Privacy Policy

Your privacy is important to us

  1. Introduction

The Worshipful Company of Information Technologists (a company registered in England by Royal Charter under number RC000839) or (“the Company”) whose address is 39a Bartholomew Close, London EC1A 7JN and the Worshipful Company of Information Technologists’ Charity (Registered Charity No. 1113488) (a Company Limited by guarantee registered in England and Wales under No. 05697763) whose registered office is at 39a Bartholomew Close, London, EC1A 7JN (“the Charity”) (together “we”) are committed to protecting and respecting your privacy. We gather and process data in accordance with the prevailing data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. The Controller’s representative for the purposes of data collected about European Union citizens and residents in the EU under Article 27 of the EU GDPR is Dr Stefan Fafinski. European Union citizens may contact him via email to

  1. Information we may collect about you

We may collect and process the following data about you

We may collect, use, store and transfer different kinds of personal data about you for the purposes set out in this Privacy Notice. We have grouped together the personal data as follows, which includes but is not limited to:

  • Identity Data, which includes your title, first name, maiden name, last name, or similar identifier; marital status; date of birth; gender; ethnicity;
  • Contact Data, which includes your address; e-mail address; telephone number and other contact information;
  • Usage Data, which includes information about how you use our website;
  • Marketing and Communications Data, which includes your preferences in receiving marketing from us and our third parties and your communication preferences;
  • Occupational or Other Data, which includes your job title; company affiliation; and, following your admission to the Company, details of your involvement with the Company and the Charity; and
  • Financial Data, such as bank account details for processing payments.

Details of your visits to our website

This includes, but is not limited to:

  • details of the computer or other device that you are using;
  • details of the web browser you are using;
  • details of your language settings;
  • traffic data;
  • location data;
  • weblogs;
  • other communication data;
  • IP address data; and
  • Information provided by reputable third-party data sources such as other Worshipful Companies and the City of London Corporation.

If you contact us, we may keep a record of that correspondence, including any information provided or required to resolve your enquiry or issue.

We also collect, use and share “Aggregated Data” such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.

With the exception of race and ethnicity and (in certain limited circumstances) information about criminal convictions and offences, we do not intend to collect any special categories of personal data about you (this includes details about your religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

If you are unable to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with information or services). In this case, we may have to cancel an arrangement or service you have with us but we will notify you if this is the case at the time.

  1. How we collect personal data

We use different methods to collect data from and about you (or someone acting on your behalf), including through:

  • Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • create an account on our website (including through portals linked from our website for the purpose of creating an account on our website);
    • submit an application for membership, a grant, bursary, award, or any form of financial or pro bono assistance;
    • subscribe to our membership services;
    • make a gift or bequest;
    • request further information, services or content;
    • complete surveys and questionnaires; or
    • give us feedback or contact us.
  • Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
    • Individuals or charities with which we have a relationship, for the purposes set out in this Privacy Notice;
    • Individuals or organisations who have the proper authority to share your personal data with us.
  1. Cookies

We only use Cookies on our website pages in order to optimise functionality and for anonymised statistical purposes. You can set your browser to notify you when you receive a cookie; and you may block cookies by adjusting the settings on your browser. Please note that if you restrict all cookies you may not be able to access all or parts of our sites. Unless you have configured your browser to refuse cookies, our system will issue cookies as soon you visit our websites.

When you first visit any of our sites a pop-up header will be generated alerting you to our cookie policy. It will re-appear in the event that you change your cookie settings from time to time.

A copy of our cookie policy can be found here.

  1. Storage of personal data

We implement appropriate security measures to protect information from:

  • loss;
  • misuse;
  • unauthorised access;
  • disclosure;
  • alteration; or
  • destruction

Our security systems include authenticated access to internal databases. We also encrypt and anonymise data wherever it is appropriate to do so. We regularly take back-ups of our data. We regularly review overall web security and audit procedures.

In conforming with data protection laws, we endeavour to implement appropriate procedures to protect your personal data and to prevent any unauthorised access or misuse of it. Our servers, on which your personal data is kept, are located in the United Kingdom and EU.

Please be aware that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data when transmitted via the internet between us: any such transmission is at your own risk.

  1. Uses made of the information

We only use your personal data when the law allows us to, and use information held about you in the following ways, which may include but are not limited to:

  • To ensure that content from our sites is presented in the most effective manner for you and for your computer;
  • To provide you with relevant information, products and services of a type that you request from us or which we feel may interest you;
  • To carry out the requirements of any contracts entered into (or about to be entered into) between you and us;
  • To allow you to use the interactive features of our websites when you choose to do so;
  • To administer and protect our affairs and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);
  • Undertaking checks as to your identity (and similar checks) if required for an application or if we will be working together;
  • Gathering evidence and investigating any matter related to a concern or dispute, including conducting any mediation, arbitration or litigation process;
  • In furtherance of our pro bono and other charitable initiatives, which we consider to be core elements of our activities;
  • To manage our relationship with you which will include notifying you about changes to our service, terms or privacy policy or asking you to take a survey;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  • Where we need to comply with a legal obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message.

