Privacy Notice for the Society for Cardiothoracic Surgery in Great Britain and Ireland
1. About this Notice
1.1 This policy explains when and why we collect personal information about our members, how we use it and how we keep it secure and your rights in relation to it.
1.4 We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk). For the purposes of the GDPR, we will be the @controller@ of all personal data we hold about you.
2. Who are we?
2.1 We are Society for Cardiothoracic Surgery in GB & Ireland. We can be contacted at 35-43 Lincoln’s Inn Fields, London, WC2A 3PE, Tel: 020 7869 6893, Email: firstname.lastname@example.org
3. What information we collect and why.
3.1 Information you give us
3.1.2 When you engage with our social media or message boards, make a donation to us, register for an event or otherwise provide us with personal information. When you register, we’ll ask for personal information, like your name, email address and telephone number to store with your account
3.2 Information we get from your use of our website and services.
We collect information about the services you use and how you use them, like when you watch a video on YouTube, visit our websites or view and interact with our content
3.3 Information from third parties.
We may also receive information about you from third parties. This can include information such as your name, postal address, work address, email address, phone number. We, like all businesses, are able to confirm what browser you are using, IP address and computer operating systems that are being used and this information may be used to improve the services we offer.
4. Using our Website and Cookies
In addition, if you apply for membership or register for our annual meeting on our websites then the following will also apply:
- All SCTS websites collect personal information when you apply for membership or register for an annual meeting with us.
- The website you use to register for the annual meeting or apply for membership, will collect information such as your name, email address and post code. Once you register with that website you will not be anonymous to us.
- As part of the membership application process and continued use of SCTS services, you agree that any registration information you give to SCTS will always be accurate, correct and up to date. Please do get in touch should you need to amend any of your personal information.
- We collect and retain information about your interactions with us so that we can process your interactions and deal with future queries.
- Cookies which are from trusted third parties
We utilise the technology of third parties on a regular basis to ensure that we are using up to date systems which are managed by the best companies to provide us with the information that we need. This in turn means that there will be a number of third party cookies from our trusted suppliers used on our websites. Each company is responsible for the cookies that they place onto your device and have separate policy documents to highlight their use.
- Our list of trusted third parties who may deploy a cookie to your device, with a link to their cookie details is below:
5. Following a link to another website
Our site may, from time to time, contain links to other, third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or how your data is used by these third parties. Please check the relevant policies before you submit any personal data to these websites.
6. Your Debit and Credit Card information
If you use your credit or debit card to donate to us, register for the annual meeting or pay for membership application or subscription renewal online or at our annual meeting, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. You can find our more information about PCI DSS here –https://www.pcisecuritystandards.org/security_standards/index.php
We do not store your credit or debit card details at all, following the completion of your transaction. All card details and validation codes are securely destroyed once the payment or donation has been processed. Only staff authorised and trained to process payments will be able to see your card details.
If we receive an email containing any credit or debit card details, it will be immediately deleted, no payment will be taken and you will be notified about this. All membership application and subscription payments, donations or registrations for the annual meeting should be completed through Becoming a member(https://membership.scts.org/Join-Online) or Annual Meeting page (https://scts.org/annual-meeting/) on our website (www.scts.org) or on site at our annual meeting.
7. Legal basis & Legitimate Interests
When we collect and use your personal information, we will make sure this is only done in accordance with at least one of the legal grounds available to us under Data Protection law.
One of these is where we have obtained your specific consent to use your information for a previously notified purpose, such as to send you email marketing or to provide you with a product, service or information at your request or for specific workforce reports and bespoke SCTS project
- In certain instances, we may collect and use personal information where this is necessary in our legitimate interest as a charity, this includes being able to:
- Send direct marketing material to members and non-members who have registered for our annual meeting by email for purposes of encouraging support of the national meeting (subject to checking against the Mailing Preference Service and any existing marketing preferences indicated in the membership database).
- Conduct research to better understand how to support all areas of the cardiothoracic community and better target training and other educational and support activity.
- Monitor who we deal with to protect our charity against fraud, money laundering and other risks;
- Maintain and administer our membership database and systems.
