Privacy Policy

Introduction - data and privacy transparency policy

The Society of Operations Engineers is committed to open and transparent use of data which is secure and gives members, potential members and suppliers full confidence that we are using data exactly how we say we will and in accordance with the General Data Protection Regulation (GDPR) and Data Protection Act 2018. This document sets out in plain English how that operates in practice.

Who are SOE and what are our contact details?

The Society of Operations Engineers is a registered charity, (number 1081576), as well as a company limited by guarantee (number 03667147). IRTE Services Ltd is a company limited by guarantee (number 02854868), and a wholly-owned trading subsidiary of the SOE which carries out our commercial activities. This data policy applies equally to both, and the term ‘SOE’ in this document covers the two organisations. Our business and registered address is 22 Greencoat Place, London SW1P 1PR. You can call us on +44 (0)20 7630 1111 or email us at soe@soe.org.uk. Unless otherwise stated below, SOE is the sole Data Controller for any data we collect from you.

When do we collect personal data?

  • When you communicate with us by email, telephone or post, or visit us in person at the SOE business address or at an event
  • When you apply to be a member of the Society of Operations Engineers
  • When you apply for registration with Engineering Council (EngC), Society for the Environment (SocEnv) or to transfer a registration to us from another Professional Engineering Institution (PEI)
  • When you or your organisation purchases or applies for SOE products and services
  • When you apply for one of our commercial products, either through us direct, or those organisations who are licensed to accredit or deliver them
  • When you consent to receive our marketing communications, or update your preferences regarding them
  • When you use our website to manage your membership account
  • In the form of cookies when you visit soe.org.uk – you can find out exactly which cookies we use and why here
  • When you take out or manage a subscription to one of our magazines, Plant Engineer, Transport Engineer or Operations Engineer or our partner magazines
  • When you register for one of our events, awards or competitions
  • When you agree to be featured in an article, press release of on the website, either in written or photographic form
  • When you fill in surveys or polls from SOE

How do we process data? And why do we?

Under the GDPR, there are six lawful bases for processing personal data – we have listed below which ones we use, and why. Data and any communications are always processed using secure systems which are regularly reviewed by the SOE GDPR Working Group:

1) Consent – we use this as the basis for all marketing and business development email and telephone communications, letting you opt-in and -out as you wish to hear about our products and services. This may be directly through the SOE (using the email opt-in channels which are presented to all members and potential members as part of the sign-up process and continually updated on the My SOE area of the website), or it may be consent you give through a third party, using an application form for one of our products where your contract is with the third party and the form has a marketing consent section specifically for SOE. We also use consent when we collect data from surveys (for example membership satisfaction survey).

2) Contract – we use this basis to process all necessary data which we require for you to become a member of SOE, register with Engineering Council or Society for the Environment or for us to deliver any of our other products and services, including renewals. This includes any print, telephone or electronic communications which are necessary for administering these products or part of your membership benefits (for example renewal notices or notifications of a change of membership grade). It may also include data provided to us by your employer if they pay for your membership and/or registration. This basis also covers communicating with you joining instructions for events.

3) Legal requirement – we use this basis as part of our obligation to comply with the law or other regulatory or statutory bodies which may arrive on a case-by-case basis; for example, we would process our internal Human Resources data under this category

4) Vital Interests – using personal data, if and when necessary, to protect the vital interests of any individual (e.g. “life or death” situations) For example, we may also collect dietary requirements as part of an event booking which includes food, and in case of medical emergency we may deem it necessary to share such food information with the emergency services (we do not hold sensitive data such as food allergies between bookings).

5) Public Task – we do not currently process any data under this category

6) Legitimate Interest – this basis is used when we have your details as a potential customer and wish to contact you with products and services by post which we believe will be of interest to you, and where doing so would not impinge on what we reasonably expect you to agree to when you give us your data (for example if you give us your business card at a trade show, our Business Development team may contact you to offer products and services which we believe would be of interest to you and your organisation, or when we send you your membership pack in the post, we may include a marketing leaflet for professional registration).

Who do we share data with? Why do we need to?

Data processors: these are organisations where we securely pass your data to fulfil either contractual obligations to you regarding one or more of our products or services or undertake marketing where you have opted in, or where we are passed such data to do so.

Data is only shared where an appropriate condition from the below list is met, and we have appropriate contracts covering data processing in place with all these organisations. The current list is:

a. MA Business – who act as publisher to the SOE, for fulfilment of member and non-member subscriptions to SOE magazines as well as print and tele-marketing campaigns, where we have an appropriate data processing basis

b. Adestra – this is our email distribution software used for both contractual and marketing communications

c. The Electoral Reform Society (ERS) – if you are a corporate (full) member of SOE, you will be entitled to vote in elections for the Trustee Board as well as your appropriate Professional Sector Council, the ERS manage the process of elections for us

d. The Institution of Mechanical Engineers (IMechE) – SOE members are entitled to discounted subscription rates to certain IMechE publications, and we pass on mailing data of those members who do for fulfilment, this is turn is passed onto the IMechE publisher, currently Think Publishing.

e. The Institution of Diesel and Gas Turbine Engineers (IDGTE) – as part of our service to the IDGTE whereby we affiliate their registered engineers, we process data and pass it to the Engineering Council

f. Romax Direct Marketing – who are our print fulfilment partner for mail campaigns, regarding subscription renewal and, where we have an appropriate data processing basis, marketing

