CREST (International) (hereafter referred to as “CREST”) includes all of the CREST Chapters.
CREST will use its best endeavours to safeguard the privacy of its contacts and website visitors. In
compliance with UK and European data protection regulations, this Privacy Policy explains what
information we collect, how we use any personal information that we may collect about you and the
data processing practices of the Company.
Topics:
How do we collect information from you?
We obtain information about you in a variety of ways including when you contact us about our
products and services, complete an Agreement with us, submit a membership application or renewal
form to us, book an examination with us, make an enquiry to us or when you use our website.
What information do we collect?
You provide most of such information when you request further information about our services, make
an enquiry or communicate with us regarding our services.
As a result of those actions, you might supply us with such information as title, name, postal address,
email address, telephone number(s), IP address. We will also collect information from you if you
complete any forms, including any on our website, or if you contact us with comments or specific
requests.
Why do we need personal information?
We need to collect personal information in order to:
How is your information used?
CREST may use the information you provide us with to:
Who has access to your information?
We may pass your details on to third party service providers who are contracted to CREST in the
course of dealing with your request and if this is likely to happen, we will make it clear to you. These
third parties are obliged to keep your details securely and will use them only to fulfil the request.
Third parties that we may share your information with include:
We will never collect sensitive information about you without your explicit consent for each category
and will only collect such data for statistical purposes (our Legitimate Interest as identified in GDPR
Provisions Article 6(1)(f) and Article 9 (2)(j)).
Please note that in agreeing to share these details you have not forfeited your rights as prescribed
under the Data Protection Act 1998 and CREST will continue to apply the same level of care to
safeguard your privacy and use of your information across all our services. Your service entitlement
from CREST will not be affected should you decide not to allow your data to be shared in this way or if
you change your mind at any time in the future.
How secure is information about me?
We maintain physical, electronic and procedural safeguards in connection with the collection, storage
and disclosure of customer information and personal data. Our internal personnel, who have access
to the data, have been trained to maintain the confidentiality of such information.
How long is data kept?
The personal information you provide to us may be retained for up to 15 years or as required by law.
At that point, you will be contacted to seek your consent for us to retain it for a further period. At the
same time, you will have the option to instruct us to delete it.
If you choose to visit our website, https://www.crest-approved.org, your visit and any dispute over
privacy is subject to this Privacy Notice, including limitations on damages and application of the laws
of England. If you have any concerns about privacy please email us at governance@crest-
approved.org a thorough description and we will do our best to investigate it.
As our business changes, so may our Privacy Notice. You should check our website frequently to
see recent changes. Unless stated otherwise, our current Privacy Policy applies to all information that
we have about you.
Does CREST share the information it receives?
Client privacy is an important aspect of our business and we do not sell it or rent it to third parties. We
will not share your information with third parties for marketing purposes.
CREST would share client information only as described below.
Email Messages and Marketing
You may receive e-mail messages from CREST on matters that we consider may be of interest to
you, if you have provided your email address to us for this purpose. If you do not wish us to
communicate with you in this way, please tell us. We will provide you with as many means of doing
this as we can.
Information to improve our website
We collect web statistics automatically about your visit to our website. This information is used to help
us follow browsing preferences on our website so that we can regularly improve our website. These
statistics do not contain personal data and cannot be traced back to an individual.
Your choices
You have a choice about whether or not you wish to receive information from us. You can change
your preferences at any time by contacting us using the details below.
We are working to provide additional ways to make it easier for you to review and correct the
information that we hold about you. In the meantime, if you change email address or any of the other
information we hold is inaccurate or out of date, please contact us using the details below.
Subject Access Requests
You have the right to request a copy of the information that we hold about you. If you would like a
copy of some or all of your personal information, please email us or write to us using the contact
details below. We will provide the information within one month of receipt of the request. By law, we
are required to verify your identity.
We may make a small charge for this service if the request is excessive or repetitive or requiring
further copies of the same information.
We want to make sure that your personal information is accurate and up to date. You may ask us to
correct or remove information you think is inaccurate. Under the Data Protection Act 1998, you can
make a formal request for information including:
You may view the Company’s Data Protection Notification (Reg No.: ZA229721) by visiting the Data
Information Commissioner’s Web site.
Other websites
Our website contains links to other websites. This Privacy Policy only applies to our website crest-
approved.org so when you link to other websites, you should read their own Privay Policies.
Cookies
Cookies are text files placed on your computer to collect standard internet log information and visitor
behaviour information. We may collect information about your computer, including your IP address,
operating system and browser type, for system administration and in order to create reports. This is
statistical data about our users’ browsing actions and patterns, and does not identify any individual.
The only cookies in use on our site are for Google Analytics which is a web analytics tool that helps
website owners understand how visitors engage with their website. Google Analytics customers can
view a variety of reports about how visitors interact with their website so that they can improve it.
This information is used to track visitor use of the website and to compile statistical reports on website
activity. Google Analytics collects information anonymously. It reports website trends without
identifying individual visitors
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove
cookies from your browser. However, in a few cases some of our website features may not function
as a result.
Changes to our Privacy Policy
We keep our Privacy Policy under regular review and we will place any updates on this webpage.
This privacy Policy was last updated in April 2021.
Contact
If you have any questions about our Policy or information we hold about you please
email [email protected]