Privacy Policy

The Royal Society of Medicine (“RSM”) is committed to safeguarding and protecting the privacy of our Members, visitors and audiences (collectively “Users”). This Privacy Policy explains the types of information we collect from you, what happens to personal data provided to us and your rights associated with it.

The preservation of our User's privacy is very important to the RSM. The RSM commits to protecting the rights of Users in relation to their personal information and confirms that all personal information submitted by the User to the RSM’s website (“Site”) or that is otherwise provided to the RSM (for example, in person, over the phone or via other digital means) will be processed in accordance with the principles of the Data Protection Act 2018 and the General Data Protection Regulations (“the Data Protection Legislation”).

Links to third-party digital servces, provided on RSM’s digital services, are not covered by the RSM's Privacy Policy and when visiting such third-party services, the User should check the privacy statements of each third-party digital service (e.g. website, App etc.) that they visit.

This Privacy Policy explains your rights and gives you information you are entitled to under the Data Protection Legislation. Please note that this Policy only refers to your personal data which we process and collect about you when you contact us by phone, email, letter, complete online forms, attend our building in-person, attend any of our events or when you use our Site or other digital services, as opposed to other forms of data.

Contents

About us
What personal data do we collect
How will it be used
Transfer of data outside the UK or EEA
Who we share data with
How long we will keep your data
How we protect your data
Your choices and rights
Updating your personal information
Complaints
Accuracy
Contacting us
Changes to the Policy

About us

The Royal Society of Medicine (RSM) is a registered charity and membership organisation. Our vision is better healthcare for better lives. By sharing learning and supporting innovation, our goal is to be the leading provider of continuing learning to healthcare professionals.

We deliver multidisciplinary, specialist and general education, as well as professional development, drawing on the support of leading experts in over 50 specialist areas of medicine. We have a global network of Members. Bringing together healthcare professionals across specialties, we offer a range of membership options for every career stage, from students to retirement.

Our learning resources span a wide collection of books, journals, electronic journals and online medical databases. We are home to one of the finest physical and digital medical libraries in the world. We connect those involved and interested in healthcare and, by leveraging expertise from across the RSM, we support, help and inspire the innovators developing the medical products and services of tomorrow.

The RSM is a Royal Charter body registered with the Privy Council. Our patron is His Majesty King Charles III.

The RSM’s registered office is at 1 Wimpole Street, London, W1G 0AE, United Kingdom. We are a registered charity in England and Wales under number 206219 and company number RC000525. The RSM is registered with the Office of the Information Commissioner as a data controller under registration number Z5978894.

What personal data we collect

RSM processes Users’ data for the purposes of conducting charitable activities, administering membership, managing the RSM, collecting subscription fees, running events such as continuing professional development (“CPD”), producing and distributing marketing materials, conducting research, handling complaints, fundraising, disseminating news and surveys and ancillary or related activities.

RSM collects and processes various forms of personal information about you for the purposes described in this Privacy Policy, including:

