Last updated 02/08/2019
Who we are
- Any reference to ‘We’, ‘Us’ and ‘Our’ is to The Aerosol Society or Drug Delivery to the Lungs Conference.
- Any reference to ‘Our websites’ applies to aerosol-soc.com and www.ddl-conference.com
- Any reference to ‘Our App’ refers to The Crowd Compass Attendee Hub for the DDL Conference.
- Any reference to ‘You’ and ‘Your’ is to you as an individual visitor to our websites, app and events or member of the Society.
- If you have any concerns or comments regarding your personal information or this policy, please contact us via email: firstname.lastname@example.org, telephone: +44 (0)1275 849019 or post: The Aerosol Society, Office F04a, Pure Offices, Kestrel Court, Harbour Road, Portishead, BS20 7AN.
Protecting your data
We are committed to maintaining the trust and confidence of our members, and visitors to our websites, app and events with regard to your personal information.
Your privacy is very important to us, which is why we make sure you are always in control of what we do with your personal information. This policy explains when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.
All data is held securely within password protected cloud-based storage, password protected website administration areas and when referring to our third-party data processors; we are aware of and are satisfied with their data handling policies which demonstrate their understanding of and adherence to Data Protection legislation guidelines. We are happy to provide copies of these policies when requested.
Should a serious data breach occur we are required to report to the ICO within 72 hours. Where there is a risk of harm to the rights and freedom of individuals, we will also notify the potentially affected individual/s that a data breach has happened and remind them of their rights at this point. We will take action to remove the source of the breach and take other necessary remedial action required.
What information do we collect from you?
We collect information to provide you with a better experience of using our websites, app, and event participation and for communications form us including our monthly newsletter. In order to provide you with access to certain services or data within our websites, app and events, we may require that you provide us with personal information, for example if you wish to become a Society member or attend a conference/meeting.
This information may include your name, postal address, telephone number, e-mail address, affiliation, user name or screen name used to access our services, method of payment including transaction and credit/debit card details.
Information we collect is retained only for as long as necessary and as specified in our Retention Policy which you can request to view by contacting us on email@example.com. We monitor compliance with data protection legislation internally to ensure we are successfully adhering to our data protection and security policies.
We collect information in the following ways:
- When you buy tickets for events or sign up for membership on our websites.
- When you register or update your personal details using online forms and accounts.
- When you choose to sponsor or exhibit at one of our events.
- When you contact us via email, telephone or letter.
- When you take part in our promotions, competitions, user experience surveys or questionnaires.
- When you visit our websites – logging the Internet Protocol (IP) address of your computer to be able to receive and send information on the internet.
- We sometimes record video and take photographs at our events. See section on Photography.
Why do we collect this information and what do we do with it?
We will process your data (for example your name, address, email address, affiliation) in accordance with your rights under the Data Protection Act 2018. We may process your information in any number of ways and on any secure databases we use for the following purposes:
- To create an electronic record of your data to enable your request for information to be processed. (Lawful Basis: Contract)
- To process electronic payments for events and memberships via external partner organisations*. (Lawful Basis: Contract)
- To help us manage your membership or run any other services we provide to you. (Lawful Basis: Contract)
- To administer and manage the products and services we make available to you. (Lawful Basis: Contract)
- To compile marketing lists via an external partner organisation ** to communicate events and services we offer that you may be interested in. (Lawful Basis: Legitimate Interest)
- To compile delegate lists for distribution to attendees at our events. (Lawful Basis: Legitimate Interest)
- To help us identify products and services which we think will interest you (unless you have asked us not to). (Lawful Basis: Legitimate Interest)
- For user account administration within The Aerosol Society. (Lawful Basis: Consent)
- To assist us with statistical analysis, compliance/regulatory reporting and compliance with our legal obligations, policies and procedures. (Lawful Basis: Legitimate Interests)
- We may also communicate with you, relevant marketing from other similar organisations concerning similar events or services, should you consent to receiving communications from us. (Lawful Basis: Legitimate Interest)
- With your prior consent, we may use your name, photograph and affiliation to promote such things as awards and research via the Society social media accounts and website. (Lawful Basis: Consent)
We sometimes record video and take photographs at our conferences and events which may then be used for future marketing purposes.. Should you explicitly not wish to appear in any photographs or on camera please make the organisers aware when you arrive at the event and we will do everything reasonable to support this. Following an event, should you become aware of any photograph or video where you appear please contact us on firstname.lastname@example.org and we will remove it from circulation as soon as we reasonably can.
What is a cookie?
A cookie is a text file that is stored on your computer or mobile device by a website’s server. Each cookie contains anonymised information about how you use our websites and applications, which allows us to improve your experience of using our products and services.
There are two types of Cookies our websites use: WordPress and WordFence.
- WordPress cookies are used to keep users logged in to their accounts and facilitate the shopping cart system. The WordPress cookie is used to access information from the user’s website account (such as name, email address used when signing up, if they’re an academic professional or a student, membership status etc.).
- WordFence is an anti-malware suite that checks the visitor is a natural person and marks their PC as such via a cookie.
