonymized, aggregated, de-identified and/or compiled on a generic basis and which does not name or identify a specific individual, directly or indirectly.

“Processing” is given the same meaning as in the GDPR, which we summarize as including: collecting, recording, using, storing, amending, adapting, disclosing, transferring or transmitting, structuring, using, combining, deleting or destroying, personal data (“Process” and “Processed” shall have similar meanings).

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

“Pseudonymisation” is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

“Restriction of processing” is the marking of stored personal data with the aim of limiting their processing in the future.

“Processor” is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

“Recipient” is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

“Third party” is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

By “User” we mean an individual authorised to use IoP membership services and have been supplied user identifications and passwords (or by IoP at your request or the applicable Administrator’s request).

▸Privacy Policy

Introduction

The IoP takes your privacy seriously. This Privacy Policy outlines when and how we collect data; the type of data we collect; why we collect data; the legal basis for collecting data; how we keep your data secure and your privacy choices and rights.

If you are an IoP member, customer or subscriber, or just visiting our website, this policy applies to you. If you are a member of the IoP then you consent to this privacy policy under your membership contract with us.

This Privacy Policy does not extend to any websites that can be accessed from this Website including, but not limited to, any links we may provide to social media websites and membership benefits offered through third parties.

Our Responsibilities

If you are a member of the IoP or a visitor of the website, we act as the ‘data controller’ of personal data. This means that we determine how and why your data are processed. We are registered as a data controller at the UK Information Commissioner’s Office under number Z1496346.

Your Responsibilities

Read this Privacy Policy.
If you are a member of the IoP please also check the contract between us that may contain further details on how we collect and process your data.
If you provide us with personal information about other people, or if others give us your personal information, we will only use it for the purpose it was provided to us. By submitting the information, you confirm that you have the right to authorize us to process it on your behalf in accordance with this privacy policy.

When and How We Collect Data

We collect data from people browsing our website, customers and members of the IoP. As soon as you interact with the IoP we are collecting data. Sometimes it is provided by you and sometimes it is automatically collected.

Types of Data We Collect

We collect the following types of data:

Contact details
Financial information
Data from your membership application /renewal (your contract with us)
Data that identifies you
Data on how you use IoP

Contact Details

Your name, Address, Telephone, E Mail, Work E Mail, Work Telephone, Work address

Financial Information

Your bank account number, sort code, Credit/debit card details

Data from your contract with us

Your membership application form- contact details as above plus mail addresses, activity on membership, signatures, preferences

Data that Identifies You

Your IP address, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version.

Data on how you use IoP

Your URL clickstreams (the path you take through our site), products/services viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often, and other actions.

Sensitive Data

We do not collect data about you like racial or ethnic origin, offences or alleged offences without your specific consent or when we have to comply with the law.

Do you collect my data?

We collect data from people browsing our website, customers and members of IoP and people who view/sign contract with IoP.

Third Parties Who Process Your Data

This includes activities such as:

Payments: Stripe, PayPal, Bank for BACS payments, Gocardless for direct debits
Accounting activities: XERO, Next Level Business
Communications: LeadFreak, Lexology, NYCPA
Analytics: Google, Hotjar, Facebook, LinkedIn
Integrations: Google, ActiveCampaign, ActiveMember360
Infastructure: Wordpress, ActiveMember360
PPR (IF YOU CHOOSE TO BE A MEMBER)

We Use Cookies

We use only necessary cookies to run and improve the membership service. We use cookies to improve your experience of using our website and to improve our range of products and services. We have carefully chosen these Cookies and have taken steps to ensure that your privacy is protected and respected at all times. All Cookies used by our website are used in accordance with current UK and EU Cookie Law.
Before the website places Cookies on your computer, you will be presented with a message bar requesting your consent to set these Cookies. By giving your consent to the placing of Cookies, you are enabling us to provide a better experience and service to you.
The website may place the following Cookies:

Analytical/performance Cookies that allow us to count the number of visitors to our website and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Targeting Cookies that record your visit to the website, the pages you have visited and the links you have followed. We will use this information to make our website and any advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Our 3rd Party service providers use cookies too, which they control
You can turn off cookies, but this will mean we cannot recognize you in-app messaging etc. and certain features of the website may not function fully or as intended.
It is recommended that you ensure that your internet browser is up to date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.

How We Use Your Data

For the purposes of the Data Protection Act 1998 and the Data Protection Directive (Dir 95/46/EC), the Institute of Paralegals is the ‘’data controller’’.