All Users of the RSM’s services

Information (such as your title, first name, last name, gender, date of birth, telephone number(s), email address, IP address, addresses, post code, job role, employment details, GMC (et al) registration number, education background and qualifications, location information, dietary requirements, accessibility requirements, family relations, areas of interest) that you provide by filling in an application form to become a Member, attend an event, register online, sign up to receive emails from us, enter for an award or prize, use our library services or correspond with us via our Site and other digital services, including if you subscribe to our newsletters.
Personal information related to our equality and (including geographical location, organisation, socio-economic class, caring responsibilities, educational background; as well as some special category datasuch as health, sexuality, disability or ethnicity data). It is not mandatory that you give this information.
Personal information related to the Equality Act 2010 inclusive of data known as ‘Protected Characteristics’ (age, disability, gender reassignment, marriage or civil partnership (in employment only), pregnancy and maternity, race, religion or belief, sex, sexual orientation), though this information is not mandatory.
Details in relation to any payment and/or donation transactions you authorise us to make (including: billing address, payment details, bank details, account holder name, sort code, account number, membership amounts, donation amounts, financial status tier allocation). Please note we maintain a record of your transaction history, but will not capture or store your payment card details.
Information about your use of our digital services (for example, pages viewed, location data, traffic sources etc.).
IP addresses: to help identify those using RSM’s digital services and to gather broad demographic information for reporting purposes. The use of IP addresses is also used to help diagnose problems with our server and may also be used to assist in the detection of fraud. In this instance, the RSM may pass this information to the police.
Cookies: we use cookies to make our digital services easier to use and to help us understand how people are using them, so that we can make improvements. Cookies are files stored in your web browser and are used by most websites to help personalise your web experience. View the full list of cookies we collect on this website.
Visual images (e.g. during events) including live footage and photographs.
Surveillance CCTV video footage (without audio) at key RSM entry-points (e.g. reception desks etc.). We have decided this is necessary for the prevention and detection of crime, for protecting the safety of individuals and/or for the security of our premises.
Audio recordings.
CV and any other application details.
Personal information that may be contained in communications between you and the RSM (which may be over email, telephone or face-to-face), for example to report a problem or to submit queries, concerns, comments or complaints.
Any personal data you volunteer in any free text fields in any paper-based or digital surveys, questionnaire or webforms that are captured by the RSM.
Publicly available information (inc. General Medical Council, General Dental Council, Royal College of Veterinary Surgeons, universities, Companies House, Land Registry, Charity Commission, news and broadcast media, historical publications etc.).
Your profiles, content and behaviour within the public domain such as social media posts (e.g. X, Meta platforms, YouTube etc.).
Further information about yourself, your family and your circumstances you divulge in conversation and/or communications and/or research you are participating in with/for the RSM.
Lifestyle Data: estimated data from third-party companies regarding lifestyle, employment, income, and property.
Details of any safeguarding issues related to yourself, your religious or philosophical beliefs, health data, sex life, sexual orientation, details of any complaints or concerns you have made or that are against or about you, witness evidence or information, any complaint resolution and outcomes, and criminal offence or information on any criminal activity.
Information that may be provided to us from government institutions, public bodies and law enforcement agencies, complainants or legal practitioners, including any police or criminal records checks we conduct.
Information on any individual or business-related endorsements you have made or make, any business connections you may have, and biographies or literature that is made available to us which is about you.
Details of how your personal data may have been involved in any data breaches and whether you may have been a causal factor to any data breaches or incidents and what the outcome of any investigations were/are.
Aggregated data, and pseudonymous and anonymous data we have created from your personal data, but we are unable to use to directly identify you.
Information to confirm that you meet the criteria to receive a RSM award or honour. You may be directed to a third party who will validate this information with your knowledge.

Additional information collected for Members and ex-Members only

Members using their membership card to enter and exit the Club areas, the Library and other parts of the building.
Use of the Library services, for example borrowing books and journals, literature searches and document delivery requests.
If applicable, the reasons why and how you discontinued your membership, your status as an ex-Member and all related information (as outlined above) will be retained. Please note: most ex-Member personal data will be retained for safeguarding and statistical reasons and from time-to-time, we may occasionally ask you if you may like to re-join the RSM. As an ex-Member, you are free to opt-out of any recontact from us at any time.

Users can email dpo@rsm.ac.uk to ask for the details that we hold and for your data preferences (i.e. opt-ins/outs) to be updated.

If you do not provide us with certain personal information (for example, if you do not provide us with the personal information that is indicated as mandatory on the membership enquiry form page), we might not be able to provide certain services to you as we process your membership application.

Information on ‘Special Category’ personal data:

The RSM will sometimes need to process more sensitive data known under the Data Protection Act as “special category data”. For the regulator’s definition and further information on what is meant by “special category data” you can access it on the Information Commissioner’s Office (“ICO”) website by clicking here. When using this data, the RSM does so within the ICO’s guidelines and also to administer any request made directly by you.

How it will be used and what is our lawful basis for using it?

The RSM’s lawful basis for processing your personal data is listed below:

