CPA - Charities' Property Association

Already a member? Login here:

Member login

Forgotten password?

Privacy Policy

This website privacy policy was last updated on 13 February 2018.

This website privacy policy describes how the Charities’ Property Association ('CPA', 'we' or 'us') protects and makes use of the information that you may provide to us when you use this website and/or when you sign-up to become a member whether as an individual or on behalf of an organisation. If you are asked to provide information when using this website, it will only be used in the ways described in this privacy policy.

We collect and process your personal data in accordance with applicable laws that regulate data protection and privacy. This includes, but is not limited to, the Data Protection Act 1998, Privacy and Electronic Communications Regulations 2003 and, from 25 May 2018, the EU General Data Protection Regulation (2016/679) as well as the UK Data Protection Act coming into force at the same time (as these may be amended or replaced from time to time) (together 'Data Protection Law'). 

We may update or amend this website privacy policy from time to time so please check regularly to see that you have seen the latest version.

Contact details

If you have any questions about this policy, what information we hold about you and how it is used, or want to exercise any of your rights under Data Protection Law (see below) please email [email protected] or call 02072221265.

How we use your data

The CPA Secretariat collects information obtained from individuals through this website or when they subscribe for membership administration/management and the other purposes set out below.

The information we hold is generally an individual contact name, member organisation (if applicable), contact information (e.g. postal address, email and phone number) and subscription details of the relevant individual professional member or organisation. You may also be provided with login details to access the secure member area of our website, which you should keep secure and not share with anyone else. Such information that relates to you as an identifiable individual is called 'personal data'.

Specifically, we may use such personal data we collect about you for the following purposes:

  • To maintain our own internal membership records.
  • To contact you in response to a specific enquiry or request that you may make.
  • To inform and update you of relevant meetings, working groups and consultation exercises that CPA may be arranging or participating in.
  • To send you the CPA weekly newsletter and monthly report, to which you have subscribed.
  • To communicate with you about your or your organisation's membership subscription.

In addition to communication via the website, CPA may contact you in writing by e-mail and by telephone for the above purposes.

We will not pass your personal data to any third party (such as an external public authority or commercial organisation) except where you have consented to us doing so or to the extent that we are subject to a legal obligation to comply. We do not transfer member personal data outside of the United Kingdom.

Occasionally your e-mail address may be visible to other users if you are part of a working group where interaction via e-mail is encouraged.

Under Data Protection Law, the CPA gathers and processes personal data about individual members and contacts on the legal basis of it being necessary for us to do so in order to fulfil our obligations to our membership and/or in the legitimate interests of the CPA being able to conduct membership administration and act effectively as a representative body.

Links from our site and security

Our website may contain links to third party websites. Please note that these are provided for information only and we have no control of websites outside the domain. If you view or provide information to a website to which we link, we are not responsible for its data protection and privacy practices and you should always check the privacy policies on that third party site for information about how your personal data is handled.
While we use appropriate measures to keep data secure from unauthorised or unlawful access, please be aware that there are always inherent risks in sending data over public networks and we cannot 100% guarantee the security of all personal data disclosed or transmitted to us.

Data retention

We retain personal data about you for as long as you are a subscribing member or we have you on record as being the designated contact point for a member organisation.  Where your individual membership ceases or we are told by you or your member organisation that you are no longer its designated point of contact (for whatever reason), we will remove your contact details from our membership records within a reasonable period (normally up to 28 days).  In some exceptional cases, we may retain your details for a period of up to 6 years so far as retaining your details is reasonably needed for the purpose of establishing, exercising or defending our legal rights.

Your data rights

In accordance with your rights under Data Protection Law, you can request information about the personal data that we hold about you, what we use that personal data for and to whom it may be disclosed to (if relevant). Where applicable, you can also request that we:

  • correct personal data that we hold about you which is inaccurate or incomplete;
  • no longer use your personal data for direct marketing purposes, such as sending you newsletters or other information promoting the CPA (if relevant);
  • erase your personal data if it is no longer needed by us; or
  • restrict the processing of your personal data in certain circumstances, for example if you do not think that we have the right to process that data or you need the data to exercise a legal claim.

If you would like to exercise any of the above rights, please get in touch with us using the ‘Contact details’ section above. We may require further information to verify your identity before we can respond. Please note that we may not be able to rectify or erase your data where we are required to process or retain your personal data for a lawful purpose in accordance with Data Protection Law.

If you believe we are processing your personal data other than in accordance with Data Protection Law and you are not satisfied with our response to a request, you may have a right to complain to the UK Information Commissioner's Office (ICO). For more information see: