Privacy Policy

Last updated: 27 October 2025

1. Introduction

This Privacy Policy explains how ICARA (“we”, “our”, “us”) collects, uses, discloses and protects your personal data when you visit https://www.icara.info (the “Site”), or otherwise interact with us (e.g., membership application, event registration). It also explains your rights in relation to that data. We are committed to protecting your privacy and handling your personal data in accordance with applicable data protection laws (including, where applicable, the UK / EU General Data Protection Regulation (GDPR)).

2. Information We Collect

We may collect the following categories of personal information:

  • Contact information, e.g., name, email address, organisation, job title when you apply for membership, sign up for our newsletter or register for events.
  • Usage information, when you visit the Site, such as IP address, browser type, pages visited, time and date of visits, referral source, device identifiers.
  • Communications, such as your correspondence with us (e.g., via email) or comments/submissions you make through the Site.
  • Membership and event data, if you apply for membership or register for an event: your organisation, country, role, payment (if applicable) details (note: we do not retain full payment card details, only proof of payment, unless otherwise required by our payment processor).
  • Other information you choose to provide to us (e.g., in a free-text field or upload).

3. How We Use Your Information

We use your personal information for the following purposes:

  • To provide, maintain and improve the Site and our services (e.g., member services, events, communications).
  • To process your membership application, event registration, payments and related communications.
  • To send you newsletters, announcements or other communications about our work, events or publications (where you have opted in or the law permits).
  • To monitor and analyse usage of the Site, to improve functionality and user experience.
  • To comply with legal obligations and protect our rights (e.g., preventing fraud, enforcing our Terms).

4. Legal Basis for Processing (for GDPR jurisdictions)

Where applicable, our legal basis for processing your personal data may include:

  • Your consent (e.g., when you subscribe to our newsletter).
  • Performance of a contract (e.g., membership agreement).
  • Our legitimate interests (e.g., improving our services; website analytics) provided your rights do not override those interests.
  • Compliance with a legal obligation to which we are subject.

5. Sharing Your Information

We may share your personal information as follows:

  • With service providers who perform services on our behalf (e.g., payment processors, email service providers, website hosting).
  • With our professional advisers (e.g., auditors, lawyers) as necessary.
  • In connection with a merger, acquisition, or sale of all or part of our organisation, subject to confidentiality obligations.
  • If required to do so by law or in response to lawful requests by public authorities.
  • We will not sell your personal data to third parties for marketing purposes without your explicit consent.

6. International Transfers

Because we are an international organisation, your personal data may be transferred to, processed and stored in countries outside your own jurisdiction. In such cases we will ensure appropriate safeguards (such as standard contractual clauses) are in place to protect your data in accordance with data-protection laws.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. However, no method of transmission over the Internet or method of electronic storage is 100 % secure; we cannot guarantee absolute security.

8. Data Retention

We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected (or for any legal or regulatory requirement). When your personal data is no longer needed, we will securely delete or anonymise it.

9. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • The right to access your personal data and receive a copy.
  • The right to rectify inaccurate or incomplete data.
  • The right to erase your personal data, where applicable (“right to be forgotten”).
  • The right to restrict processing of your personal data.
  • The right to data portability (where applicable).
  • The right to object to processing (including profiling) based on legitimate interests.
  • The right to withdraw consent at any time, if the processing is based on consent.
  • The right to lodge a complaint with a supervisory authority (e.g., the UK Information Commissioner’s Office) if you believe our processing of your personal data breaches applicable law.

10. Cookies and Tracking

We use cookies and similar tracking technologies on the Site to collect usage and performance data, enhance functionality, and for analytics. You can configure your browser to refuse cookies, but that may affect your ability to use certain features of the Site.

If you wish further information about the cookies we use and how to disable them, please contact us at the email address below.

11. Links to Other Websites

Our Site may contain links to third-party websites. We are not responsible for the privacy practices of these external sites and encourage you to read their privacy policies when you visit them.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects when changes were last made. You should review this policy regularly. Your continued use of the Site following any changes constitutes your acceptance of such changes.

13. Contact Us

If you have any questions about this Privacy Policy or the way we handle your personal data, please contact:
International Confederation of ATOD Research Associations
Email: icara.international@gmail.com