Basi Logo Icon
British Associationof Snowsport Instructors

Book a course

AboutFind a job

Shop

NewsGot a question?
Person Icon
Basket
Hamburger Icon

Book a course

About

Find a job

Shop

News

Got a question?

Facebook
Instagram
YouTube
Tiktok

BASI Privacy and Data

Protection Policy

BASI Privacy and Data Protection Policy

1. Introduction

The British Association of Snowsport Instructors Limited, known as BASI, respects your privacy and is committed to protecting your personal data.

This Privacy and Data Protection Policy explains what personal data we collect, how we use it, who we may share it with, how long we keep it, and what rights you have.

This policy has been prepared in line with applicable UK data protection laws, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

When we say “BASI”, “we”, “us” or “our”, we mean the British Association of Snowsport Instructors Limited.

BASI is the data controller for the personal data we collect and use. This means we are responsible for deciding how and why your personal data is used.

This policy applies when you use our website, become a BASI member, book a course, buy from us, contact us, attend an event, take part in BASI training or assessments, or otherwise interact with us.

This policy should be read alongside our Cookies Policy, which explains how we use cookies and similar technologies on our website.

 

2. Who this policy applies to

This policy applies to:

  • BASI members
  • People booking or attending BASI courses, assessments or events
  • Trainers, educators, assessors and volunteers
  • Business partners and venue contacts
  • Website users
  • People who contact us by email, phone, post, social media or live chat
  • Suppliers and professional contacts
  • Anyone else whose personal data we process as part of our work 

 

3. The personal data we collect

The personal data we collect depends on how you interact with BASI.

Information you give us

This may include:

  • Your name
  • Date of birth
  • Address  
  • Email address
  • Phone number
  • Membership number
  • Login details
  • Course bookings and course history
  • Assessment results and course reports
  • Qualification records
  • Licence records
  • Teaching hours, log sheets and touring records
  • Emergency contact details
  • Payment and billing information
  • Communication preferences
  • Correspondence with BASI
  • Feedback, complaints or support requests
  • Photos or video where relevant to training, assessment, events or BASI activity 

Information connected to courses and membership

Because BASI is a membership and awarding organisation, we may also process information about:

  • Your qualifications
  • Course attendance
  • Assessment outcomes
  • CPD records
  • Safeguarding or first aid evidence where required
  • Trainer feedback or course reports
  • Licence status
  • Professional pathway progress 

Special category data

Some information is more sensitive and needs extra protection under data protection law. This is known as special category data.

We may process limited special category data where necessary, such as:

  • Medical or health information relevant to course participation, reasonable adjustments, incidents or safety
  • Accessibility or support needs
  • Information connected to safeguarding where relevant
  • Photos or video where these reveal sensitive information 

We only process this type of data where we have a lawful basis and an additional condition under UK data protection law. This may include explicit consent, where appropriate, or where processing is necessary for legal, safeguarding, health and safety, or substantial public interest reasons.

 

4. Information we collect automatically

When you visit our website, we may collect technical information such as:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Time zone
  • Pages visited
  • Time spent on pages
  • How you move around the site
  • Errors or performance issues 

We use this information to keep the website secure, understand how it is used, and improve the experience for members and visitors.

Non-essential analytics or marketing cookies are only used in line with our Cookies Policy and your cookie preferences.

 

5. Information we receive from others

We may receive personal data from third parties where relevant to BASI activity, including:

  • BASI trainers, assessors and educators
  • Partner organisations or venues
  • Business partners
  • Payment providers
  • Professional advisers
  • Suppliers and service providers
  • Other organisations involved in course delivery, qualification recognition, safeguarding, complaints, or member support 

We will only use this information where we have a lawful basis to do so.

 

6. Why we use your personal data

We use personal data to run BASI properly and support our members.