Processing is necessary for our legitimate business interests (i.e. as the Data Controller in accordance with UK GDPR Article 6.1(f)).
Is necessary to deliver a contract or service (i.e. UK General Data Protection Regulation (GDPR) Article 6.1(b) where the use of your personal data is necessary in the performance of a contract which you have agreed to or where we are working to enter into a contract with you).
To protect the vital interests of an individual or individuals e.g.:
Safeguarding children or an individuals’ economic well-being: UK GDPR 6.1(d); and Special categories of personal data used for the purpose of Substantial Public Interest under UK GDPR Article 9.2(g) in line with Schedule 1, Part 2, Paragraph 18 – Safeguarding of children and of individuals at risk; and Paragraph 19 – Safeguarding of economic well-being of certain individuals, of the Data Protection Act 2018).
Protecting an individual from harm or protecting their well-being: protecting the vital interests of an individual or individuals in accordance with UK GDPR Article 6.1(d). Special categories of personal data used for the purpose of Substantial Public Interest (Preventing or detecting unlawful acts; Protecting the public; Regulatory requirements) under UK GDPR Article 9.2(g).
Legal obligation: the processing is necessary to comply with the law (not including contractual obligations) e.g.:
Protecting the public against dishonesty: special categories of personal data used for the purpose of Substantial Public Interest under UK GDPR Article 9.2(g) in line with Schedule 1, Part 2, Paragraph 11 Protecting the public against dishonesty etc of the Data Protection Act 2018.
Data subject rights request or data breaches: compliance with a legal obligation under UK GDPR Article 6.1(c) to uphold your data protection rights. Special categories of personal data used for the purpose of Substantial Public Interest (Preventing or detecting unlawful acts; Protecting the public; Regulatory requirements) under UK GDPR Article 9.2(g).
Dealing with legal claims and ongoing litigation cases: compliance with a legal obligations under UK GDPR Article 6.1(c) to uphold your data protection rights. Special categories of personal data used for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity under UK GDPR Article 9.2(f).
You have given us consent. All electronic marketing communications (such as newsletters) include the option to directly unsubscribe, or you can email dpo@rsm.ac.uk to ask for your preferences to be updated.

The RSM aims to use the information collected to provide a personalised service to all our Users. We may use your personal data for the following purposes:

All Users of the RSM’s services

To provide our services to you.
To help manage the organisation.
To process membership payments, donation payments, expenses payments (if applicable) or any other payments due to/from you.
To deliver events (e.g. registration confirmations, inclusion within attendee lists and online learning videos, contacting you about event queries, sending confirmations etc.).
To conduct and manage charitable activities, including: the sharing of news; event invitations (inc. CPD); awards; prizes; exhibitions; research; campaigning; fundraising activities; and surveys.
To correspond with you and handle your queries or complaints.
To produce and distribute marketing materials, including newsletters or other advertising and promotional emails which we think you may find interesting. When you register online or make a guest purchase on the Site, you can choose whether you would like to receive marketing communications from the RSM by phone, email, post or text. If you have opted into any of these forms of communication, you will receive marketing tailored to the information you have provided us with, when first registering. We will not contact you for marketing purposes unless you have opted-in to receive communications. When joining the RSM through any offline application process you will also be asked for contact preferences.
To provide you with ancillary or related activities.
To identify visitors to our Site and other digital services, to improve these services and to customise these services for you.
To conduct research or for other analytical purposes.
To test, monitor and develop any of our physical or digital systems that hold your information and also develop models for targeting campaign messaging to certain demographics and geographies.
To make relevant identity verification checks as a protective function based on when you contact us and what you are contacting us about (e.g. Data Protection rights requests; Membership details update requests; password resets for your access to digital platforms etc.).
To conduct investigations into concerns or complaints about financial fraud, criminality, safeguarding issues, welfare issues, inappropriate behaviour displayed toward members of the public or Members, or any other activities which may cause or have the possibility of causing harm to others, either about you, where you may have been harmed, or where you are assisting us or acting as a witness and to carry out disciplinary actions. Please do also see our Code of Conduct.
To identify personal data and take relevant action upon submission of a data subject rights request.
To be able to assess any impact on individuals of a data breach involving personal data held on RSM systems or on third-party systems.
To help protect an individual from neglect or physical, mental or emotional harm, or protect the physical, mental or emotional well-being of an individual.
To deal with legal claims and ongoing litigation cases.
To prevent and detect crime: to proactively & retrospectively protect the safety of individuals and enhance the security of our premises. We do this through our surveillance CCTV system. The images produced by it are controlled by the RSM, who is responsible for how the system is used under the UK GDPR and Data Protection Act 2018. The data we collect is accurate, relevant & secure. It is stored in such a way to maintain its confidentiality and integrity. It is also only available to named individuals, should we need access to it. The data we collect is adequate and limited to what is necessary. Should it be required, we can locate & retrieve footage / data in a timely manner. We will not use the system for any incompatible purposes and we conduct regular reviews of our use of CCTV to ensure that it is still necessary and proportionate.