To operate your membership
To help us improve
To give personalized membership support
To send you marketing that is related to your membership (only if you tell us to)

Data Protection law means that we may only use your data for certain reasons and where we have a legal basis to do so. We process your data for the following reasons:

Membership Services- We manage your membership requests and benefits, authentication, remember your settings, processing payments, hosting and back-end infrastructure.

Legal Basis: Contract; Legitimate Interest

To Improve Membership – To improve membership we test features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping our site, traffic optimization and data analysis and research, including profiling and other techniques over your data and in some cases using 3rd parties to do this.

Legal Basis for data usage: Contract; Legitimate Interest

Member Support- Notifying you of any changes to our service, e mail, phone or text.

Legal Basis for data usage: Contract; Legitimate Interest

Marketing Purposes- This usage is only with your consent. Sending you e mails and messages about new features, membership benefits or events products and services.

Legal Basis for data usage: Consent

Here is what each of the ‘legal bases’ mean:

Consent

You have given clear consent for us to process your personal data for a specific purpose.

You can change your mind and withdraw consent to our processing your data at any time. You can do this by e mailing us at [email protected].

If you do withdraw consent and we do not have another legal basis for processing your information then we will stop processing your personal data.

Contract

Processing your data is necessary for the membership contract you have with us, to take specific steps before entering into the contract.

Legitimate Interest

Processing your data is necessary for our legitimate interest or the legitimate interests of a third party, provided that those legitimate interests are not outweighed by your rights and interests. These legitimate interests are:

Gaining insights from your behavior on our website
Delivering, developing and improving the IoP service
Enabling us to enhance, customize or modify our services and communications
Determining whether marketing campaigns are effective
Enhancing data security
Growing the membership

In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.

Your Privacy Choices and Rights

You can choose not to provide us with personal data. If you choose to do this, you can continue to use the website and browse our pages, but we will not be able to process transactions without personal data.

You can turn off cookies in your browser by changing its settings.

You can ask us not to use your data for marketing. You can opt out of marketing by e mailing [email protected].

You have a right to be forgotten by us and to erase any personal data we hold about you, if it is no longer necessary for us to hold the data for the purposes of your membership.

You have a right to ask for a copy of your data held by us (where such data is held).

You have a right to lodge a complaint regarding our use of data, however, please tell us first so we can address your concerns. If we fail to satisfy you, you can address complaints to the UK Information Commissioners Office, by calling their helpline or as directed on their website at www.ico.org.uk

How secure is the data we collect?

We have physical, electronic and managerial procedures to safeguard and secure the data we collect. Please read our data security policy.

Please remember:

You provide personal data at your own risk: no data transmission can be guaranteed 100%.
You are responsible for your username and password: keep them secret and safe

If you believe your privacy has been breached, please contact us immediately on [email protected].

Where do we store the data?

The personal data is processed at our offices and in any data processing facilities operated by third parties identified below.

By submitting your personal data, you agree to this transfer, storing or processing by us.

If we transfer or store your data outside the EEA, we will take steps to ensure your privacy rights continue to be protected as outlined in this privacy policy.

How long do we store your data?

We will archive and stop actively using any personal identifiable data about you within 18 months of the last time you were an active paid up member of the IoP. We will delete your personal data from our archives no later than 3 years from the last date of you being an active paid up member or as agreed with you in writing.

Third Parties who process your data

We use third parties to help host our applications and websites, to communicate with members, power e mails and other integral processes.

When we do this, it may be necessary to share your data in order for these services to work well. Your data is only shared when it is necessary to do so.

Our main third-party service providers are:

Service Provider	Data Collected or Shared	Purpose
PPR	Contact Details, Data such as qualifications that identifies you	For the purpose of obtaining membership of the PPR - only where consent is given
Google Analytics	Technical data regarding site behaviour and usage statistics whilst on the website. IP is tracked.	Google Analytics is a web analytics service; we use it to track your use of the service and prepare reports on user activity
PayPal	Member and customer data including contact details, name, address, email, account details for credit/ Debit card payment	This is a payment method that may be chosen by members or customers
Stripe	Member and customer data including, name, email, account details for credit/ Debit card payment	This is a payment method that can be chosen by members or customers
Gocardless	Member and customer data including, name, email, account details for credit/ Debit card payment	A payment method that can be chosen by members or customers
Xero	Member and customer data including contact details, name, address, email, account details for BACS payments/ credit/ Debit card details	This is Accounting software used by the IoP
Next Level Business	Have access to the data in Xero, Stripe, Gocardless and PayPal as specified above	For the purpose of providing accounting and related services
Leadfreak	Data collected and processed on behalf of IoP marketing activities. Including, survey and questionnaire data, anonymised technical site usage data, membership data (including contact details, email, name, address). Access also to IoP Paypal and Stripe data.	To provide marketing services and analyse user behaviour for improving member experience.
Lexology	Full name, email address, country of residence	Membership benefit
NYCPA	Full name, email address, country of residence	Offers free membership to IoP members; IoP members request this benefit before their details are shared

Change of Business Ownership and Control

The Institute of Paralegals may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of the Institute of Paralegals. Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the Data for the purposes for which it was originally supplied to us.