This includes:

  • Creating and managing your BASI membership
  • Allowing you to book and attend courses, assessments and events
  • Delivering training, assessments and qualifications
  • Recording course attendance, results and qualifications
  • Issuing certificates, licences and membership records
  • Managing CPD and professional pathway progress
  • Taking payments and issuing invoices or receipts
  • Responding to enquiries, support requests and complaints
  • Providing member communications and service updates
  • Sending marketing communications where allowed
  • Managing trainer, venue and partner relationships
  • Supporting safeguarding, health and safety and incident management
  • Improving our website, systems and services
  • Meeting legal, regulatory, financial and governance obligations
  • Protecting BASI, our members, staff, trainers and systems from fraud, misuse or security risks 

 

7. Our lawful bases for using personal data

We only use personal data where the law allows us to.

Depending on the situation, we may rely on one or more of the following lawful bases:

Contract

We process personal data where it is needed to provide membership, courses, assessments, qualifications, products or services you have requested.

Legal obligation

We process personal data where we need to comply with legal, financial, safeguarding, tax, employment, company or regulatory obligations.

Legitimate interests

We process personal data where it is necessary for BASI’s legitimate interests, provided your rights and freedoms do not override those interests.

This may include running BASI, maintaining accurate member records, improving our services, managing complaints, protecting our systems, communicating with members, and supporting the integrity of BASI qualifications.

Consent

We use consent where this is required, for example for certain marketing communications, optional cookies, or some uses of photos, video or sensitive information.

You can withdraw consent at any time where consent is the basis we are relying on.

Vital interests

In rare cases, we may process personal data where necessary to protect someone’s life or safety, for example in a serious incident or emergency.

 

8. Marketing and communications

We may send you service communications about your membership, bookings, qualifications, licence, payments, governance matters or important BASI updates. These are not optional marketing messages; they are part of how we manage your membership or relationship with BASI.

We may also send marketing or promotional communications, such as updates about courses, events, products, partnerships or opportunities, where we are allowed to do so.

You can update your communication preferences through your Members’ Area or unsubscribe from marketing communications where an unsubscribe option is provided.

We will not sell your personal data to third parties.

 

9. Photos and video

We may use photos or video for training, assessment, feedback, events, communications or promotional purposes.

Where photos or video are used for assessment or individual feedback, we will only use them for the relevant training or assessment purpose and keep them for a limited period.

Where we want to use identifiable photos or video for wider marketing or promotional purposes, we will rely on consent where appropriate.

You can contact us if you have concerns about a photo or video that includes you.

 

10. Who we share personal data with

We may share personal data where necessary with:

  • BASI staff, trainers, assessors and educators
  • Course venues and delivery partners
  • Business partners involved in BASI services
  • Professional recognition bodies and international partners, including ISIA, where this is needed to verify qualifications, support international recognition, confirm professional standing, or manage BASI’s involvement in international snowsport activity
  • Pro deal, member benefit and commercial partners, where a member chooses to access a BASI-related offer and we need to confirm their membership status, eligibility or qualification level
  • Payment providers, including Stripe
  • Email and communications platforms, including Customer.io
  • Live chat and support platforms, including tawk.to
  • Online learning platforms, including LearnWorlds
  • Website, hosting, database and IT providers
  • Analytics providers, where cookies are accepted
  • Mailing houses or fulfilment partners
  • Professional advisers, including legal, insurance, accounting and audit providers
  • Regulators, law enforcement, courts or public authorities where required 

We only share the personal data needed for the relevant purpose.

Where possible, we will share the minimum information required. For example, where a partner only needs to confirm that someone is a current BASI member or eligible for a member benefit, we will not share wider membership, course or personal history unless it is needed for that purpose.

Where third parties process personal data on our behalf, we require them to protect it and only use it under our instructions.

We do not sell personal data to third parties.

 

11. Payments

Payments made through our website or payment links are processed by our payment provider.

BASI does not store full card details. Payment information is processed securely by the payment provider.

We may retain payment records, invoices and transaction references for finance, accounting, tax, audit and support purposes.

 

12. International transfers

Some of the systems and service providers we use may process personal data outside the UK.

Where this happens, we take steps to make sure personal data remains protected in line with UK data protection law. This may include using adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, or other appropriate safeguards.

 

13. How we keep your data safe

We use appropriate technical and organisational measures to protect personal data from accidental loss, misuse, unauthorised access, disclosure, alteration or deletion.

