We do not store credit card details nor do we share financial details with any 3rd parties
2. Who we are
Here are the details that the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, known as General Data Protection Regulation (GDPR) says we have to give you as a 'data controller':
- Our site address is www.immunology.org
- Our company name is British Society for Immunology
- Our registered address is 9 Appold Street, London, EC2A 2AP
- Our nominated representative is the Finance Director, Otto Balsiger and they can be contacted at firstname.lastname@example.org
3. What we may collect
We may collect and process the following data about you:
- Information you put into forms or surveys on our site at any time
- A record of any correspondence between us
- Details of transactions you carry out through our site
- Details of your visits to our site and the resources you use
- Information about your computer (e.g. your IP address, browser, operating system, etc.) for system administration
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
a) you have given consent to the processing of your personal data for one or more specific purposes;
b) processing is necessary for the performance of a contract/agreement to which you are a party or in order to take steps at the request of you prior to entering into a contract/agreement;
c) processing is necessary for compliance with a legal obligation to which we are subject;
d) processing is necessary to protect the vital interests of you or of another natural person;
e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
f) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party such as our credit card payment processing, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
If you do not give us your consent to continue processing of your personal information in this way within 30 days from the date of our communication seeking to obtain your consent or if you respond to us saying that you do not give your consent, we will delete your details from our systems, typically within 14 days. In the absence of your consent and up to the point of either obtaining your consent or erasure of your personal information received in this way, we will process your personal information on the basis of our legitimate interest to receive information and process nominations and your legitimate interest to become a nominee.
We believe that receiving and keeping of personal information on nominees from third parties is necessary in order to achieve these legitimate interests and the potential intrusiveness is minimal, taking into account that work-related personal data is processed and we will take measures outlined in this paragraph to contact you within a certain timeframe with the information we require to give you as a data controller where we receive your personal information from third parties, your opportunity to object and our process to delete your personal information within a certain timeframe in the absence of consent from you.
5. How we use what we collect
We use information about you to:
- to deal with your requests and/or enquiries;
- to carry out analysis, improve the quality of our services and ensure that content from our site is presented in the most effective manner for you and for your computer;
- to maintain our records for administrative purposes;
- to track use of web pages;
- to protect our site against unauthorised access;
- to comply with statutory and/or regulatory obligations;
- to carry out our obligations arising from any contracts/agreements entered into between you and us and to provide you with the information, products and services that you request from us;
- to provide you with information about other services we offer that are similar to those that you have already purchased or enquired about and to send you information that we believe may be of interest to you;
- to notify you about changes to our service;
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
If you don't want to be contacted with further information on the work of the British Society for Immunology, including our news, journals and events or receive mailings from corporate and other organisations, please email email@example.com or, if you are a member, login to your account and tick the relevant box/es in your communications preferences.
In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section, you can let us know at any time by contacting us at firstname.lastname@example.org, and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible services to you.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don’t provide your personal data in these cases.
6. Where we store your data
Our systems operate secure data networks protected by industry standard firewall and password protection systems. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We periodically review our security and privacy policies and update them as necessary.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. We only keep your personal data for as long as we need to in order to use it as described above in section 5, and/or for as long as we have your permission to keep it, and in accordance with our data retention policies. In any event, we will conduct an annual review to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.
7. Disclosing your information
We are allowed to disclose your information in the following cases:
- We can disclose it to other businesses in our group.
- We can disclose it if we have a legal obligation to do so, or in order to protect other people's property, safety or rights.
- We can exchange information with others to protect against fraud or credit risks.
We may contract with third parties to supply services to you on our behalf. These may include payment processing, search engine facilities, provision of IT services, distribution of materials and publications, advertising and marketing. In some cases, the third parties may require access to some or all of your data.
This information will always be provided with a prohibition on use other than for the purpose for which it is specifically provided.
Please contact email@example.com if you require further information on third parties that have access to your information.
Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.
8. Your rights
You can ask us not to use your data for marketing. To do this, please email firstname.lastname@example.org, log in to your account and tick the relevant box/es in your communications preferences, or by contact us at any time by writing to Otto Balsiger, British Society for Immunology, 9 Appold Street, London, EC2A 2AP.
Under the GDPR, you have the right to:
- request access to, deletion of or correction of, your personal data held by us at no cost to you;
- request that your personal data be transferred to another person (data portability);
- be informed of what data processing is taking place;
- restrict processing;
- to object to processing of your personal data; and
- complain to a supervisory authority.
9. Links to other sites
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our site. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
11. Automated decision-making and profiling
The BSI does not currently process data in a way which constitutes automated decision making.
For any enquiries please contact: Otto Balsiger, British Society for Immunology, 9 Appold Street, London, EC2A 2AP; or email email@example.com.
This policy was last updated in May 2019.