All of the information you give us is private and secure. We do not currently sell or rent personal data about our customers, and would not do so without asking you first. Under the UK Data Protection legislation, we follow strict security procedures in the storage and disclosure of personal data which you have given us to prevent unauthorised access. Our security procedures mean that we may occasionally request proof of identity before we are able to disclose personal data to you.
If you have any questions or concerns about the personal data we hold about you, you can also contact us.
For further information on Data Protection legislation, please visit the Information Commissioner’s Office website.
1. Who we are and purpose of this policy
Imperial War Museums (IWM) is the UK’s national museum for the history of conflict involving UK and Commonwealth forces from 1914. We work to record, inform and educate on the causes, course and consequences of modern warfare.
We are funded in part by Government, but generate the majority of our own funding to enable the work we do. To help achieve this, we are supported by the IWM Trading Company Limited, which oversees the commercial aspects of our operation and fundraising.
Your data is, therefore, jointly held by Imperial War Museums and Imperial War Museums Trading Company Limited, a wholly owned subsidiary of IWM. Whenever we mention IWM in this policy, we mean both organisations.
- Tell you about how your data is used, either at the time we collect it (if we collect it directly from you) or as soon as is practical afterwards (if we collect it from a third party).
- Keep it securely and make it available only to those within the organisation who need to see it. Where we share data with other organisations, we will tell you first wherever possible (sometimes there may be legal or operational reasons not to).
- Where your data is processed by other organisations on our behalf, make sure that the processing is clearly defined, secure and governed by a contract.
- Respect your rights over your personal data.
- Inform you about major changes to this policy.
This policy is effective from the 29th July 2021.
2. Who to contact with questions about how your data is used
IWM’s Data Protection Officer is Jon Card, the Executive Director of Collections and Governance, who manages IWM’s Information Governance team.
If you have any queries about the content of this policy, or how your data is managed, you can contact him and the IWM’s Information Governance team at [email protected] or by post at Imperial War Museum, Lambeth Road, London SE1 6HZ (marking the envelope for the attention of the Data Protection Officer). You can also contact him by phone by calling IWM’s main switchboard on (020) 7416 5000.
3. Your rights over your information
You have the right to:
- Have a copy of the personal information IWM holds about you.
- Correct inaccurate information or have incomplete information completed.
- Have your data erased (‘right to be forgotten or ‘right to erasure’) in certain circumstances.
- Restrict the processing of your personal information in certain circumstances.
- Data portability – have your information supplied in a commonly used format and transmitted to another organisation in certain circumstances.
- Object to the processing of your personal information in certain circumstances.
- Object to automated decision making or profiling.
Further information on these rights can be obtained from the Information Commissioner’s website at: https://ico.org.uk/
You can exercise these rights by contacting the IWM’s Data Protection Officer as detailed in Section 2 above.
If you are unhappy about the response you receive from IWM, you can contact the Information Commissioner’s office by writing to the Information Commissioner at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, or via their website at https://ico.org.uk/
4. The information we collect and how it is used
We only require you to supply the personal information we need. So for example, if you buy something from us, we will only require you to supply the personal information we need to complete the transaction, such as your name, contact details and delivery address. Anything else will be optional and clearly marked as such.
We do not collect any payment card details from online transactions – these are processed by external companies on our behalf. Occasionally we will take credit card payments by telephone, but this information is stored securely and in accordance with Payment Card Industry (PCI) regulations, which can be found here: https://www.pcisecuritystandards.org/
We also acquire material for our collections (such as letters, diaries, sound recordings, film, photographs or other archival material) that may contain personal data.
Under Data Protection law, when we acquire and use your data, we need to meet a legal basis for doing so. The legal bases we use are:
- You have given your consent to your data being used. You can withdraw your consent to the use of your data at any time.
- We need your data to fulfil a contract of sale, donation or negotiations for a sale.