- Fulfil a legal obligation to use or disclose information about you – for instance, where we are ordered by a court or regulatory authority or we are legally required to hold donor transaction details for Gift Aid* or accounting/tax purposes.
In all cases, we balance our legitimate interests against your rights as an individual and make sure we only use personal information in a way or for a purpose that you would reasonably expect in accordance with this Policy and that does not intrude on your privacy or previously expressed marketing preferences.
8. Your consent
At SCTS we take your privacy seriously and will only use your personal information to administer your account in accordance with our legal responsibilities, legitimate interests and to provide the products and serviceyou have requested from us.
If you have indicated you would like to subscribe to the JTCVS journal; we will provide your details to Elsevier. You can view their privacy notice here. They will provide details of of how to register and issue passwords to view the Journals.
We use a third party suppliers, Open Box Communications and CPL to distribute the Bulletin and Perspectives in Cardiothoracic Surgery book. We send members’ name and address, and email details in order for them to send both hard and soft copies directly. Please see privacy notices below.
- Open Box (privacy link to follow)
- CPL (privacy link to follow)
We use Paypal, Worldpay, Barclays and BACS to handle our financial transactions.
We use Emmantech, Dataware, 1&1 and Mailgun for our Website and membership database, Formsite for membership renewal and courses administration, and Shocklogic for our annual meeting registration and abstract submission
We use the Electoral Reform Service to administer our annual elections
Below is a list of other companies we use together with links to their privacy policies.
9. Recipients – Information and Disclosure
The SCTS may disclose your personal information in the following circumstances:
- To suppliers or service providers only to provide the products or services you’ve requested from our site(s) where, for example, we use a separate company to deliver goods to you.
- To third parties who provide a service to us and are data processors. This would include our trusted partners that work with us in connection with our association purposes. We require these third parties to comply strictly with our instructions and data protection laws and we will make sure that appropriate controls are in place. We enter into contracts with all of our data processors and regularly monitor their activities to ensure they are complying with SCTS policies and procedures.
- Where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies), or in order to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect the SCTS, for example in cases of suspected fraud or defamation.
We will never share, sell or swap your details with any third parties for the purposes of their own marketing or the monetising of your data.
10. Inapprorpiate Website Content
If you post or send any content that we believe to be inappropriate, offensive or in breach of any laws, such as defamatory content on our forums or social media pages, we may use your personal information to inform relevant third parties such as your internet provider or law enforcement agencies.
11. Keeping your personal information
We keep your personal information only for as long as required to operate the service in accordance with legal requirements and tax and accounting rules. Where your information is no longer required, we will ensure it is disposed of in a secure manner.
12. Your ability to edit and delete your account information and preferences
The accuracy of your personal information is important to us. You can edit your SCTS account information, including your address and contact details at any time. If you would like to change your preferences or update the details we hold about you other than online, please contact our main office on 020 7869 6893 or email@example.com or write to Society for Cardiothoracic Surgery in GB & Ireland, 35-43 Lincoln’s Inn Fields, London, WC2A 3PE
13. Your rights to your personal information
Under the General Data Protection Regulation 2016 (GDPR) you have a right to request a copy of the personal information we hold about you and to have any inaccuracies corrected. You also have the right to request us to erase your personal information, request us to restrict our processing of your personal information or to object to our processing of your personal information.
Should you wish to exercise these rights we require you to prove your identity with two pieces of approved identification. Please address requests to the Administration Office, Data Protection Officer, Society for Cardiothoracic Surgery in GB & Ireland, 35-43 Lincoln’s Inn Fields, London, WC2A 3PE and we will respond within 40 days, of receipt of your written request and confirmed ID. Please provide as much information as possible about the nature of your contact with us to help us locate your records. We reserve the right to charge a fee of £10 for this process.
Where you have provided your consent for our use of your personal information, you always have a right to withdraw your consent at any time.
14. Changes to the this Privacy notice
We may update the terms of this policy at any time, so please do check it from time to time. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address you have provided to us or by placing a prominent notice on our website(s). By continuing to use our website you will be deemed to have accepted such changes.