External Privacy Notice
Last Updated: 06/02/2023
Research Network for the Study of Esoteric Practices (“RENSEP”, “we”, “our”) is committed to protecting the privacy and security of the personal data we collect about end customers and users of our services (“you/your”).
The purpose of this privacy notice is to explain what personal data we collect about you when you use our website and communicate with us. When we do this, we are the data controller.
Please read this privacy notice carefully as it provides important information about how we handle your personal information and your rights. If you have any questions about any aspect of this privacy notice you can contact us using the information provided below or by emailing us at firstname.lastname@example.org.
We update this privacy notice from time to time in response to changes in applicable laws and regulations, to our processing practices and to the products and services we offer. When changes are made, we will update the date at the top of this document. Please review this privacy notice periodically to check for updates.
Who this privacy notice applies to
This privacy notice applies to you if:
- You visit our website
- You are a registered member on our platform
- You complete a new online registration
- You share information with other members
- You take part in one of our surveys
- You make an enquiry about our services
- You complete a contact form
- You sign up to receive publications and/or other communications from us
What is personal data?
‘Personal Data’ means any information from which someone can be identified either directly or indirectly. For example, you can be identified by your name or an online identifier.
‘Special Category Personal Data’ is more sensitive Personal Data and includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purposes of uniquely identifying someone, data concerning physical or mental health or data concerning someone’s sex life or sexual orientation. Personal Data’ means any information from which someone can be identified either directly or indirectly. For example, you can be identified by your name or an online identifier.
Personal data we collect
The type of Personal Data we collect about you will depend on our relationship with you.
We process all information you give us, either through our website https://www.rensep.org/ (“our site”) or by corresponding with us by telephone, email or otherwise. This includes information you provide when you use our site, register to use our platform, complete an online form or from other social media functions linked to our site, or when you report a problem with our site.
We may process the following information when you register to access the private area of our website:
- Date of Birth
- Email address
- Phone number
- Other contact details
- Bank/Payment Information
- Secondary Education Details
- Field of Interest
- Sexual orientation
- Any extra information you choose to tell us about you
We may process the following information following an online enquiry:
- Date of Birth
- Email address
- Phone number
We may use your name, address, email address and telephone number to contact you about your enquiry.
How we collect your personal data
We collect most of this personal data directly from you—in person, by telephone, text, or email and/or via our website. However, we may also collect information:
- From third party social websites such as LinkedIn.
- From other individuals you know, referring you to us.
Purposes for which we use personal data and the legal bases
We will only use your Personal Data when the law allows. Most commonly, we will use your Personal Data in the following circumstances:
|Purpose of Processing||Lawful Basis|
1. Performance of Contract
To help us maintain and provide you with our services
1. Performance of Contract
To contact you with details of changes to services you are receiving
1. Performance of Contract
For business analysis, and research and testing to ensure the integrity of our systems
It is in our Legitimate Interest to analyse, research and test our systems to ensure their integrity
Improving our website/platform and the overall user experience
It is in our Legitimate Interest to allow analytics and search engine providers to help improve and optimise our website
RENSEP Member Database
|It is in our Legitimate Interest to manage the members database|
|For use in our research on Esoteric Practices||Consent|
To send you newsletters and other promotional material we think might be suitable for you unless you tell us not to
To comply with the law, this may include sharing your information with our regulator
In certain circumstances, we may have a legal obligation to share your information with the relevant authorities and/or regulators
Responding to correspondence from you
It is in our Legitimate Interest to respond to enquiries made by telephone, email, through our social channels or any other means
Sharing your personal data
We may also disclose your information to third parties in connection with other purposes set out in this policy. These third parties may include:
- business partners, suppliers and subcontractors who may process information on our behalf
- educational institutes, research institutes and universities
- advertisers, social media platforms, and advertising networks
- analytics and search engine providers
- IT service providers
Where we are under a legal or regulatory duty to do so, we may disclose your details to the police, regulatory bodies or legal advisors, and/or, where we consider necessary to protect the rights, property or safety of RENSEP, its personnel, users or others.
When we collect your personal data, it may be processed outside the UK. This is because the organisations we use to provide our services to you are located in other countries.
We have taken appropriate steps to ensure that where personal data is processed outside the UK, it has an essentially equivalent level of protection as it has within the UK. We do this by ensuring that:
- Your personal data is only processed in a country which the Secretary of State has confirmed has an adequate level of protection (an adequacy regulation); or
- We enter into either International Data Transfer Agreements (IDTAs) or Standard Contractual Clauses (SCCs) (with the UK Addendum) with the receiving organisations and ensure that supplementary measures are also applied, where necessary.
A copy of the IDTA can be found here international-data-transfer-agreement.pdf
How long we keep your personal data
We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims.
At the end of the retention period, your personal data will be securely deleted or anonymised, for example by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and organisation planning.
Security of your personal data
We have implemented appropriate technical and organisational measures to safeguard your personal data and protect it from accidental or unlawful destruction, loss or alteration and from unauthorised disclosure or access.
In addition to the technical and organisational measures we have put in place, there are a number of simple things you can do to in order to further protect your personal information, such as;
- Never share a One Time Passcode (OTP).
- Never enter your details after clicking on a link in an email or text message.
- Always send confidential information by encrypted email where possible this reduces the risk of interception.
- If you’re logged into any online service do not leave your computer unattended.
- Close down your internet browser once you’ve logged off.
- Never download software or let anyone log on to your computer or devices remotely, during or after a cold call.
Secure Online Services
You can easily identify secure websites by looking at the address in the top of your browser which will begin https:// rather than http://.
You have certain rights in relation to the processing of your personal data, including to:
- Request access to your personal data (commonly known as a “Subject Access Request”). This enables you to receive a copy of the personal data we hold about you.
- Request rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. If you object to us using your personal data for marketing purposes, we will stop sending you marketing material.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party (data portability).
- Automated decision-making. You have the right not to be subject to a decision based solely on automated processing which will significantly affect you. We do not use automated decision-making.
Right to withdraw consent
In the limited circumstances where you may have provided your consent to the processing of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we are permitted by law to do so.
How to exercise your rights
You will not usually need to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. If you wish to exercise your rights, please contact us at email@example.com.
How to complain
You have the right to lodge a complaint with the supervisory authority, if you believe we are infringing the UK data protection laws, or you are concerned about the way in which we are handling your personal data. The supervisory authority in the UK is the Information Commissioner’s Office who can be contacted online at:
- Contact us | ICO
- Or by telephone on 0303 123 1113
How to contact us
Email us at: firstname.lastname@example.org
Call us: 0031 623 44 03 21
Or write to us at: RENSEP, Flat 146, 56 Gloucester Road, London, SW7 4UB.
Changes to this privacy notice
We may update this notice (and any supplemental privacy notice), from time to time as shown below. We will notify you of the changes where required by applicable law to do so.
Last modified 06.02.2023.