- We need your data to fulfil our public function as a national museum (ie to collect and provide access to collections, deal with correspondence, put on exhibitions, etc).
- There is a legal requirement to keep or share your data.
- We believe using your data meets our legitimate interests, and its use in this way is reasonable, proportional, not unexpected or unnecessarily intrusive and does not override your basic rights.
Occasionally we may be required to share information with audit, law enforcement or other regulatory bodies,
5. Where your information is stored
The systems we use
We store your information in a number of systems, held on the IWM network and in the cloud. Much of the information you provide us with – for sales, bookings and enquiries, is stored in our Customer Relationship Management system.
We also keep personal information relating to our collections, and items loaned to us for exhibition, in our collections management system on the IWM network, in other electronic storage and in physical storage.
Where the systems are stored
Information can be stored on IWM’s own network or by external companies. Most of the personal information IWM holds is stored in the UK or in countries approved by the UK as having an adequate level of data protection such as the European Economic Area (that is the European Union plus Norway, Iceland and Liechtenstein), or Canada. Where information is stored in countries without UK approval, we ensure that it is protected by an approved data storage framework, such as standard contractual clauses. We ensure that all personal data stored on our behalf outside the UK will have a similar level of protection as if it were stored in the UK.
If your personal information is stored on IWM’s behalf by an external company, it will always be protected by a contract that sets out how the personal information is to be managed – and that contract will guarantee that the personal information will always have the same protection as if it were stored on our own systems.
6. How we use your data for direct marketing
IWM processes personal information for direct marketing purposes, that is, using information about individuals to send them further information about its services, products, events, and initiatives.
IWM direct marketing is carried out by a combination of emails and digital advertising.
How we collect and use your information for direct marketing:
- Information collected from you when you agree to marketing cookies on our website
- Information collected from forms where you have actively given your consent for direct marketing (ticking a box to show you agree)
How your data is used
- When you sign up to eNews you will actively provide your email address. In return, we promise to share the best IWM Stories directly with you. We also will send you information on our events, days out, news and products – based on the choices you make when joining eNews.
- We’ll add your email to our email database, this may also be tagged in our customer database if you have an account or record. Marketing emails may include tracking pixels which allow us to monitor how you have interacted with a particular marketing email.
- We also use your data to build custom audiences, enabling us to display personalised advertisements to you when you visit digital or social media platforms. You’ll only see advertising based around your interests and preferences, meaning our advertising is always relevant to you.
Custom audiences work by hashing, a process where an email address is converted to a unique number using an algorithm which protects the security of the original text. The hashed data is then matched to unique numbers generated by a digital or social platform, when you sign up to their terms and conditions.
The Legal Basis
- For email marketing, the legal basis we use is consent, which you can withdraw at any time
- For custom audiences, the legal basis is Legitimate Interests. We believe processing your information or using your information in this way, provides you with benefits including the best customer experience we can provide while also giving us a cost-effective way of reaching new audiences
How to opt out
- For email marketing, click on unsubscribe in any email we send you. Your information will be moved to a stop list (see ‘How long we keep your information’ below) and you will no longer receive emails.
- For custom audiences, clicking on unsubscribe will also stop your information being used for this purpose. It may up to 30 days, but no longer, to process this.
- However, you may still receive general non-targeted IWM advertising via Facebook and Google. You can manage your privacy and advertising preference settings directly with Facebook and Google, when you see advertisements you do not want to receive. You can also click on an advert served to you to find out more about why you are seeing the ad, how to hide the ad so you don’t see it again, or report the advertisement.
- Information collected from you where you have bought products or services (including membership)
How your data is used
- Added to our eNews mailing list as detailed above
- To exclude your data from custom audiences. Even if you have not opted out of marketing, we may use your data to exclude you from future marketing lists and digital advertising. We do this by:
- Excluding you from sales emails targeted to the products you have purchased.
- Excluding you from building custom audiences when we target advertising across digital platforms.
