Fair processing notice: Council, Board and Panel members

Last updated: 15 February 2022

The data we collect about you

  • Your name and contact details
  • Personal and employment details provided as part of your appointment, eg date of birth, nationality, job title and organisation, membership status with AAT and other awarding organisations, declarations of interest, CV, applications, election statements and photographs
  • Device information (used when accessing electronic Board meeting software, currently BoardPad)

We collect personal data, meaning data that can be used to identify you. This can include, among other things, any personal data you provide to us through online platforms, such as SharePoint, our website, aat.org.uk, and via your communications with us through phone, email and in person.

Like with most other websites, we use cookies to gather limited information about how you use our website, how you reached it and what sort of device you were using. To find out more, read our cookies policy.

What we do with your data and on what grounds

We can only process your personal data if we have a basis to do so which is permitted by law. Below is the list of lawful bases we rely on in respect of your personal data, and what each of these bases means.

  • Necessary to meet our legal obligations means we process your personal data where it’s necessary for compliance with a legal or regulatory obligation to which we’re subject.
  • Necessary for our legitimate interests means we process your personal data where we consider it necessary to do so in order to conduct and manage our business in a way to provide you with the best service and experience.
    We make sure we consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests. We don’t use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
    You can obtain further information about our legitimate interests (including how we assess these against any potential impact on you in respect of specific activities) by contacting us.
  • Performance of contract with you means we process your personal data where it’s necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Purpose/activityLawful basis for processing including basis of legitimate interest
Notifying Companies House and the Charities Commission of director and trustee appointments and changesTo meet our legal obligations
Maintaining statutory registers and preparing statutory accountsTo meet our legal obligations
To meet industry best practice and AAT governance requirements including trustee declarations, code of conduct declarations, skills audits etcPerformance of a contract with you
To reimburse expensesPerformance of a contract with you
To ensure that Council and Board members can be contacted as requiredLegitimate interests (for running our business)
To enable Council and Board members to securely access board packsLegitimate interests (for running our business)
To handle complaints
  • Performance of a contract with you
  • To meet our legal obligations

Who we share your personal data with

  • Companies House and the Charity Commission
  • Other Council and Board members
  • External auditors
  • IT service providers who act as data processors
  • Impact consultants
  • Events and accommodation providers

Where we get your data from

All information is received directly from you.

How long we keep your data

We keep your data for as long as it’s necessary to meet the relevant purposes for which we’ve collected the data, including for the purpose of satisfying any legal, accounting or reporting requirements.

To determine the appropriate length of time for holding your data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm, from unauthorised use or disclosure of your personal data, the purpose for which we process your data and whether we can achieve those purposes through other means, along with the applicable legal requirements.

Certain information, such as statutory books, records and minutes of Council will be retained in perpetuity as part of the company archive.

Most other data will be held for 12 years after the end of your tenure on Council or Board.

We will retain all email correspondence for a minimum of two years but emails may be retained for longer for legal, regulatory and contractual reasons. Calls which are recorded and conversations conducted through the website live chat facility will be retained for up to two years.

And in all cases, data may be retained for longer, for research and archiving purposes or if it cannot be deleted for legal, regulatory, verification of achievements, statistical or technical reasons. In these cases, steps will be taken to ensure that data is held securely and processing is restricted.

Related content

The Association of Accounting Technicians.
30 Churchill Place, London E14 5RE
Registered charity no.1050724.
A company limited by guarantee (No. 1518983).

About AAT
About usCareers at AATBecome a training providerNewsStandardsHelp and supportContact us
Communities
Facebook – YourAATLinkedInX @YourAATInstagramTikTok @youraatYouTubeAAT CommentCareers HubApprenticeships HubDiscussion forums
Find an accountant

AAT licensed members offer accounting and bookkeeping services.

Search the AAT licensed member directory
Privacy noticeCookies policyEquality and opportunityTerms and conditions

Copyright © 2026. All rights reserved.