LinkedIn Instagram Twitter / X Search

Privacy Policy

Our Privacy Policy

The Contract Flooring Association (‘CFA’) is committed to protecting your privacy and ensuring that any information that we collect about you is never misused.

CFA is registered as a data controller with the ICO under registration number Z7519928.

Our registered address is Unit 23, Eldon Business Park, Eldon Road, Chilwell, Nottingham, NG9 6DZ.

This Site at cfa.org.uk (the ‘Site’) is owned and operated by the CFA. Please review the Privacy Policy and Terms & Conditions before using the CFA Site.

This policy explains how we collect information, how it is used, how we keep it, and what your rights are.

About us
The CFA is a ‘non-profit’ trade association that represents the UK's flooring contractors, manufacturers, distributors and consultants in relation to the installation of flooring products and materials; we also have a number of members who are based outside the UK and also some members who are not directly involved with installation of flooring. Most CFA members are businesses, although a small number of our consultant members are private individuals.  To be able to improve the service we provide to members, we process information about them and this is used to deliver our membership offering and keep them up to date with news in the industry.

The Privacy Policy set out below shall apply to all users of the Site. The terms ‘you’, ‘your’ and ‘user’ refer to any individual and/or business accessing the Site for any reason. References to ‘we’, ‘us’ and ‘our’ are references to the CFA.

How do we collect information?

The CFA collects and processes data about you when:

  • information is collected from member firm representatives to ensure individuals receive relevant information and correct personnel are included in the annual CFA Members’ Handbook.
  • you provide information by filling in an application form.
  • you register/book/attend CFA events.
  • you pay for a CFA subscription, an admin fee, a place at an event, or a publication.
  • you contact us via phone, email or in person, when we may keep your contact details.
  • you are the primary contact of a CFA member company.
  • you register for access to the CFA website through your company’s membership or register for any of our events.
  • you sign up to receive email newsletters or join a committee.
  • you complete surveys that we use for research purposes.
  • you apply for a job.
  • you visit our website, leaving information about your computer and visits.

The information is used to manage member access and offer you the option to be involved with various CFA interest groups and distribution lists. You may choose to opt-out of these at any time.

If you make a purchase from us and pay with your credit/debit card, we do not retain your card information it is disposed of securely immediately after processing.

How is your information used?

Ways we use your information are:

On the basis of Contract

  • to provide you with information relating to membership of the CFA, information related to our website, committees, services which you request from us or for the registration of events.
  • to provide you with information on other services that we feel may be of interest to you in line with those you have previously expressed an interest in via our website, interest groups or events.
  • to obtain professional references for you to ensure that membership criteria are met.
  • payment processing, provision of access to services and events to enable sales and fulfilment of goods, services and events to CFA members.
  • to issue invoices for membership to ensure that subscriptions are paid on time to allow CFA to be suitably funded.
  • personal data  is processed via our internal  d/b. The CFA membership d/b is to manage the membership of that person so that you are enabled to access to helplines and benefits as well as the member area of the CFA website.

On the basis of Legitimate Interests

  • to seek your views or comments on the services we provide.
  • for our internal purposes including statistical or survey purposes, site performance and evaluation to improve our website.
  • to administer this website.
  • identify appropriate individuals by role and/or interaction history to categorise target groups/individuals to solicit/encourage further support.
  • advertising our services.
    - sending unsolicited direct marketing communications by post or
    - phone  calls (to non-CTPS-registered numbers). (b2b PECR)
    - information is sent to prospective members and current members of the CFA through various trade and construction journals. This also includes social media platforms where interest groups or individual recipients are identified or have registered interest directly with CFA.

Where we have a Legal Obligation

  • to comply with laws and regulations that apply to us.
  • the collection/generation and retention of records for sales, returns, complaints, to meet obligations under consumer protection law.
  • the collection, retention, analysis of expenses claims, sales and other income records, supplier payments, checking payment card validity, which are audited through our annual accounts, to prevent, detect and investigate fraud.
  • flagging, retention, checking of contact details and channel preferences to be suppressed to manage the suppression lists of people who have declined electronic direct marketing communications.

As a member organisation we have obligations to ensure all our members receive certain information based on the contract between us and you and legitimate interest, including our monthly email update.

We will hold your personal information on our systems for the duration of your membership or as long as it is necessary for the relevant activity. We will only retain information for three years after the activity after which it will be deleted in line with our retention schedule.

Photography and/or videos are taken at CFA events and we will inform you in advance if and when these photographs or videos will be published on our Site or via social media. If you do not wish your photograph or videos to be taken, please inform a member of the CFA staff prior to/at the event.

CFA members

As a member of the CFA you will receive the following emails from us:

  • The CFA Monthly Update.
  • The occasional Newsflash.
  • Emails relating to the administration of your CFA membership.
  • Emails relating to CFA events.
  • Emails relating to CFA event administration.

You can click unsubscribe at the bottom of the monthly update and newsflash emails to stop receiving them. Emails sent for administration of your membership or event bookings will still be sent as these are contractual. By becoming a member of the CFA, your firm is signing you up to receive this information related to the organisation.

It is a constitutional requirement for us to send this information to you.

In certain cases, we are also required to collect information about your employees to satisfy membership criteria.

We will share the data you provide specifically for inclusion in the annual CFA Members’ Handbook with Kick-Start Publishing Ltd our Data Processors who produce the document on our behalf.

These details will be held in accordance to our privacy policy and you may opt to have your employees added to or removed from the CFA database at any time.

How do we keep your information?

CFA collects and stores your data safely and only for the time strictly necessary to operate services provided to you by us and/or based on the reasons that we process your personal data.  Afterwards it will either be destroyed or anonymised.

