Introduction
The James IV Association of Surgeons (James IV) is committed to protecting the privacy and security of your personal data/information and complying with obligations under the Data Protection Act 2018 (the ‘2018 Act’) and the EU General Data Protection Regulation (‘GDPR’) in respect of data privacy and security.
The James IV processes data in accordance with the with six ‘Data Protection Principles’. It must:
- Be processed fairly, lawfully and transparently
- Be collected and processed only for specified, explicit and legitimate purposes
- Be adequate, relevant and limited to what is necessary for the purposes for which it is processed
- Be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay
- Not be kept for longer than is necessary for the purposes for which it is processed
- Be processed securely.
What information do we collect?
We may collect Personal Data in connection with membership and/or event services provided to you, including your name, photograph, address, age and contact information (such as email or phone number). The types of personal data that we collect will depend on the membership and/or event service you apply for or receive. This policy applies to all data whether it is stored electronically, on paper or on other materials.
We may also collect Payment Data to facilitate a secure payment of membership and /or event services which include credit or debit card details. Such payments are facilitated by third-party service providers. These third-parties may store your credit or debit card account information so you can use payment services through our website in the future to the extent permitted law.
You may also be asked to provide Statistical Data such as job title, professional interests, field of study, etc. for statistical purposes.
You may always choose not to provide the requested information, but in doing so we may be unable to provide the membership and/or event service you request.
By submitting your data (Personal, Payment or Statistical) to us, you will be treated as having given your permission for the processing of your data as set out in this Privacy Policy.
For what purposes do we collect your Personal Data?
We may use your Personal Data to:
- Communicate with you regarding our services (e.g. send you a newsletter, membership notification or an event invitation)
- Provide you with a service (e.g. when you require us to perform a task)
- Process fees and other transactions (e.g. when making a payment or refund for an event and/or event service)
- Confirm or correct Personal or Statistical Data
- Audit our business
- Perform research for our own purposes
Sharing your personal data with third-parties
Sometimes we might share your personal data with our contractors and agents to carry out obligations under our service agreement with you or for our legitimate interests. We require those companies to keep your personal data confidential and secure and to protect it in accordance with the law and our policies. They are only permitted to process your data for the lawful purpose for which it has been shared and in accordance with our instructions.
The following activities are carried out by third-party service providers: administration, IT services, membership fee processing, event registration and scientific programme management services.
How long do we retain your personal information?
We will not keep your personal information longer than is necessary, taking into consideration information needed for applicable legal requirements and limitation periods.
Do we use cookies to collect information?
Yes, to improve your experience, we use cookies to remember log-in details and to collect statistics to optimize website functionality.
Most web browsers automatically accept cookies. You can avoid this by changing the settings of your browser. You can also delete the cookies after your visit of this site by changing the settings of your browser.
Hyperlinks and other privacy policies
If you follow a hyperlink from our website to a website of another entity (e.g. partner organisation, news portal, social media feed etc.), that entity may collect data. We advise you to read the privacy policies of those entities, for which we bear no responsibility.
How to access, review and delete your Personal Data?
Upon your request, we will make your Personal Data available to you for review pursuant to the 2018 Act. This request must be made in writing to the Data Controller who will coordinate a response.
There is no fee for requesting your personal data, however, if such request is deemed to be excessive, an administrative fee may be applied, or the request denied.
Changes to this Privacy Policy
We reserve the right to update this Privacy Policy at any time, and we will provide you with a new Privacy Policy when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
How to contact us?
If you have any queries about how we use your personal information, please contact us at [email protected].
Last updated 22nd May 2018