YOUR PRIVACY

Your privacy matters. Read below to learn how IPT collects, uses, and protects your data.

Privacy Policy IPT Members Ltd

Last updated: 30 April 2025

1. Who We Are

IPT Members Ltd (“IPT”, “we”, “us”, “our”)

Website: https://www.instituteofpsychedelictherapy.org

Contact email: [email protected]

IPT is a Limited Company registered in England and Wales. We are the data controller responsible for your personal information as described in this policy.

We are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What This Policy Covers

This Privacy Policy explains how we collect, use, store, and share your personal data when you:

  • Visit our website at instituteofpsychedelictherapy.org
  • Apply for or hold membership with IPT
  • Register for or attend events organised by IPT
  • Appear in our member directory
  • Contact us directly

Please read this policy carefully. By using our website or services, you acknowledge you have read and understood it.

3. Personal Data We Collect

3.1 Identity and Contact Information

  • Full name
  • Email address
  • Phone number
  • County location
  • Membership body, number and status

3.2 Professional and Business Information

  • Job title and professional role
  • Public phone number and email
  • Professional qualifications and credentials
  • Information you choose to include in your member directory profile

3.3 Event and Membership Data

  • Membership type, status, and history
  • Event bookings

3.4 Financial Information

  • Membership fee and event booking payment records
  • Note: Payment card details are processed directly and securely by Stripe. IPT does not store your card details.

3.5 Images and Media

  • Profile photographs you upload to your member profile or directory listing

3.6 Technical and Usage Data

  • IP address, browser type, and device information
  • Pages visited and time spent on our website
  • Cookie identifiers (see Section 9 for our Cookie Policy)

4. How We Collect Your Data

We collect personal data in the following ways:

  • Directly from you when you register for membership, book an event, complete a contact form, or communicate with us
  • Automatically through cookies and similar technologies when you browse our website
  • From third-party platforms where you interact with IPT (e.g. event booking via ME Events, membership management via PMPro)

5. Our Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following:

Performance of a contract – to administer your membership, process event bookings, and deliver the services you have signed up for.

Legitimate interests – to operate and improve our website, maintain our member directory, communicate important organisational updates, and protect the security of our systems. We have assessed that our legitimate interests do not override your rights and freedoms.

Consent – where we send you optional marketing communications (such as newsletters or promotional emails). You may withdraw your consent at any time by contacting us or using the unsubscribe link in any marketing email.

Legal obligation – where we are required to process your data to comply with applicable laws and regulations.

6. How We Use Your Personal Data

We use your personal data for the following purposes:

  • Creating and managing your membership account
  • Processing event registrations and payments
  • Displaying your information in the IPT member directory (where you have opted in)
  • Sending you service-related communications (e.g. booking confirmations, membership renewals)
  • Sending you marketing and newsletter communications (with your consent)
  • Improving our website and services
  • Ensuring the security and integrity of our platform
  • Complying with our legal and regulatory obligations

7. Member Directory

Where you choose to appear in the IPT member directory, certain information from your profile will be visible to other members and the general public. This may include your name, professional role, organisation, and profile photograph.

You are responsible for the accuracy of information you include in your directory profile. You can update or remove your directory listing at any time through your account settings or by contacting us.

8. Who We Share Your Data With

We do not sell your personal data. We share it only with trusted third parties who help us deliver our services, and only to the extent necessary. These include:

Stripe – payment processing. Stripe acts as an independent data controller for payment data. See stripe.com/gb/privacy for their Privacy Policy.

Mailchimp (Intuit) – email marketing and newsletters.

ME Events by Webnus  – event booking and management.

Paid Memberships Pro (PMPro) – membership management, operating within our hosted environment.

Cloudinary and BlueHost – our website and data are hosted on secure servers using reputable providers with appropriate data protection safeguards.

Google Workspace (including Google Drive and Google Classroom) – used for internal administration and, where applicable, for the delivery of training programmes and sharing of course materials with trainees. See policies.google.com/privacy  

Google Analytics – used to understand website usage and improve our services. See policies.google.com/privacy

Signal – used for optional member communication spaces (such as referral networks or community discussion groups). Participation is voluntary and based on member opt-in. If you choose to join a Signal group, your phone number, profile name, and any information you share within the platform may be visible to other participants. See Signal >> Terms of Service & Privacy Policy

We may also disclose your data where required by law, by a court order, or to protect the rights and safety of IPT or others.

9. International Data Transfers

Some of our third-party service providers (including Mailchimp & Stripe) are based in the United States or other countries outside the UK. Where your data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO)
  • Transfers to countries with UK adequacy decisions
  • Providers certified under recognised data protection frameworks

You can request further information about the specific safeguards in place by contacting us.

10. How Long We Keep Your Data

We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. As a guide:

  • Membership data: retained for the duration of your membership and for a reasonable period thereafter for administrative and legal purposes
  • Event booking data: retained in line with financial record-keeping requirements (typically 6 years)
  • Marketing data: retained until you withdraw consent or unsubscribe
  • Website usage data: typically retained for up to 26 months

IPT is currently developing a formal data retention schedule, which will be published in an updated version of this policy. If you wish to request deletion of your data in the meantime, please see Section 11.

11. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of access – you can request a copy of the personal data we hold about you.

Right to rectification – you can ask us to correct inaccurate or incomplete data.

Right to erasure – you can ask us to delete your data in certain circumstances.

Right to restrict processing – you can ask us to pause processing of your data in certain circumstances.

Right to data portability – you can request your data in a structured, commonly used, machine-readable format.

Right to object – you can object to processing based on legitimate interests or for direct marketing purposes.

Rights related to automated decision-making – we do not make automated decisions about you that produce significant legal effects.

To exercise any of these rights, please contact us at [email protected]. We will respond within one month. There is no charge for making a request.

If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

  • Website: ico.org.uk
  • Telephone: 0303 123 1113

12. Cookies

Our website uses cookies and similar tracking technologies to improve your experience and to analyse how our site is used. Types of cookies we use:

  • Essential cookies – necessary for the website to function (e.g. session cookies, login state)
  • Analytics cookies – help us understand how visitors use our site (e.g. Google Analytics)
  • Functional cookies – remember your preferences
  • Marketing cookies – used by third-party tools to deliver relevant content

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our website.

13. ICO Registration

Data controllers who process personal data in the UK are generally required to register with the Information Commissioner’s Office (ICO) and pay the data protection fee. IPT is registered.

14. Data Security

We take appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. These include:

  • Secure HTTPS connections across our website
  • Access controls limiting who within IPT can access personal data
  • Use of reputable, security-certified third-party providers

Whilst we take data security seriously, no method of transmission over the internet is 100% secure. If you have concerns about a specific security issue, please contact us immediately.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will notify members by email and/or by displaying a prominent notice on our website. The date at the top of this policy indicates when it was last updated.

16. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

The Institute of Psychedelic Therapy LLP

Email: [email protected]

Website: https://www.instituteofpsychedelictherapy.org

Note: IPT does not currently have a dedicated Data Protection Officer (DPO). Data-related queries should be directed to the contact above. As the organisation grows, the appointment of a DPO will be reviewed.

IPT
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses minimal cookies so that we can provide you with the best experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website, helping with event booking and to keep you logged in when you are a member.

For all the information on how me store and manage your data please see our privacy policy