Privacy Policy

Updated October 2020

Who we are

The Forest Industry Safety Accord (FISA) was developed in 2012 by representatives from many of the leading industry organisations following a safety summit instigated by the Health and Safety Executive (HSE). It commits each member’s organisation – and the sector at large – to raise the standard of health and safety in their place of work in order to reduce the number of serious and fatal accidents in the forestry sector.

Our registered address is 59 George Street, Edinburgh, EH2 2JG.

If you have any questions about this Privacy Policy you can get in contact by writing to us.

FISA is committed to upholding your privacy and taking care with your personal data as a valued member, customer and user of our website. FISA process all data fairly and lawfully.

Collection of data

FISA is committed to respecting the personal data you supply to us. The information we collect will be relevant to the purposes for which it is to be used and we will do our utmost to ensure that such data will be accurate, complete and kept up to date.

The term “personal data” in our Privacy Policy, means information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include, for example, your name, your contact details, or information on how you use our website or interact with us.

We collect some personal data from you when you submit a membership application, use our website, use our services or contact us for the purposes of facilitating these services.

Categories of data we collect

We may collect and process the following:

Type of data

Method of collection

Your name, company and contact details (eg email address, telephone numbers and postal address)

Through membership application forms

Your company activities such as business turnover, forest management areas, timber tonnages harvested transported and sold.

Through membership application forms

We may record the communications you/we exchange with us/you (for example, your emails, letters or calls)

When you contact FISA or you are contacted by FISA

Your feedback

When you reply to our requests for feedback

Information that relates to your FISA membership

When you obtain, renew or cancel your FISA membership, or when you update your details

How and why we use your personal data

Member data is primarily used by FISA to deliver member services. Only member names, company names and business addresses are listed on the FISA website, unless specifically requested not to be. Contact can also be made with Company members via an email form.

When you are a member, FISA will use your information to perform our services in relation to your membership (e.g. to issue your members’ email updates). We’ll also contact you with important operational information regarding your membership (e.g. notices about your subscription fees etc.). In these instances, we process your personal data because it is necessary for the maintenance of contact with you.

FISA only collects non-member details for those who have opted into our email updates. You will have the opportunity to opt out of these communications at any time.

Credit Cards

FISA does not store credit card details or share financial details with any third parties.

Security safeguards

FISA respects your data and has taken appropriate technical and organisational measures to ensure we have mitigated against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data.

FISA will retain your personal data for as long as we need it in order to fulfil our purposes set out in this Privacy Policy or in order to comply with the law.

Openness principle

FISA has a formal process to manage requests for access to the data we hold about you. However, in the first instance we encourage you to contact us directly to discuss and resolve any concerns you may have relating to the use/acquisition of your data.

Individuals can assess the data held about them at any time. Responses to request for information will be made promptly and, in any event, within 30 days. FISA retains the right to refuse or charge for requests that are manifestly unfounded or excessive. If FISA refuses a request, we will tell the individual why. Individuals have the right to complain to the supervisory authority and to a judicial remedy. The Institute will respond without undue delay and at the latest, within one month.

Your rights

Subject to certain limitations, you have the right to:

  • Request a copy of the information we hold about you and be told about its use.
  • Request that FISA rectifies or deletes your information, or restricts processing if you have concerns over its accuracy, deletion or fair and lawful use.
  • Withdraw or alter consent to the use of your information. All of our non-operational communications (i.e. update emails) contain an unsubscribe link.
  • Receive your personal data in a portable, commonly used, machine-readable format to transfer to another data controller. However, in some circumstances we may be unable to provide you with some or all of your personal data, for example, if it compromises the confidentiality of a third party.

Data Sharing

FISA will only share member data, such as mail and email addresses with third parties like mailing houses (election mailings) and a data sharing agreement ensures safe transportation, storage, and disposal of data.

Retention Policy

FISA retains personal data as long as it is legally or contractually obliged to do so, or according to how long professional industry codes of practice deem fit.

We keep:

  • contractual and financial information for 10 years.
  • membership information for a period of one year after membership ceases. Ceased members information is automatically archived for a year after cancelling and then deleted.

Updates to our Privacy Policy

FISA will update this Privacy Policy from time to time and will publish updated versions on its website.

Concerns and complaints

If you have concerns or questions over the collection, storage or processing of your data, you are encouraged in the first instance to contact FISA to discuss and resolve any issues.

You can write directly to FISA:

Data Protection
59 George Street

You also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Officer (ICO). Contact details for the ICO are available here.