- This means that when we buy advertising from companies such as Facebook (see section 5), we will use your data to create a custom audience that will exclude you from this general, untargeted online advertising.
The Legal Basis
- For email marketing we use Legitimate Interests. It helps us promote our exhibitions, events, products, and services while not using your information in an unexpected or intrusive way
- To exclude your data from custom audiences, we also use Legitimate Interests.
When you become a member, or purchase tickets or products through IWM, we’d like to ensure you don’t receive any future marketing for these products. It benefits you by receiving a more personalised experience from IWM and no advertising for a product or experience you have already purchased. It also benefits IWM: as a charity, we can use our resources better to find more people like you, who may support and purchase from IWM.
How to opt out
- When you are buying something from us, you can opt out from receiving marketing emails. Make sure you have indicated your preference by ticking or unticking the box when you enter your details on the form. You can still unsubscribe by clicking on the unsubscribe link in any marketing email we send you.
- To exclude your data from custom audiences. If you opt out of marketing when you buy something, your data isn’t used for customer audiences at all. This is used if you opt in to make sure you don’t receive advertising relating to products you have already bought..
You can still opt out of email marketing and custom audiences by clicking on the unsubscribe link in any email we send you.
- However if you do opt out of us using your data in this way you may still receive general non-targeted IWM advertising via Facebook and Google. You can manage your privacy and advertising preference settings directly with Facebook and Google, when you see advertisements you do not want to receive. You can also click on an advertisement served to you to find out more about why you are seeing the ad, how to hide the ad so you don’t see it again, or report the advertisement.
- Business customers
How your data is used
If you work for a company (i.e., have a business email address), we may collect the information when you purchase goods or services from us.
The Legal Basis
We use Legitimate Interests. It helps us promote our exhibitions, events, products, and services while not using your information in an unexpected or intrusive way
How to opt out
Click on unsubscribe in any email we send you. Your information will be moved to a stop list and will no longer be used for this purpose
- Information collected by Facebook and other online platforms
We may also use Facebook and other online platforms to serve you online advertising. In these cases, your information is collected and used directly by the advertisers themselves and not provided by IWM.
You can opt out of these by changing your Facebook ad settings or settings held by other providers (such as Google). You can also click directly on the advertisement itself to hide or report it, and to find out more about why you were served it.
How long we keep your information for direct marketing
Your personal information is kept for as long as you want to receive marketing from us. If you do not wish to receive any further marketing information from us, you can:
- Click on the unsubscribe link if it is an email message (all our marketing emails contain an unsubscribe option).
- Contact us direct at [email protected] giving your name, email address and if possible, sending a copy of the last communication received (this will help us identify you).
- If you have access to an online account with us, logging on and changing your preferences, including unsubscribing to marketing emails.
We will need to retain a small amount of information about you (usually name and email address) to add to our ‘stop list’. When we send marketing mailings, we run the recipients against this list to ensure those who have objected are not contacted.
7. How we use your data for sales and bookings
Commercial aspects of IWM’s operation are managed jointly by IWM and the IWM Trading Company, a wholly owned subsidiary of IWM.
How we collect your information for sales and bookings:
- When you buy something from our online shop or open an account with us.
- When you buy a ticket for an event, or admission to IWM branches at Duxford, HMS Belfast or the Churchill War Rooms.
- When you buy or licence copies of Collections items, such as film or photographs.
- When you book for other services such a Learning sessions or ‘Kip in a Ship’ on HMS Belfast.
- All debit and credit card payments made online or over the telephone are processed in
accordance with the Payment Card Industry Data Security Standards (PCI DSS). Your debit and credit card payments are processed by an approved PCI DSS payment provider and IWM does not store or have access to any card information that you provide. Further details on PCI DSS can be found at: https://www.pcisecuritystandards.org/security_standards
The data we collect for sales and bookings
We only collect the information we need to complete the sale and to assess the service we provide. This is usually your name, contact details and information about your purchase or booking. Essential information is marked by an asterisk (*) on our order forms.
