Privacy Policy (ISTEP)

Effective date: January 1, 2026

ISTEP (“we”, “us”, “our”) is committed to protecting your personal information and respecting your privacy. This Privacy Policy explains what we collect, how we use it, and your rights.

1) Information we collect

When you register for membership or sign up for communications, we collect:

  • Name

  • Email address

We do not intentionally collect special category data (such as health information) or payment details through this website.

2) Why we collect your information

We use your name and email address to:

  • Create and manage your ISTEP membership account

  • Provide access to member-only sections of the website

  • Send newsletters and updates

  • Send event announcements and invitations

  • Respond to questions or support requests

3) Our legal basis for using your information

We process your personal data based on:

  • Consent — where you opt in to receive newsletters and event communications

  • Contract — where we need your information to provide membership access and manage your account

  • Legitimate interests — where we maintain the security and functionality of our website and membership services (only where this does not override your rights)

You can withdraw consent at any time (see “Your rights” below).

4) How we use email communications

If you opt in, we may email you:

  • Newsletters

  • Event announcements

  • ISTEP membership information

You can unsubscribe at any time using the link in our emails or by contacting us at [insert contact email].

5) Who we share your information with

We do not sell your personal information.

We may share your information with trusted service providers who help us operate the website and communications, such as:

  • Website hosting and IT providers

  • Email newsletter and communications platforms

These providers may only use your personal information to deliver services on our behalf and must protect it.

We may also disclose information if required by law, or to protect our rights and the security of our members and systems.

6) International members and cross-border data transfers

While ISTEP’s initial audience is the UK, members may be located worldwide. Your information may be stored or processed in the UK or other countries where our service providers operate.

Where your personal information is transferred internationally, we take steps to ensure appropriate safeguards are in place, such as contractual protections designed to maintain privacy and security.

7) How long we keep your information

We keep your name and email address only for as long as needed to:

  • Provide membership access and services

  • Send communications you’ve opted in to receive

  • Meet legal, regulatory, or operational requirements

You can request deletion of your information at any time (see “Your rights”).

8) Keeping your information secure

We take reasonable technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, or disclosure. However, no website or system can be guaranteed 100% secure.

9) Your rights

Depending on your location (including the UK and EEA), you may have rights to:

  • Access the personal data we hold about you

  • Correct inaccurate or incomplete information

  • Request deletion of your personal data

  • Withdraw consent (for marketing communications)

  • Object to processing in certain circumstances

  • Request restriction of processing

  • Request data portability (where applicable)

To exercise your rights, contact us at [insert contact email].

If you are in the UK and believe we have not handled your data properly, you also have the right to complain to the Information Commissioner’s Office (ICO).

10) Cookies and website analytics

We may use essential cookies required for the website to function (for example, to keep you logged in). We may also use basic analytics to understand site usage and improve performance.

You can control cookies through your browser settings.

12) Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the “Effective date” at the top.

13) Contact us

If you have questions about this Privacy Policy or how we handle personal data, contact:

ISTEP Email: [insert contact email]