Policies and documents

The IIS may collect and process your personal information to meet our obligations and to provide you with our products and services. The IIS will not collect any unnecessary personal data from you. 

The data that we collect from you includes: 

Information that you provide to us 

When using our website, you will be asked to provide us with your information when you: 

• fill in forms on our website, or correspond with us by phone, email or otherwise; 
• register to use our services or at any subsequent point using our services; 
• report a problem with our website; or 
• complete any surveys we ask you to fill in that we use for research purposes (although you do not have to respond to these if you do not want to). 
• Depending on the information and/or services you request, you may be asked to provide your name, email address, postal address, phone number, and similar information. 

With regard to each of your visits to our website, we may automatically collect the following information: 

• device-specific information, such as your hardware model, operating system version, unique device identifiers, and mobile network information; 
• technical information about your computer, including where available, your IP address, operating system and browser type, for system administration and analytical purposes; and  
• details of your visits to our website, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time), length of visits to certain pages, and page interaction information (such as scrolling, clicks, and mouse-overs). 

We do not, however, seek to link this information to your name and other identifying details if you provide them. 

When using our services, we may be in contact with third parties who may provide us with certain information about you in order to enable your use of the services. 

Marketing 

We may use your information to promote our own services/events and those of our AKDN partners to you such as by regularly sending you newsletters by email and, where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of promotions. If you no longer wish to receive such information you can withdraw your consent at any time. 

We store any data associated with your email address with our email service provider Mail Chimp. You can see how they are updating their services to comply with the new regulations here. 

We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us. 

We may disclose your personal information to organisations who work with us in providing the Website and the associated services (such as analytics providers and website developers). 

We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of the IIS, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection 

We may disclose your personal information to third parties, the court service and/or regulators or law enforcement agencies in connection with proceedings or investigations anywhere in the world where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime (use justification: legal obligation, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities). 

Personal information provided through the Website is stored in a cloud-based database. Access to the database is limited to designated IIS staff, and our contracted third party website development company. The data can only be accessed through a secure firewall by designated individuals with a username and password, and who have been given access to the database. 

Subscribers to the website: we store any data associated with your email address with our email service provider, Mail Chimp. You can see how they are updating their services to comply with the new regulations here. 

No data transmission over the internet or website can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements. 

We will hold the above information for as long as is necessary in order to provide you with the Services, deal with any specific issues that may raise, or otherwise as is required by law or any relevant regulatory body. 

Some personal data may need to be retained for longer than this to ensure that the IIS can comply with applicable laws and internal compliance procedures, including retaining your email address for marketing communication suppression if you have opted not to receive any further marketing. 

If information is used for two purposes, we will retain it until the purpose with the latest period expires but we will stop using it for the purpose with a shorter period when that period expires. 

We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs and your information that is no longer needed is either irreversibly anonymised (and the anonymised information may be retained) or securely destroyed. 

Your rights 

Under the General Data Protection Regulation (EU) 2017/676, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at info@iis.ac.uk. 

You have the following rights in relation to your personal data: 

• We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete; 
• To ask us to delete all of your personal data. Doing so will result in the IIS deleting your personal data without undue delay (unless there is a legitimate and legal reason why the IIS is unable to delete certain of your personal data, in which case we will inform you of this in writing); 
• To ask us to stop processing your personal data at any time; 

• To request that the IIS provides you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so; and 
• To lodge a complaint to a supervisory authority such as the Information Commissioner’s Office in the UK (see www.ico.org.uk), although we encourage you to engage with us in the event you have any concerns or complaints. 

The IIS will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above; however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs. 

Asking us to stop processing your personal data or deleting your personal data will likely mean that you are no longer able to use our services, or at least those aspects of the services which require the processing of the types of personal data you have asked us to delete. 

Where you request the IIS to rectify or erase your personal data or restrict any processing of such personal data, the IIS may notify third parties to whom such personal data has been disclosed of such request. However, such third parties may have the right to retain and continue to process such personal data in its own right or on other lawful grounds without your consent. 

Any changes we make to our privacy policy in the future will be posted on this page and where appropriate, notified to you by email. 

Questions, comments and requests regarding this privacy policy are welcome. Please call our office on 44 (0) 20 7756 2700, email us at info@iis.ac.uk, or write to us at: 

The Institute of Ismaili Studies 

The Aga Khan Centre 

10 Handyside Street 

King’s Cross 

London N1C 4DN 

For the purpose of the relevant data protection legislation, the data controller is The Institute of Ismaili Studies (registration number 01324858), with its address at The Aga Khan Centre, 10 Handyside Street, King’s Cross London, N1C 4DN. 

Our website uses cookies to distinguish you from the other users of the Website. This allows us to provide you with a good experience when you browse our website and also allows us to improve our website. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookies Policy (https://www.iis.ac.uk/cookie-policy)