How we use your information for sales and bookings:
- We mainly use your information to complete our contract of sale with you – we need your details to provide the service or goods, or to advise you about anything that will affect the service or goods you are buying.
- This information is also used for auditing, fraud prevention and compliance with legislation such as the Companies and Charites Acts.
- If you are ordering physical items for delivery, we will share your personal information with companies for the purpose of delivering your items, and to allow tracking information to be sent to you.
- Where you have agreed to gift aid your admission, send details of any Gift Aid claim to HMRC in line with our legal obligation to do so
However, we also use your information to:
- Remind you if you have logged in, placed items for sale in your basket but not completed the transaction (send you an ‘abandoned basket’ email). This is a one-off email sent within 24 hours of you initiating the transaction.
- Research sales activity – for example looking into where our customers are based and what products are the most popular. In most cases, the information we need is statistical, rather than focused on individuals, so we ensure that it cannot be traced back to you.
- Improve our products and the service we give you. If you receive an email from us asking about the service you have received, you can ask not to receive such emails in future and we will make sure you don’t.
- Send you further information about future, similar products or services. We only do this if you are a business customer (see Section 6 on Marketing).
We do these things because we believe it is in our legitimate interests to do so. Assisting you in your purchase and improving our offer is an important part of our service. As a business, we need to be able to use sales information to see how well our products sell, and assess how good our service is, so we can plan what we do more effectively. This is particularly important as revenue from our commercial activity makes up a significant proportion of our income.
How long we keep your information for sales and bookings
Your information is kept for six years after your last purchase for audit and accounting purposes, in line with retention periods specified by legislation; in case of complaint for faulty goods or services; or if you buy something else from us.
Licences for images are kept until the expiry of the licence plus 6 years, or in the case of broadcast material, long term. This is so we can ensure IWM material is being used in accordance with licensing arrangements, or so that licences can be easily renewed.
8. How we use your information for fundraising
How we collect your information for fundraising
Our fundraising team collect information in three ways:
- Direct from you when you make a donation or enquiry –such as by direct debit, cheque or via our website.
- From other bodies such as Just Giving or the Imperial War Museum Foundation when you make a donation to IWM through them.
- From publicly available sources, such as annual reports or newspaper articles to help us identify potential donors.
What information we collect
- Name(s) and address(es), email(s), phone number(s) and other relevant contact details and preferences.
- Declaration about your UK tax status (if you intend to Gift Aid your donation)
- Records of donations to IWM.
- Information about our relationship with you, correspondence, meeting notes, attendance at events etc.
- Occupation and professional activity, network(s) and interests where relevant to our needs.
- Philanthropic interests and giving history if relevant and only where information is publicly available.
- Financial information and potential giving capacity, only where information is publicly available.
How we use your information for fundraising
We use this information to:
- Process your donation – to fulfil the contract we have with you to ensure your donation is recorded, auditable and is used for the right project.
- Send details of any Gift Aid claim to HMRC in line with our legal obligation to do so
- Retain a historic record of significant donations as part of the IWM archive, in line with our public purpose as a national museum.
- Ensure that you and/or the organisation you represent meet with our Donor, Supporter and Sponsor Relationships Policy.
- Contact you with further information about the progress of the project you have supported (you can opt out of this at any time).
- Contact you with information on relevant IWM fundraising activities and events (you can opt out of this at any time).
- Plan and implement fundraising strategy, including reporting on results and planning future campaigns.
- Carry out targeted prospect research into potential donors who have an affinity with IWM and/or our subject matter. Prospect research involves collating information on specified individuals, including their interests, suitability and likelihood to donate to IWM. We only carry this out using publicly available sources or information that you have provided. This activity assists us in understanding the background of the people who support us and helps us to make appropriate requests to supporters who may have the interest and means to give. We may also use this information to contact you, if you have a business address.
