Privacy Policy

The ILA collects and uses information about its members and other individuals with whom it comes into contact (including through its website). We are committed to protecting your privacy and we therefore ask that you please read this policy carefully as it describes the personal data we collect, the ways that we use it and how we make sure your rights are protected.

If you would like to know more please contact us by post at Data Protection, Insolvency Lawyers Association, C/O Westcotts, 26-28 Southernhay East, Exeter, EX1 1NS  or by email at

Best practice in relation to privacy and the processing of personal data is constantly evolving and we may change this Policy from time to time. We request that you refer to our website on a regular basis to ensure that you are aware of our most recent policy.

1. The data controller of your personal data

We are the Insolvency Lawyers Association Limited (“we”, “us” or “our”). Our registered office is C/O Westcotts, 26-28 Southernhay East, Exeter, EX1 1NS

For the purposes set out in this privacy policy, we are the “data controller” of your personal data.

2. Personal data we collect

“Personal data” is any information that could be used to identify you in some way. We collect the following personal data about you:

  • name;
  • contact details including your business address and, e-mail address;
  • type of membership;
  • the organisation where you work;
  • referee details (where you are an overseas member only);
  • your username and password;
  • your attendance at any of our hosted events;
  • any personal data which you provide to us in our general communications with you (for example, if you contact us with an enquiry via email or post correspondence to us);
  • any personal data which you provide to us should you choose to apply for the Paul Bromfield Insolvency and Restructuring Research Scholarship (including information contained within your CV (including information relating to your education, work experience, and extra-curricular activities), letters of support, and a statement of research);
  • information about your computer and about your visits to and use of our website (including information about how and when you came to visit our website, how you interacted with the website and where you went next; and
  • technical information about the way you access our website including your IP address, geographical location, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and device information.

3. How we collect your personal data

In most situations, we will collect personal data directly from you when you become a member, visit our website, attend one of our events, contact a member of the committee or otherwise get in touch with us.

From time to time we may access and store personal data which is available from other public sources including some personal data.

Our website uses cookies to recognise you when you visit and use the website. Cookies help ensure the website runs smoothly and also allow us to improve our website. For more information on the cookies we use, the purposes for which we use them and ways to limit the use of cookies and similar technologies in relation to your browser or devices, please see our Cookie Policy.

4. How do we use your personal data, and what is our legal justification for doing so?

We use your personal data for a variety of purposes related to the successful management and day to day running of our organisation. From a legal perspective, there are various reasons for doing so. We’ve set each use and our legal justifications out in the table below:

5. When might we disclose your personal data to others?

We will not disclose your personal data to others except for the reasons set out below. Where we do share your personal data with others we will only do this where we have a genuine reason for doing so and only where we are confident your rights are protected.

The only circumstances where your personal data may be disclosed to others are:

Where we need to share your personal data with a third party which is providing a service to us. For example, we use a third party partner to help us manage our website and a third party will conduct any audits on our behalf. It is in our legitimate interests to do this where we do not have the capabilities to provide these services ourselves. In each case, we will ensure that these third parties are only allowed to use your personal data to provide the relevant services to us. We will always make sure we use third parties we trust to look after your personal data appropriately and as required by applicable laws;

Occasionally, third parties (such as law firms) will host events on our behalf, this may mean that we need to share certain personal data with them or with registration website providers regarding attendees/delegates and speakers in order for them to successfully run the event. We only work with third parties we trust to host and run events on our behalf and we will always ensure that your rights are protected;

Where we are required to do so by the Courts or to comply with other legal, statutory and/or regulatory obligations including accounting and taxation requirements, for example, we are a company limited by guarantee and have certain statutory obligations which require us to process the personal data of members in a certain way; or

To prevent and/or detect crime.

If you would like further details of who we share your personal data with and for which purposes, please contact us using the details in section 8 below.

We do not currently transfer or share any personal data outside of the European Union. However, if this changes we will update this policy accordingly.

6. Member’s Information displayed on the website

Please note that whilst we will do all we can to prevent others from doing so, as certain personal data about our members (i.e. their names and organisation on the public section and names, organisation and contact details on the members section) are made available on our website there is a chance that third parties will collect and use this information for their own purposes.

7. Your rights and how to contact us

The law gives you a number of rights in relation to your personal data and our use of it. You have the right:

(a) to ask us not to use your personal data for direct marketing purposes;

(b) to ask to see what personal data we hold about you and to find out about the way that we process the data (and in some circumstances, you can ask us to provide a copy to a third party);

(c) to ask us to correct or update any personal data which is inaccurate;

(d) to ask for personal data to be deleted in some (but not all) circumstances where there is no good reason for us to continue to process it;

(e) to ask us to temporarily stop using your data if you don’t believe that we have a right to use it, or to stop us from using your personal data where there is no good reason for us to continue to use it; and

(f) not to be subject to decisions made solely on the basis of ‘automated processing’ (i.e. the right not to be subject to decisions made solely by algorithms or computers without input from a human) in certain circumstances.

We will do all we can to uphold your rights. If you would like to exercise any of the rights listed above or if you have any queries or concerns about the way that we use your personal data please contact us by post at Data Protection, Insolvency Lawyers Association, C/O Westcotts, 26-28 Southernhay East, Exeter, EX1 1NS or by email at

You also have the right to complain about our use of your personal data. You can contact the Information Commissioner’s Office via their website: or by calling 0303 123 1113.

8. Keeping your personal data up-to-date

Please help us to keep your personal data current and accurate by ensuring that your profile is current and up to date or contacting us with any changes by post at Data Protection, Insolvency Lawyers Association, C/O Westcotts, 26-28 Southernhay East, Exeter, EX1 1NS or by email at

9. Security of your personal data and retention policy


We take the security of your personal data seriously and have put in place appropriate measures to safeguard the personal data we hold from unauthorised access or improper use. We keep these security measures under review.

If you are a member of the association, we will provide you with your password and user name, you must not share them with or disclose them to anyone else and you are responsible for protecting them. We will not ask you for your password to your account. Please notify us if you notice any suspicious activity on your account. If a breach is has been identified the ILA will immediately contact its legal representatives for assistance.


We will only keep your data for as long as we need it for the purposes described above and in accordance with our internal retention policies and as permitted by applicable laws. This means that the retention periods will vary according to the type of the data and the reason that we have the data in the first place. For example we will keep members data for a minimum of 10 years to comply with statutory obligations, but we will destroy personal data in relation to events (such as delegate lists) much sooner.