Terms & Privacy


TERMS OF MEMBERSHIP 

Scottish PA Network offers both PA Membership and Business Membership. All memberships are granted at the discretion of Scottish PA Network. We reserve the right to refuse or cancel memberships at any time with a minimum 7-day notice period. 

Memberships are non-transferable and subject to review or termination where conduct breaches our values or terms of engagement. 

 

PRIVACY NOTICE 

Who We Are 

Scottish PA Network (“we”, “our”, “us”) is committed to protecting your privacy and maintaining your trust. We only collect and use personal data in accordance with UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. 

For any privacy-related queries, please contact: 

Data Protection Officer: Rosemary McLennan 

Email: [email protected] 

 

The Information We Collect 

We collect and process the following personal data, depending on how you interact with us: 

  • • Full name, job title, company 
  • • Email address and phone number 
  • • Business details for directory listings (e.g., logo, website, images, description) 
  • • Preferences and communications opt-ins 
  • • Event registration data (via Eventbrite) 
  • • Analytics data (via cookies) 

 

Lawful Basis for Processing 

We process your data under one or more of the following legal bases: 

  • • Consent – e.g., when you sign up for our newsletter or events. 
  • • Contract – e.g., to manage your membership or deliver services. 
  • • Legitimate interests – e.g., to promote business members to PAs via the directory. 
  • • Legal obligation – where required by law or regulation. 

 

Cookies and Analytics 

Our website uses cookies and Google Analytics to understand visitor behaviour. We do not use this data to identify individuals. 

Before placing non-essential cookies, we request your consent via our cookie banner. You can manage cookie preferences at any time. 

For more detail, please see our Cookie Policy. 

 

Newsletter and Marketing Communications 

If you subscribe to our newsletter, we collect your name and email address. We use Beeline (powered by Campaign Monitor) to deliver emails and monitor open and click-through rates. 

You can unsubscribe at any time using the link in our emails or by emailing: 

[email protected] 

We do not sell, rent or share your details for third-party marketing purposes. 

 

Business Membership Directory 

Business members may create a secure online profile including contact details, business description, images, and logo. This profile is visible only to logged-in PA and Business members. 

You may update or remove your profile at any time by logging into your account. 

 

Events 

We collect your name, job title, and business email address when you RSVP to events. This information is processed by: 

  • • Eventbrite (see their Privacy Policy) 
  • Our internal systems (secured by Nimbus Blue) 

Your data may be shared with the event venue or sponsor for event delivery and follow-up, such as thanking you or sharing relevant offers. This is done under our legitimate interest, and we will never share your details without a valid reason. 

 

Third Parties and International Transfers 

Some third-party tools we use may transfer data outside the UK (e.g., Beeline, Eventbrite). We ensure appropriate safeguards are in place, such as: 

  • • Standard Contractual Clauses (SCCs) 
  • • Adequacy decisions where applicable 

We regularly review third-party processors to ensure your data remains protected. 

 

Your Rights 

Under UK GDPR, you have the following rights: 

  • Right to be informed about how we use your data 
  • Right to access your data 
  • Right to rectification if data is inaccurate 
  • Right to erasure (“right to be forgotten”) 
  • Right to restrict processing 
  • Right to data portability 
  • Right to object to processing (including direct marketing) 
  • Rights related to automated decision-making (not applicable in our case) 

To exercise any of these rights, email: [email protected] 

 

Data Retention 

We retain your data only for as long as necessary: 

  • Newsletter subscriptions: until you unsubscribe 
  • Event records: for 12 months after the event 
  • Membership data: for 12 months after cancellation, unless legally required to keep longer 

 

Security Measures 

We use secure systems and technical safeguards (including data encryption, firewalls, and secure hosting through Nimbus Blue) to protect your personal data. 

 

Children’s Data 

Our services are not intended for individuals under the age of 18. We do not knowingly collect or process personal data from children. 

 

Changes to This Notice 

We may update this policy from time to time to reflect changes in law or services. The latest version will always be available on our website. 

Last reviewed: 7 July 2025