We carry out the last four activities because we believe it is in our legitimate interests to do so. Over half of IWM’s funding is now self-generated and our funding agreement with the Department for Digital, Media, Culture and Sport (DCMS) specifically requires us to generate income through fundraising. A significant way of doing this is through prospect research. We balance this out by ensuring that the information we collect and use is strictly limited to what is already widely known about that individual (see section on ‘What Information we collect’ above).
How long we keep your information for fundraising
- Donation information is kept for six years after the year of your last donation, for audit and accounting purposes, including Gift Aid requirements. In the case of major donations (defined as cumulative gifts of over £500), we will keep details of your donation for longer, as part of IWM’s historical record or in case you decide to donate again.
- We keep information on potential donors for two years if no further contact is intended in regards to future relevant projects. Where your information is no longer required, we will ensure it is disposed of securely.
You can ask for a copy of information about you held on our fundraising database and for it to be amended or deleted, by contacting the IWM’s Data Protection Officer as detailed in Section 2.
9. How we use your personal information for enquiries, general correspondence and Research Room bookings
How we collect your information for enquiries, general correspondence and Research Room bookings
We collect information about you when you write to us with an enquiry, or book a place in our Research Room to view Collections items.
How we use your information for enquiries, general correspondence and Research Room bookings
- We use this information to answer your enquiry, or to book your place in the Research Room.
- We also use this information to measure enquiry rates and response times, and to see how many bookings are received for the Research Room, and the types of materials requested. This helps us deliver and plan our services. This information is anonymised wherever possible.
We believe that using your information in these ways fulfils our public function as a national museum – that is to provide access to the national collection on the history of conflict.
- We may also use your information for marketing, but only where you have consented to this (please see Section 6 on Marketing).
How long we keep your information for enquiries, general correspondence and Research Room bookings
We keep information on enquiries and bookings for two years – in case you follow up on your original enquiry, and so we have a good pool of data to assist with planning our services, as outlined above.
We keep reader registration forms for the Research Room for 6 years, for security purposes (so we can track missing and misfiled items) and for copyright purposes (as the form contains a copyright declaration).
10. How we use your personal information to administer and maintain our collections and exhibitions
How we collect your personal information for collections and exhibitions
We collect information about you when:
- You give or offer an item to our collections
- You loan an item to us
- You borrow an item from us
- You make a proposal for an IWM exhibition
- You are depicted in an item donated to our collections, for example a photograph, letter, sound recording or film
- You are the recipient of an item deaccessioned from IWM’s collections
Sometimes, we also collect information about you indirectly, for example:
- You may be mentioned in a diary, photograph, film or interview acquired for our collections
- Your information may be supplied by a family member to assist in due diligence research
- It may be part of the contextual information around the history and provenance of a collections item
- It may have been provided to help us arrange transport to or from IWM
How we use your personal information for collections and exhibitions
We use collections and exhibitions information for the following purposes:
- To administer our collections as we need to record the source of objects, documents, images, recordings and publications for evidential purposes – that is to record the history of the item, who owns it and where any copyright is held. Research of this nature, particularly into IWM ownership and copyright rights, can take place at the point of acquisition, or some years later. Ensuring IWM has the correct rights over an item means we can ensure we make the best use of our collections, through exhibitions, loans, digitisation and other initiatives.
- We retain collections items themselves for historical purposes, as they are an important source of information for research into the history of conflict or the history if IWM itself.
- We may also use the information in an exhibition, to explain the history of items or their source. Collections donor or lender information is only published in this way with permission.
- To assess any exhibition proposal you make.
- On occasion, we may need to dispose of or deaccession items in the collection, and your information may be used when assessing whether an item is no longer required.
- Our collections items are also made available for research, via our onsite research rooms, in exhibitions or on our website.
All of these purposes help us to fulfil our public function as a national museum - that is to provide access to the national collection on the history of conflict. IWM is also a Place of Deposit under the Public Records Act for its own records and for photographic and film records produced by the Ministry of Defence.