Additional information collected for Members and ex-Members only

To provide our services to you, including administering your membership (e.g. processing your membership application, registering you as a Member, managing your membership, processing membership queries, managing payments, undertaking Section management and administration and electing RSM Trustees and Presidents, service-based communications about membership benefits and renewals, general communication with you about all membership related matters over email, text (SMS) or by post) and maintaining membership records. We may invite you to rejoin the RSM after you have discontinued your membership. (Please note you can opt-out of receiving our invitations to rejoin at any time although this will not mean we delete your personal data when you have stopped being a Member).
To manage access and record usage of our library and collections.
To conduct investigations into concerns or complaints about financial fraud, criminality, safeguarding issues, welfare issues, inappropriate behaviour displayed toward Staff, members of the public or Members, or any other activities which may cause or have the possibility of causing harm to others, either about you, where you may have been harmed, or where you are assisting us or acting as a witness and to carry out disciplinary actions. Where relevant, based on the outcome of investigation, we will also administer membership suspensions and expulsions based on the investigation.

Other Users of RSM’s services

To process job applications. The RSM complies with the ICO rules in which data about yourself that is provided during the application process is used and held. From the point at which we receive your job application, whether directly or via an agency, the RSM will need to maintain and process data about you for the purposes of reaching and communicating a recruitment decision and production of an offer of employment if appropriate. Such data is normally retained for six months following completion of our recruitment processes in the event of an offer of employment not being made. For a full list of data the RSM will process, read our fair processing notice for job applicants notice. If you have any queries about the process or how we handle your recruitment information please contact hr@rsm.ac.uk.

Please note:

Not all purposes for using Users’ personal data will be relevant to all Users all of the time.
At any time, you can email dpo@rsm.ac.uk to ask for the details that we hold on you and for your data preferences (i.e. opt-ins/outs) to be updated.
Your personal data will not be used for automated decision making such as AI.
We do not sell your personal data to any third-parties.
If we wish to use your personal information for purposes other than those stated in this Privacy Policy, we will obtain your further consent.

If you have interacted with the RSM in a different way and if you expected to see something different to the list above, please get in touch via dpo@rsm.ac.uk to discuss details.

Transfer of personal data outside the UK or EEA

We may share, transfer or store your personal information outside of the UK or EEA where we are satisfied that adequate levels of protection are in place to protect the integrity and security of your personal information or adequate security measures are adopted and in compliance with applicable privacy and data protection laws.

Who we share your personal data with

Within the purposes of using your personal data, as listed above, we may from time-to-time share or disclose your personal data with the following:

Third-parties / volunteers (e.g. Section Presidents, Section Secretaries, Section managers etc.) to allow them to contact you about any management and administration queries.
Event attendees, including sponsors and exhibitors of the event you are registered to attend via the event participants list. In all cases, only limited personal information will be shared. This is based on our legitimate interest and that of event supporters, sponsors and exhibitors to ensure information provided is relevant to the audience attending, as well as to encourage networking and engagement amongst event attendees. This information includes your name, job title, institution and company name. Contact details would not be shared with fellow event attendees or third-party organisations. If you would prefer us not to share these details, then you can indicate this by using the opt-out box when completing your event registration form via the online booking process on our Site.
Our education event partners. Limited personal information may be jointly owned with education event partners, if you are a registered participant of these events. This is based on our legitimate interest and that of our education event partners to ensure that the information provided is relevant to the audience attending, as well as to encourage networking and engagement amongst event attendees. This information includes your name, job title, institution, company name and contact details. Additionally, contact details (only if you consented to share your contact details) may be shared with our education event partners, who may contact you for marketing and promotional purposes. If you would prefer our education event partners not to contact you for marketing and promotional purposes, then you can indicate this by using the opt-out box when completing your education event registration form via the online booking process on our Site.
Our Section volunteers. Limited personal information may be shared with our Section volunteers, if you are a participant within our Sections. This is based on our legitimate interest to ensure that the information provided is correct, as well as to manage our Sections effectively. This information includes your name, job title, organisation and contact details (only if you consented to share your contact details).
Other attendees and speakers on your course for the purpose of educational study or working groups.
RSM subsidiary services. The RSM may use the information provided by you to enable its subsidiary company, ‘Royal Society of Medicine Commercial Services Limited’, to provide services at the RSM’s premises and to provide you with information about our hotels, club and other related services.
Our partners and our service providers who assist us in providing the services we offer (e.g. processing transactions; fulfilling requests; running CPD, awards, prizes, events and exhibitions; receiving and sending communications and marketing activities; and providing supporting services).
Third-parties who may be carrying out filming, photography or recordings on the RSM’s behalf.
Pre-approved suppliers (e.g. digital membership, communications and storage providers; online balloting, survey, questionnaire or web-form platform providers; digital campaign designers and physical printing organisations). At times, we work with external suppliers to provide you with services. All data is transferred securely to suppliers and all will have signed data processing agreements in place with the RSM.
If relevant and agreed by you, media organisations which may include news media and journalists who represent specific and relevant views, as well as social media channels.