Joint data controllers: this is where we need to pass your data to a secondary organisation or organisations for the purposes of fulfilling a contractual service or a material obligation (or are passed it from another organisation for the same reasons), and all organisations in the chain need to process this data to deliver. Data is only shared where an appropriate condition from the below list is met. We have appropriate agreements covering data control in place with all these organisations. The current list is:

a. The Engineering Council – when you apply for EngC registration through SOE, we control your data in respect to your membership, but the Engineering Council also control this data in respect to awarding registration on our recommendation once we have passed it to them.

b. The Society for the Environment - when you apply for SocEnv registration through SOE, we control your data in respect to your membership, but SocEnv also control this data in respect to awarding registration on our recommendation once we have passed it to them.

c. The Audit Bureau of Circulations (ABC) - we may share your personal data with ABC, so they can verify aggregated statistics about circulation and usage of our products or review our policies, processes and procedures for compliance with relevant standards. You can view their privacy policy by following this link.

d. The Driver and Vehicle Standards Agency (DVSA) – if you apply for a Certificate of Professional Competence (CPC) through SOE, we are obliged to pass this information to the DVSA twice a year, so they can act as data controller for administering the scheme, and keep an up-to-date register.

e. The Institution of Diesel and Gas Turbine Engineers (IDGTE) – as part of our service to the IDGTE whereby we affiliate their registered engineers, we control the data and store on our systems to process Engineering Council registration on behalf of applicants.

f. The Institute of the Motor Industry (IMI) & irtec centres – if you apply for an irtec licence, your contract will be with the originating irtec centre, however the IMI and the SOE will also be joint data controllers (the IMI for awarding the scheme and the SOE for administering it). You can find a full list of current irtec centres here.

g. S&B Automotive – our partner in the IRTE Skills Challenge competition, you can find out more about the competition here.

h. Workshop Accreditation delivery partners – when your business applies for IRTE or MHE Workshop Accreditation, the contract will be with the originating centre authorised to deliver the accreditation, however SOE will be joint data controller for administration purposes. You can find a full list of current delivery partners here.

i. Fee paying organisations and corporate partners – SOE runs schemes whereby:

* an organisation may agree to pay for membership and/or professional registration for an individual

* being a member of our Corporate Partner Scheme entitles employees of that member to discount on their membership and/or registration

In these circumstances it may be that we acquire and share your data with the organisation so we can administer the appropriate products and services, and verify that you are entitled to any discounts or fee remission on a yearly basis

You can find a current list of fee paying organisations here and a full list of our corporate partners here.

Profiling and data for marketing

SOE does not use solely automated profiling to make marketing decisions, a human is always involved in the process. We do use your interests from ‘My SOE’ such as a) our products and services GDPR options and b) your membership record and any topics you have indicated you are interested in to ensure we send you relevant messages and content – for example if you are an IEng qualified Plant Engineer who is interested in alternative fuels, we may ensure that an article on this topic is presented to you when you log in and you may also receive marketing emails regarding gaining CEng, where appropriate to furthering your career.

What are your rights?

GDPR provides you with the following rights; please see below for more detail and for how to use them:

The right to be informed – when we collect data from you, it is your right to be told how and why we require or would like it, and what we will be doing with it as well as how you can control what data of yours we have. We will always do this at the point where we collect your data, unless the data comes to us through a third party, in which case we will tell you as soon as possible after we receive it, and certainly within one month. This policy is part of that overall process, but we will use bite-size and easy to understand relevant parts of it at each of the touchpoints between SOE and the individual.

The right of access – anyone has the right to request if we hold data on them, and what data it is that we hold if so. You can do this by sending a written request to us either by email or post, using the details at the start of this notice. The data request will be free of charge – unless it is repetitive, excessive or manifestly unfounded, in which case we will charge a reasonable fee of £50. We will aim to get you the information within 1 working week, however this may take up to 1 month at busier times of the year for us.

The right to rectification – if any data we hold about you is incorrect, we will update it as soon as you inform us, unless we require verification of that information (for example a change of Engineering Council status). We also provide full self-service facilities for members to keep their contact and personal details up-to-date themselves vie the online membership area and offer similar preference centres for non-member prospects.

The right to erasure – you have the right to request that we completely erase any data we hold on you, which can be done easily by using the contact details at the start of this document. We will inform you of the outcome of this request and any associated erasure within one month.

The right to restrict processing – you may request that we restrict your data from being processed (for example to fulfil a magazine subscription), but still hold it on our systems if required and this is necessary under GDPR, you can do this in writing to the contact details at the start of this notice.

The right to data portability – if you wish that we share your personal data with other controllers (for example if you apply for Engineering Council registration and we need to share your information to get you registered) the right under GDPR is that this should be in an easily transferable format (you also have the right to ask us to send you a copy of your data in a similar easy to use format). We usually do this by secure data transfer between organisations’ portals, however if this is not an option (or if you wish us to transfer your data to you) we will do this in password protected excel or CSV file via encryption software.

The right to object – we use appropriate legal bases as outlined above for processing data for marketing purposes, and we enable you at every opportunity to keep your preferences up-to-date. However, you have the right at any point to object to marketing communications, and as soon as you do so in writing or by telephone to the SOE office, we will stop all marketing contact. The same applies if you wish us to remove your input from a survey you have filled in, even if you previously gave permission, although anonymised data would not be included in this.

Rights in relation to automated decision making and profiling – you have the right to know if we profile you or make marketing decisions about you using wholly automated processes, as stated above, SOE does not use automated marketing systems using data we collect under this agreement.

Jurisdiction and geography

Our data processing activities take place within the European Union; however if you live within one of our non-UK regions, we may, with your permission, pass data to the local SOE representative. For example if you live in Hong Kong and wish to apply for CEng, we would need to offer you a local mentor to assist you.