How long we keep your personal information for collections and exhibitions
This information is held permanently, as part of IWM’s official record.
How we collect your personal information via CCTV
- All public (and some private) areas at IWM branches are covered by CCTV cameras. Notices are clearly displayed around IWM including at the entrance.
- In addition, some of our security staff may use body worn cameras, which record images and sound. Staff using these cameras can be clearly identified. Body worn cameras are not in constant use; they are only activated in response to specific incidents where visitors, staff or IWM assets are at increased risk. A verbal warning is always given before the cameras are activated.
How we use your personal information held on CCTV
The information gathered is used for security, safety and crime prevention and detection.
We believe that using CCTV in this way fulfils IWM’s public function as a national museum.
Operating securely, ensuring the safety of staff and visitors and protecting publicly held assets is a key part of IWM’s public purpose.
CCTV images may be passed to the police or other agencies if they are required to investigate crime or other serious incidents.
How long we keep your information held on CCTV
Images recorded by fixed CCTV cameras and body worn cameras are kept for 30 days and then deleted.
Images relating to incidents will be kept longer, according to requirements.
We use your data for:
- Social media marketing, social listening and analysis. Social listening is the process of tracking conversations around specific topics, keywords, phrases, brands or industries, and leveraging insights to discover opportunities or create content for audiences.
- To respond to customer enquiries received via IWM social media channels
How we collect your information for social media marketing, social listening and analysis
We collect information for social media marketing, social listening and analytics in the following ways:
- From social media platforms such as Facebook, Twitter and Instagram
- From the social media management platform Hootsuite
- From the social listening platform Brandwatch
These social media platforms have separate Privacy Policies, which outline what data they collect, why they collect it, how they use that information, and the choices they offer users, including how to access and update information. You can find links to the Privacy Policies of the social media platforms we use below:
- Facebook: https://www.facebook.com/about/privacy
- Twitter: https://twitter.com/en/privacy
- Instagram (a Facebook Product): https://help.instagram.com/155833707900388
- Snapchat: https://www.snap.com/en-GB/privacy/privacy-policy/
- Google+: https://www.google.com/intl/en_ALL/+/policy/
- Pinterest: https://policy.pinterest.com/en-gb/privacy-policy
- YouTube (a Google Product): https://policies.google.com/privacy?hl=en-GB&gl=uk
- Hootsuite: https://hootsuite.com/legal/privacy
- Brandwatch: https://www.brandwatch.com/legal/author-privacy-policy/
How we collect your information to respond to customer enquiries received via IWM social media channels
We endeavour to respond to as many queries and comments directed to us via our social media channels as possible. This information will have been provided by the customer, or in the case of a social media username or handle, obtained from a publicly available source, where the user has chosen to publish this information.
We only collect data relevant to the customer service enquiry for the purpose of assisting the customer. We encourage our customers to avoid posting any personal information publicly.
How we collect your information via the Facebook Pixel
When a user visits the IWM website and agrees to Campaign Cookies the Facebook Pixel is triggered.
We use the Facebook Pixel to:
- Understand when a customer takes an action after seeing an IWM Facebook ad
- Reach this customer again using remarketing functions available within the Facebook advertising platform
- Optimise IWM Facebook adverts so that they are more targeted to the interests of users
For information on how to opt out visit: http://optout.aboutads.info/#!/
Visit the Facebook website to learn more about Facebook Ads and manage your preferences: https://www.facebook.com/ads/about
What information we collect for social media marketing, social listening, analysis and enquiries
- In order to analyse the year-on-year performance of our social media channels, posts, and ads, we collect and process information from the social media platforms listed above. The data collected could include the following:
- your name, username, handle, or other identifier;
- the content of the information you have published via that name, username, handle, or other identifier, including posts, comments, opinions, etc.;
- your profile picture or other images or videos that you post or interact with.