Please note:

Any data shared with the above categories of recipients will be the minimum necessary for the task they have been instructed to carry out on our behalf or in conjunction with us.
Each category of recipient is subject to review by the Data Protection Team to make sure they have the right methods in place for keeping your personal data secure.
Where the sharing of personal data is within the context of a product or service being supplied under contract to the RSM, a Data Processing Agreement, in accordance with GDPR Article 28 is put in place. This makes sure the supplier cannot use your personal data outside of the list of uses above.
Except that stated above, the RSM will only disclose your personally identifiable information to third-parties where required to do so by law or by a competent regulatory authority, where you have consented to the disclosure or where it is in our legitimate interest to do so.
information collected by the RSM will be treated confidentially

There may be scenarios where we are subject to a legal obligation to disclose or share your personal data, such as with law enforcement agencies, regulatory bodies or public authorities in order to prevent or detect crime or prove we have adhered to their request. We will only ever disclose your personal data to these third parties to the extent we are required to do so by law.

Data sharing with a third-party organisation that is not a supplier of a product or service to the RSM does not occur unless there is a legal obligation or sound lawful purpose for such sharing.

In all circumstances, the unlawful and unauthorised sharing of copies of personal data in which the RSM is the data controller is expressly prohibited. Any unauthorised sharing of the RSM’s data is classified as a data breach which we will record and report to the ICO, as required.

How long we will keep your personal data

The period we keep your information for depends on the purpose for which your personal data was collected and the use to which it was put. The RSM does not retain or use personal data for longer than is required to undertake the work of the charity. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. For example, we usually retain sales records or event participant information for at least six years so we can fulfil our statutory obligations for tax purposes.

For Members and ex-Members only

If you are an RSM Member, your record will be kept while you remain a Member. If you decide to cancel, your record will be retained following the expiry of your membership for a reasonable period, so that we can assist you should you decide to re-join or be reinstated into the RSM.

Data shall be reduced, redacted, de-identified and deleted at appropriate times so we retain the minimum amount of data possible.

On the basis of keeping people safe from any harm, and our legitimate interest in knowing who has or has not been a Member in the past when there may be future safeguarding or legal concerns or requests for Member information, we retain all personal data we have captured from you.

Unless you specifically tell us otherwise, we will retain your personal data in all locations where it is held or until such a time it is no longer tenable to keep your personal data for any reason.

Where you submit a right to deletion request (either in writing to our Data Protection Officer (DPO) at 1 Wimpole Street, London, W1G 0AE, United Kingdom or via email: dpo@rsm.ac.uk) we will delete you from any and all locations we hold your personal data where it would mean we may make contact with you again, although we will retain your information if:

It has been, or is being used within a complaints, disputes or grievance process by the RSM and we may need to evidence this in the future to defend legal claims.
We need to keep it to comply with a legal or regulatory obligation.
Erasing your data would prejudice any RSM research;
There is information associated with your data which is of a safeguarding concern to yourself or others.
Erasing will mean we lose our logs of financial transactions.
Erasing will mean we lose our logs of when you made any data protection rights requests.
Erasing will mean we are unable to understand if you have been a Member in the past.

How we protect your personal data

The RSM takes the security of your personal information seriously. Whenever the RSM handles personal information, regardless of where this occurs, every precaution is taken to ensure that information is treated securely, for example, by encrypting information and by storing the information in a secure environment. In order to prevent unauthorised access or disclosure and unlawful or unauthorised processing and accidental loss, destruction or damage, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. For example, we have adopted internal data protection procedures and trained our staff on them with a view to preventing breaches of security.

We are committed to taking all reasonable and appropriate steps to protect personal information we collect from you from improper use or disclosure, unauthorised access, unauthorised modification, and unlawful destruction or accidental loss. We have taken and will take appropriate information security, technical, storage and organisational measures to such end, including measures to deal with any suspected data breach. All providers who are associated with the processing of your information are obliged to respect the confidentiality of your personal data.

We take all reasonable steps to protect any personal information you submit via the Site or our other digital services. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while the RSM strives to protect personal information, it cannot ensure or warrant that any information transmitted to the RSM will not be intercepted while being transmitted over the internet, which is done at the sender’s own risk. Accordingly, we have no responsibility or liability for the security of personal information transmitted via our Site or our other digital services.

