Privacy Policy

City Architecture Forum (CAF)
Last updated: 27 August 2025

1. Who We Are

City Architecture Forum (CAF) is a community interest group based in London, UK. Our website is: https://www.cityarchitectureforum.org.

We are committed to protecting your privacy and handling your personal data in line with the UK GDPR and the Data Protection Act 2018.

2. What Information We Collect

When you register as a member or use our website, we may collect:

  • Name, email address, company name, address, position
  • Date of birth (membership is for adults only, 18+)
  • Gender identity, biography, professional qualifications
  • Optional profile fields (e.g., telephone, boot size, dietary requirements)
  • Information you choose to provide when completing forms on our site

3. Membership Accounts

  • Members can log in and update their details at any time.
  • You may request deletion of your account and personal data.
  • We retain account data while your membership is active, and for up to 6 years after (for accounting and record purposes).

4. Email Marketing

  • We use Mailchimp to manage our email newsletters and updates.
  • You will only be added to our mailing list if you opt in.
  • Emails we send may include newsletters, event information, or organisational updates.
  • We do not send third-party promotional emails.

Please note: Mailchimp’s servers are in the USA. Data is transferred securely using Standard Contractual Clauses (SCCs) approved under UK law.

5. Payments

  • Payments (e.g., membership fees) are handled securely by Stripe.
  • CAF does not store or process payment card details on our servers.

6. Events & Data Sharing

  • Event bookings are managed via Eventbrite embedded on our site. When you book through Eventbrite, their Privacy Policy applies.
  • For some events, we may share attendee names (but not contact details) with event hosts and partner organisations for access/security purposes.

7. Cookies & Analytics

  • Our site uses cookies for login sessions, security, and functionality.
  • We use CookieYes to manage cookie consent.
  • We use Google Analytics to understand website usage.
  • Eventbrite’s embedded booking system may also set its own cookies.

A full, up-to-date list of cookies is available via the cookie banner on our website.

8. Your Rights

Under data protection law, you have the right to:

  • Request a copy of the personal data we hold about you
  • Correct or update your information
  • Request deletion of your data
  • Restrict or object to certain processing
  • Withdraw consent to marketing at any time

To exercise your rights, please contact us at info@cityarchitecture.org.

9. Security

  • We use technical and organisational measures (including the s2Member plugin and server-level protections) to secure data.
  • No system is completely secure, but we take steps to minimise risks.

10. Data Breaches

In the event of a data breach, CAF will:

  • Investigate and contain the incident
  • Assess risks and, where necessary, notify the ICO within 72 hours
  • Inform affected individuals if the breach poses a high risk
  • Record all breaches and implement measures to prevent recurrence

11. How Long We Keep Data

  • Membership data is kept while accounts are active, and for up to 6 years after for legal/accounting purposes.
  • Mailing list data is kept until you unsubscribe.
  • Eventbrite handles its own retention policies for event bookings.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at:
info@cityarchitecture.org