Different social media platforms collect different types of data. Please see above links to the Privacy Policies of the social media platforms we use, which indicate what data they collect.
- We use social media platforms to collect information to help us identify social media users who have an affinity with IWM and/or our subject matter and may be interested in supporting IWM social media activities. This might include names, usernames, handles, or other identifiers, email addresses and interests, where actively made available by the individual online.
- The Facebook Pixel collects information including:
- Information relating to actions on the website such as pages viewed;
- Connection information such as IP address; the type of computer or mobile device you are using; browser type.
Data is hashed locally on the browser before it goes to the Facebook servers for matching. This hashing process turns your data into short, encrypted messages that cannot be tampered with. Facebook use these hashes to match pixel events with people on Facebook.
Visit Facebook’s advice centre for more information about Facebook -advertisements and how to adjust your settings: https://www.facebook.com/ads/about/?entry_product=ad_preferences
How we use your information for social media marketing, social listening, analysis and enquiries
We utilise the data collected and managed by the social media platforms and Facebook pixel listed above for:
- social media marketing, to provide users with more targeted and useful advertising of IWM products and services.
- social listening and analysis, that is, to analyse the performance of IWM and competitor social media channels and posts for the purposes of year-on-year reporting on reach and engagement metrics.
- understanding conversion tracking, for optimisation and remarketing purposes. Conversion tracking is our assessment of your response to our advertising and marketing, that is, whether you respond by taking an action (such as visiting our website) or do nothing.
- responding to customer enquiries received via IWM social media channels. During the course of assisting with a customer enquiry, sometimes personal information, such as a name, username, handle, or other identifier, email address or phone number, will be passed on to another department in the museum that is better able to assist with the enquiry, for example the Customer Services or Curatorial departments.
- making appropriate approaches to individuals who may be interested in supporting IWM social media activities.
We use this information because we believe it is within our legitimate interests to do so, that is, it helps to promote IWM, its sites, collections, exhibitions and services, while not using your information in an unexpected or intrusive way. It helps us to reach users that may be interested in IWM activities, but who are harder to engage through more traditional methods, and improve the content we supply through social media channels.
How long we keep your information.
- In order to analyse the year-on-year reach and engagement performance of our social media channels posts, and ads, we keep information from the social media platforms listed above for five years.
- Facebook Pixel: 180 days.
- We keep information on social media users who may be interested in supporting IWM social media activities for a maximum of two years if no further contact is intended regarding future relevant projects. Where your information is no longer required, we will ensure it is disposed of securely. Please note, that we may have to retain a skeleton record with basic details to ensure you are not researched again (as with stop lists in our Marketing section).
Enquiries about social media activities
- If you wish to query, update, object to or request the deletion of information we hold about you collected via this method, please contact us at [email protected], putting ‘Social Media, Data Subject Request’ in the subject line.
13. Cookies, Pixels and other new technologies
How we collect your personal information using cookies
Cookies can be necessary – ie they are needed for the website to function. You cannot refuse these.
Cookies can also be used for functional, performance and advertising purposes. You will be asked whether you consent to the use of these when you visit the IWM site.
The IWM website also contains third party cookies set by other organisations.
How long we keep information collected via cookies
Cookies can be set for the duration of your visit to the website or for up to two years. The information collected is usually kept for two years.
Further information about how your data is collected online via cookies and other online markers, together with a list of cookies used on the IWM website, can be found here:
14. Policy Updates
This policy was agreed on 15 May 2018
It replaces the previous policy of 12 January 2016, to provide more detail in compliance with new Data Protection legislation.
Revisions were made to Section 13 on 7 February 2019
Revisions made in July 2021 to the following sections:
- Section 4: mention of information deposited with Collections
- Section 5: Changes to storage of information following Brexit
- Section 6: More information on use of personal data for digital marketing
- Section 7: Use of data for audit, legal compliance, delivery and empty basket emails
- Section 11: Use of Body Worn Cameras by Security staff