Similarly, any information revealed, including personally identifiable information, in a public forum such as in a discussion forum or a chat, is not subject to this Privacy Policy. It is therefore important that consideration is given to what information is disclosed in these areas.

Links to Third-Party digital services, provided on the RSM’s Site, are not covered by the RSM's Privacy Policy and when visiting such Third-Party digital services the User should check the privacy statements of each service that they visit.

Your choices and rights

As an individual you have explicit rights under the Data Protection Legislation:

The right to be informed.
The right of access.
The right to rectification.
The right to erasure (also known as the ‘right to be forgotten’).
The right to restrict processing.
The right to data portability.
The right to object.
Rights with respect to automated decision-making and profiling.
The right to withdraw your consent to the collection, holding and processing of your personal data at any time.

You can ask to see the personal data that we hold about you. If you want to review, verify or correct your personal information, please note that any such communication may be required in writing.

When requesting access to your personal information, please note that we may request specific information from you to enable us to confirm your identity and right to access, as well as to search for and provide you with the personal information that we hold about you. We may charge you a fee to access your personal information; however, we will advise you of any fee in advance.

Please bear in mind that sometimes we may not be able to help. Your right to access the personal information that we hold about you is not absolute. There are instances where applicable law or regulatory requirements allow or require us to refuse to provide some or all the personal information that we hold about you. In addition, the personal information may have been destroyed, erased or made anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will try to inform you of the reasons why, subject to any legal or regulatory restrictions.

Please contact us at: Data Protection Officer (DPO), 1 Wimpole Street, London, W1G 0AE, United Kingdom or email to dpo@rsm.ac.uk if you wish to take up any of these rights.

Updating your personal information

You can manage your communication preferences at any time by logging into the Site and updating your data preferences (i.e. opt-ins/outs). Alternatively, you can contact Customer Services on info@rsm.ac.uk or call 020 7290 2991 who will assist you with updating your details.

It is important that the information contained in our records is both accurate and current. If your personal information happens to change, please keep us informed of such changes as soon as possible. Those whose data is held by the RSM have the right to the amendment or deletion of incorrect entries within a reasonable time.

In some circumstances (for example, for legal or regulatory reasons), we may not agree with your request to change your personal information and will instead append an alternative text to the record in question.

Complaints

Making a complaint to us

If you want to raise a concern about the way we’ve handled your personal data, please contact us at: Data Protection Officer (DPO), 1 Wimpole Street, London, W1G 0AE, United Kingdom or email to dpo@rsm.ac.uk, outlining your concern.

When you submit your complaint to us

You will normally need to include documents that prove your identity as well as a clear and precise description of your complaint or concern.

We process requests, complaints and concerns following the legal framework and statutory timescales, and we’ll let you know if we need more time.

If you do not hear from us by the latest due date or are not satisfied with the response you have been given, you have the right to complain to the Information Commissioner.

Making a complaint to the Information Commissioner’s Office (“ICO”)

Where you feel the level of concern is higher and you would like to make a complaint to the UK data protection regulator, the ICO, we ask that you give us the opportunity to address your complaint before this escalation, although we respect that you may still like to make your complaint to the ICO before coming to us and you do have a right to do so.

If you are not satisfied with our response or believe we are processing your personal information in a way that is not in accordance with the law, you have the right to lodge a complaint with the ICO as follows:

Via their website:

https://ico.org.uk/concerns/

By calling their helpline:

0303 123 1113

By writing to them at:

ICO, Wycliffe House, Water Lane, Cheshire SK9 5AF.

Accuracy

The RSM takes all reasonable steps to keep personal data in its possession or control, which is used on an ongoing basis, accurate, complete, current, and relevant, based on the most recent information available to us. If we are advised of a change of information, we will update the data accordingly.

We rely on you to notify us of any changes to your personal data.

Contacting us

If you have any questions about the information in this privacy notice or any queries related to your personal data, you may contact the RSM in relation to data protection matters at dpo@rsm.ac.uk or by writing to the Data Protection Officer at 1 Wimpole Street, London, W1G 0AE, United Kingdom.

Changes to our Privacy Policy

Our Privacy Policy may be updated from time-to-time, so Users may always know what information is collected, how it is used, and under what circumstances, if any, it is disclosed. Consequently, you may wish to check it each time you submit personal information to us. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to submit personal information to us (either via the RSM’s digital services or other means).

Please note:

We will notify you of any changes where required by applicable law to do so.

This privacy notice was last updated in December 2024