We also pass your data to other Livery Companies with whom we co-operate from time to time so that they can provide you with relevant information about their goods and services and so that we can co-operate with them. Being a Livery Company, once you become a Freeman of the City of London we pass much of the data we collect about you to the Mayor and Commonalty and Citizens of the City of London. We are committed to responsible email sending practices. We only send e-mails to individuals whose data has been lawfully and fairly obtained.

If at any time you do not wish to receive emails from us, or for us to pass your information to third parties please use the unsubscribe functionality contained in all of our communications. Alternatively, please contact us using the details set out below in this Privacy Notice.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

  1. Disclosure of your information

We may disclose your relevant personal information to the Charity. This Privacy Notice also applies to the Charity and we (the Company) reserve the right to freely pass the data between ourselves and the Charity.

We may disclose your relevant personal information to the extent that we are under a duty to disclose or share your personal data in order to:

  • comply with any legal obligation;
  • enforce or apply our terms of use and other agreements with you or the Mayor and Commonalty and Citizens of the City of London;
  • protect the rights, property, or safety of The Worshipful Company of Information Technologists’, our customers, or others.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not knowingly allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

We do not transfer your personal data outside the UK other than storing data on our EU-based cloud server.

  1. Data Security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

We have appropriate policies with which our members and staff are required to comply, and we have provided training to our staff regarding their obligations in ensuring the security of your personal data. Members and staff are aware that misuse of personal data may be grounds for disciplinary action against them.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

  1. Your rights

The data protection legislation gives you a number of rights. These rights include:

  • Right to data erasure;
  • Right to make a “subject access request”, which is a request for a copy of the data which we hold about you;
  • Right of correction (or where appropriate erasure) of data which we hold about you where this is inaccurate;
  • Right to data portability;
  • Right to withdraw your future consent to our processing your personal data;
  • Right to restrict our processing of your personal data;
  • Right to request a transfer of your personal data;
  • Right to complain to the Office of the Information Commissioner; and
  • Right to contact and make enquiries of our data protection co-ordinator who can be contacted at:
    • In writing: Data Protection Co-ordinator, WCIT, 39a Bartholomew Close, London, EC1A 7JN.
    • Telephone: 020 7600 1992 – Calls may be recorded for training, quality and monitoring purposes.

If you wish to exercise any of the rights set out above, please contact us. Please be aware that if you exercise one of these rights, that in order to protect your privacy, we may require you to undergo some identity verification tests to ensure that we are dealing with you.

You have the right to be informed of the matters stated in this privacy policy.

There are four legal bases upon which we collect, process and transfer your personal data as described in this privacy policy:

  • Performance of Contract – To consider potential or to fulfil actual contracts with you. If you are not able to provide this data, it is possible that we will be unable properly to perform our side of any contract with you;
  • Legitimate Interest – In order to conduct and manage our activities in our key areas of focus to enable us to give you and affiliated organisations the best service, or in the furtherance of third parties’ legitimate interests;
  • Consent – Also, we may rely on your express consent for us to use your personal data; and
  • Complying with a Legal Obligation – We may process your personal data where it is necessary for compliance with a legal obligation to which we are subject.
  1. Data retention

We, in conjunction with the Mayor and Commonalty and Citizens of the City of London, normally hold and process much of your professional data indefinitely for historic and archival purposes. We delete other data such as web tracking data as soon as reasonably possible and in any event when we no longer need it.

In any event we will stop the processing of your data where you ask us to do so by contacting us at; or by post to Data Protection Co-ordinator, WCIT, 39a Bartholomew Close, London, EC1A 7JN or by telephone on 020 7600 1992. The only circumstances in which we will not do so are where we have a legal obligation or a legitimate interest to continue processing your data. You should note that our legitimate interests include maintaining, in conjunction with the Mayor and Commonalty and Citizens of the City of London, much of your professional data indefinitely for historic and archival purposes.

Our websites and email bulletins may contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies. We do not set and are not responsible for those policies.

  1. Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page. Please therefore check this page on a regular basis.

  1. Contact

Questions and requests regarding this privacy policy should be addressed by email to or by post to 39a Bartholomew Close, London, EC1A 7JN.

Policy updated August 2023.