If you prefer, it is possible to disable cookies by modifying the settings in your browser. However, you may not be able to use all of the interactive features on our websites if cookies are disabled.
When you visit our websites we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We use the information we collect to help us understand how our websites are used so that we can improve them. We also use it to compare the popularity of different pieces of content on our websites.
This information is processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Who might we share your information with?
We take our obligations and responsibilities regarding protecting your privacy very seriously, and therefore, we exercise great care to protect the information we collect about you.
We may share your data with organisations working directly with us as a partner to maintain our activities, products, or services offered to you. Service providers and suppliers are required to keep confidential and secure the personal information received from us and may not use it for any other purpose other than as originally intended.
We will share your information in the following circumstances:
- If exhibiting at the DDL Conference we will share your contact details with our partner logistics organisation Ant Logistics to enable them to contact you to offer to help manage your exhibition logistics to and from the event. (Lawful Basis: Legitimate Interest)
- Should there be an issue with accessing your electronic account online, we may employ the assistance of our IT support organisation Computer Geeks to resolve the issue. A copy of their Data Handling Policy can be made available if required. (Lawful Basis: Contract)
- If compelled to do so by law. (Lawful Basis: Legal Obligation)
Our mailing lists
We use a third-party provider, MailChimp, to deliver our member newsletter and to send you relevant products and services information mailshots with your consent. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-communications. For more information, please see MailChimp’s privacy notice. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing us at email@example.com
We have criteria in place in relation to how we determine the period for which we use your personal information, as well as a process for deletion of your personal information at the end of the relevant retention period.
For more information regarding our retention policy please contact our Data Protection Officer at: firstname.lastname@example.org
How do we protect your information?
- We use Secure Site License (SSL) approved technology where appropriate.
- Website pages that use this technology are flagged with a padlock symbol.
- We use secure technology in all our email communications and unless you have provided us with your clear and express consent, we do not disclose your email address to any other recipient.
- We review, monitor and test our data protection, information security and records management processes regularly to ensure compliance to this policy.
Communication preferences & changes to personal details
Once you have provided your express consent for us to contact you on our behalf, or on behalf of other organisations, there are a number of methods available to you in order to change your preferences or to correct or update your personal information at any time by:
- clicking the ‘unsubscribe’ link in any promotional email you receive from us.
- contacting us via the online contact form on our websites.
- contacting us via email at email@example.com.
Websites & services not covered by this statement
Third-party websites (for example scientifically related conferences and events of interest to our members) and services we link to through our websites have their own privacy policies, independent of us. We hold no responsibility or liability for these independent policies. We encourage you to look for and review the privacy policies of any third-party website you visit.
YOUR RIGHTS CONCERNING YOUR DATA
Subject access rights
If you write to us with a request, you will have a right to be provided with a copy of all personal information we hold about you within 1 month of your request.
You can request that your personal data is transferred directly to another ‘data controller’ at any time.
Your right to rectification
You can request that we correct or update your personal data at any time to ensure that your information is accurate and up-to-date.
Right to Objection
The GDPR gives individuals the right to object to the processing of their personal data where our lawful processing condition is Legitimate Interests.
Right to restriction
Individuals have the right to request the restriction of processing or destruction, or suppression of their personal data.
Right to erasure
We may be required to archive your personal information however, we will not retain personal data for longer than is necessary for the purpose we obtained it. You have the right to request that we delete your personal information in certain circumstances, i.e. where the purpose for collecting your personal information no longer exists and we are not obligated to retain all or any part of your personal information for legal reasons.
This right is linked only to where the Lawful basis for obtaining your Data was Consent.
We will not contact you about our related products or services or send you any other communications if you have indicated that you do not want to receive these. In this case, your name will be included in appropriate suppression lists.
Withdrawing your consent
You can withdraw your consent at any time by contacting us at firstname.lastname@example.org.
Our right to change this privacy statement
This Privacy Statement may be updated periodically and without prior notice to you to reflect changes in our online and Society information practices. We will indicate at the top of the statement when it was most recently updated. We recommend that you visit our Privacy Statement page whenever you visit our websites so that you are aware of any changes.
- We will never pass your personal details to anyone for them to use for their own marketing purposes unless you have previously provided us with your informed and specific consent.
- We will ensure that we obtain your express consent before we contact you by any method for any purpose.
- We will make sure our contact with you is relevant, based upon the preference information you give us.
- You can change your contact preferences at any time. All you need to do is update your preferences by contacting us at email@example.com.
- Your personal information will be stored safely and will remain secure at all times.
- No statistical information which identifies you personally will be published.
- No personal information will be kept any longer than necessary in order to fulfil the purpose it was collected for, and if you ask us to, it will be deleted.
- We will always delete your personal information if requested by you to do so.
- We will always comply with data protection legislation and all other applicable laws and EU Directives.
- Please remember to let us know if your details change so that we can keep in touch.
We are registered with the Information Commissioner’s Office (ICO) for the purpose of processing personal data.
We will process your personal data in accordance with the ICO regulations.
For any questions regarding the way we process personal data please contact our Data Protection Officer: firstname.lastname@example.org at North Somerset Inspire Limited.