We may also disclose Data to a prospective purchaser of our business or any part of it.

In the above instances, we will take steps with the aim of ensuring your privacy is protected.

▸Data Security Policy

Our Infastructure

IOP operates on servers that comply with strict standards.

The standards include PCI DSS Leve l1.

Access to critical 3rd party software providers used by the IOP are limited to Managerial level staff only and protected by 2 factor authentication.

Data is stored in the EU region by default on Paragon Internet Group servers and is continuously backed up. Our data centres are protected by physical access controls which includes a 3m perimeter fence, 25+ CCTV cameras, 24/7 personnel and electronic access control systems.

Connections to the IOP are encrypted using 256-bit SSL with integrity assured by the SHA2 ECDSA algorithm.

More information on the hosted servers can be found here

This statement is made on behalf of the Institute of Paralegals ( IOP) pursuant to section 54(1) of the Modern Slavery Act 2015 (the 'Act'), and constitutes our organisation's slavery and human trafficking statement for 2018/19.

Mission

As a not-for-profit professional membership body for Paralegals our mission and purpose is the promotion of Paralegals and the Paralegal profession. This legislation (the Act) is of immense important in tackling slavery and human trafficking and we will not trade or partner with any business or organisation which is involved in this practice either remotely or indirectly.

Furthermore, we are the voice of the Paralegal sector and have an obligation to demonstrate and promote fair and reasonable standards in the treatment of people who are operating within our and our member’s sphere of influence.

Our supply chains

Our supply chains include publishing and printing services, IT services, accountancy services, conference and venue suppliers, training providers and consultants, and marketing and PR services. We continually review the risks that these supply chains can present.

We expect our suppliers and contractors to demonstrate a zero-tolerance approach to exploitation. To this end, all new contracts and those renewing from March 2018 will now include a clause requiring that our suppliers, and their subcontractors, comply with the Act, and include IoP’s right to terminate in the instance of any breach of this obligation.

Taking action

We consider our exposure to modern slavery to be limited. Nevertheless, we will ask for specific assurances from those suppliers carrying the highest exposure to risk.

We expect our employees to fully observe and adhere to IoP's policies and procedures. During this financial year, we will ensure that all staff across the entire organisation receive training on the awareness of modern slavery to assist them in their understanding, identification and reporting of these risks.

Using the Site

We have aimed to create our website so that it is available to everyone including those with sight, audio and motor impairment restrictions.

We aim to use a web font, so all text is easy to read.
We have appropriate alt tags for images to convey information.
We ensure that navigation through our websites works in a consistent way.
We do not rely on just colour as the only way of giving information.
We avoid the use of images of text wherever possible and provide equivalent text links that consist of images.

Tips on how you can start using the website more easily.

To enlarge text and images on the site

On a PC:

Hold down the 'Ctrl' key and press '+' to enlarge.
Hold down the 'Ctrl' key and press '-' to reduce.
To reset hold down 'Ctrl' and press '0'.

On an Apple Macintosh computer hold the 'Cmd' (Apple) key instead of 'Ctrl'.

Browser accessibility options

Each browser has different methods for font size, formatting, and screen colour options:

The BBC also has information on how to customise your computer, and your browser, to make them more accessible in their 'My web my way' section.

To change the window size

On the browser View menu select 'Full screen' or press 'F11'.

Search Tips

A search box appears at the top of each page. To get the best results follow these tips:

Use keywords - the search won't work well using natural language, keywords will find better results. Use quotes to search for an exact phrase.

Layout

The site uses Cascading Style Sheets (CSS) to control all the presentation and layout.

Therefore, screen reader users can use the screen reader's navigation key to get around the site. If you are listening to the site, menus are grouped together in a more logical fashion.

Content

The content has been written and formatted to make it accessible. For example:

Headings highlight sections of text (a h1 starts the content area of each page).
Links use meaningful text.
Forms can be navigated using the tab key.

Contact

If you are experiencing difficulties accessing the site, or have any comments, please email or call 0203 034 1487.