These measures include access controls, secure systems, staff confidentiality obligations, supplier checks and appropriate security processes.

Where you have a password for the Members’ Area, you are responsible for keeping it confidential. Please do not share your password with anyone.

 

14. How long we keep your data

We only keep personal data for as long as we need it.

Because BASI is a membership and awarding organisation, some records need to be kept for a long time. This is particularly important for qualification and course achievement records. Members may return to BASI after many years away, and we need to be able to verify what they have already completed, confirm their qualification history, support their return to the pathway, and protect the integrity of BASI awards.

We do not keep all personal data indefinitely. Different types of information are kept for different periods depending on what the data is, why we need it, and whether there is a legal, financial, safeguarding, qualification, governance or legitimate operational reason to retain it.

Unless we tell you otherwise, our usual retention periods are:

Kept indefinitely

We may keep the following core records indefinitely, or for as long as BASI needs to maintain an accurate qualification and membership history:

  • Name  
  • Membership number
  • Date of birth
  • Qualification records
  • Course completion records
  • Assessment results
  • Licence history
  • CPD records where relevant to qualification or licence status
  • Key pathway records needed to verify professional standing 

These records allow us to confirm qualifications, support returning members, maintain historical accuracy, and avoid members having to repeat training or assessments they have already completed.

Kept for up to 20 years after membership ends

We may keep the following records for up to 20 years after membership ends, unless they form part of a core qualification or pathway record listed above:

  • Course reports
  • Detailed assessment feedback
  • Teaching hours, log sheets and touring records
  • Records needed to support pathway progression or trainer decision-making 

Kept for up to 10 years

  • Address  
  • Gender, where provided
  • Membership notes
  • Membership subscription history
  • Relevant member support records 

Kept for up to 6 years

  • Payment records
  • Invoices  
  • Receipts  
  • Finance and accounting records
  • Direct debit or mandate records, where applicable 

Kept for up to 2 years

  • Complaints from or about members, unless a longer period is required because of the nature of the complaint or related legal, safeguarding, insurance or governance issues 

Kept for up to 3 months unless needed longer

  • Videos taken by trainers for individual feedback
  • Written projects or supporting assessment materials 

Deleted or replaced after processing, unless we need to keep a record

  • First aid certificates
  • Safeguarding certificates
  • External CPD certificates
  • Disclosure certificates
  • Alerts or evidence submitted for verification 

In some cases, we may keep information for longer if required for legal, safeguarding, insurance, dispute resolution, qualification integrity, governance or regulatory reasons.

We review our retention approach regularly to make sure we are not keeping more personal data than we need.

 

15. Your rights

Under data protection law, you have rights over your personal data.

These include the right to:

  • Ask for a copy of the personal data we hold about you
  • Ask us to correct inaccurate or incomplete data
  • Ask us to delete your data in certain circumstances
  • Ask us to restrict how we use your data
  • Object to certain types of processing
  • Ask for your data to be transferred to another organisation, where applicable
  • Withdraw consent where we are relying on consent
  • Complain to the Information Commissioner’s Office 

These rights do not apply in every situation, and we may need to keep certain information where we have a legal, contractual, safeguarding, qualification, governance or legitimate reason to do so.

To exercise your rights, please contact us using the details below.

 

16. Automated decision-making

We do not make decisions that have a significant legal or similarly significant effect on you based solely on automated processing.

 

17. Links to other websites

Our website may include links to third-party websites, services or platforms.

We are not responsible for the privacy practices of those websites. We recommend reading their privacy information before providing personal data to them.

 

18. Changes to this policy

We may update this policy from time to time as our services, systems or legal requirements change.

The latest version will always be published on our website.

Last updated: 1 May 2026
Next review due: 1 May 2027

 

19. Contact us

Questions, comments or requests about this policy are welcomed.

BASI — British Association of Snowsport Instructors
50 Lothian Road
Festival Square
Edinburgh
EH3 9WJ

Email: basi@basi.org.uk
Phone: 01479 861717

You also have the right to complain to the Information Commissioner’s Office (ICO) if you are unhappy with how we use your personal data.