When determining the relevant time we store information, we take into account factors such as: 

  • Legal obligation(s) requiring data to be kept for certain periods of time;
  • (Potential) disputes:
  • Guidelines issued by the UK’s data protection authority.

A few examples for how long we’ll keep your data:

  • Unless you ask us not to, we store your generic details (i.e. name, surname, contact details) for up to two years after you stop being our member, to contact you just in case you change your mind.
  • We keep your accounting data for seven years, for tax purposes.

When you give us personal information, we take steps to ensure that it’s treated securely on all our systems. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the CFA website, you are responsible for keeping this password confidential.

Third Party Service Providers
The data CFA hold about you may be shared with third parties. Any sharing is closely monitored and is limited to only what is necessary to deliver our service to you. Trusted third party service providers can be found below:

CMS & Database
The CFA uses Act! by Swiftpage International Limited to file your personal data.  Swiftpage International Limited is a UK company registered in England and Wales. For further information please see Act!’s Privacy Policy please click here.

Mailchimp
The CFA uses personal data to send to our members requested publications, monthly email updates, together with details of our events. We use a third-party provider, Mailchimp, to deliver these services. We gather and review statistics around email opening and clicks to improve our reach and content. For further information please see Mailchimp’s Privacy Policy. Mailchimp is a corporation based outside of the UK; for further information on their compliance with UK and EU regulations please click here.

It is a contractual requirement for us to send the monthly email update to you.

Surveys
The CFA values the views and feedback of its members. As a consequence, we may contact you to speak with you direct or conduct surveys. Your participation in these surveys is entirely optional. Typically, the information is aggregated and used to develop content for our members.

Contractor members are required to complete an annual survey which is mandatory.  This survey is carried out via our own website.

Your contribution to any survey will be anonymous unless otherwise stated in the survey. We collect the above information using either purpose-built surveys via our own website or in some circumstances using Survey Monkey. For further information please see Survey Monkey’s Privacy Policy. Survey Monkey is a corporation based outside of the UK; for further information on their compliance with UK and EU regulations please click here. For Survey Monkey’s Security Statement please click here.

Website
The CFA uses a third-party service, Kyodo, to help maintain the CFA Site.  Security measures in place include encryption of data. 

Cookies
Cookies are small text files that can be used by web sites to make a user's experience more efficient. The law states that we can store cookies on your machine if they are essential to the operation of this site but that for all others, we need your permission to do so. The Site does use some non-essential cookies.

We do not use cookies to track individual users or to identify them, but to gain useful knowledge about how the site is used so that we can keep improving it for our users. Without the knowledge we gain from the systems that use these cookies we would not be able to provide the service we do. This Site uses different types of cookies.

We use Google Analytics, a popular web analytics service provided by Google, Inc. Google Analytics uses cookies to help us to analyse how users use the Site. It counts the number of visitors and tells us things about their behaviour overall – such as the typical length of stay on the Site or the average number of pages a user views. The information generated by the cookie about your use of our Site (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the Site, compiling reports on Site activity and providing other services relating to Site activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google undertakes not to associate your IP address with any other data held by Google. For further information please see Google Analytics’ Privacy Policy.

If you want to delete any cookies that are already on your computer, please refer to the instructions for your file management software to locate the file or directory that stores cookies. You can access them through some types of browser. Search in your cookie folders for 'cfa.org.uk' to find our cookies and the Google Analytics cookie if you wish to delete them. More information about cookies, including how to block them or delete them, can be found at AboutCookies.org. Some third-party cookies are set by services that appear on our pages. They are set by the operators of that service and are not in our control. They are set by Twitter, and inShare (LinkedIn) and relate to the ability of users to share content on the Site, as indicated by their icons.

Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

What are my rights under data protection law?

You have a number of rights in relation to how we use your personal data, these are set out below in more detail:

  • Your right to request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Your right to request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate personal data we hold about you corrected, though we may need to verify the accuracy of the new personal data you provide to us.
  • Your right to request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing under “your right to object” below, where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Your right to object to processing of your personal data. This enables you to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Your right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the personal data is unlawful but you do not want us to erase it; (c) where you need us to hold the personal data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your personal data but we need to verify whether we have overriding legitimate grounds to use it.
  • Your right to data portability. This enables you to request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Your right to withdraw consent. This right arises at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
  • We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information to speed up our response.
  • We try to respond to all legitimate requests within one calendar month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

For further information about your rights, please contact the Information Commissioner’s Office.

Updating your details
We want to make sure that your information is accurate and up to date. If you would like us to correct or update your information, you must inform us as soon as practicable by contacting us at info@cfa.org.uk or call us at 0115 941 1126.

Access to your data
If you want to request information about our privacy policy or access the information that we hold about you, please contact us at CFA, Unit 23 Eldon Business Park, Eldon Road, Chilwell, Nottingham NG9 6DZ. . Tel: +44 (0)115 941 1126 or click here to email us.

Privacy Policy Changes
If we decide to change our Privacy Policy for the Site, we will post those changes here so that you will always know what information we gather, how we might use that information, and whether we will disclose it to anyone. If, at any time, you have questions or concerns about our Privacy Policy, please email us by clicking here.

Thank you for using the Site. We hope you find it useful and informative.

This privacy policy was last updated on 20 June 2019.

Contact us

Contract Flooring Association
Unit 23 Eldon Business Park
Eldon Road
Chilwell
Nottingham
NG9 6DZ

tel: +44 (0)115 941 1126 / email: info@cfa.org.uk

Terms and Conditions: View the CFA’s Terms of Use.

Contact the Contract Flooring Association.