Under the General Data Protection Regulations 2018 (GDPR) we need to inform you of the personal data we may hold on you, how we may use it, with whom we may share it, and for how long we may keep it.
Identity of the Data Controller
West Midlands Palliative Care Physicians Society is the Data Controller for the purposes of data protection law. Contact details are shown at the end of this notice.
Legal Basis for Processing
Our legal bases for processing are articles 6.1.b (performance of a contract) and 6.1.f (the legitimate interests pursued by the data controller or a third party) of the GDPR.
We define our legitimate interest as running a website providing products and services for clinicians.
How and When We Collect Data
We may collect your personal data in the following circumstances:
· When you give it to us directly, for example when you purchase a product or service.
· When you access our social media.
· From publicly available sources such as your own or your employer’s websites or social media.
Categories of Personal Data
We may collect, hold and share the following personal data:
· Your name.
· Your contact details including email, telephone numbers, postal address, Skype username,
social media and messaging service usernames and numbers. Contact details may be
occupational (e.g. a business email address) or personal (e.g. a home landline telephone
number or personal mobile phone number).
Purpose of the Processing
We may use your personal data for the following:
· To send you information about, and to promote, the products and services we offer.
· To send you details of any offers or promotions we may run.
· To fulfil a commercial transaction, for example to deliver a product or service or to send
invoices and collect payment.
· To invite you to take part in research and to allow us to carry out that research.
· To invite you to events.
· To invite you to engage with us on social media, for example on Facebook and
· For our internal administration and to keep a record of your relationship with us.
· To analyse and monitor the performance of our business and make changes to the way we run it.
· In relation to correspondence you have sent us either by letter, email, text, social media,
message board or other means.
· To contact you about any online or social media content you provide.
· For the specific reason you gave it to us.
· To keep your personal data up to date.
· To carry out any instructions you give us regarding the processing of your personal data, for example if you ask us to cease processing.
· To use IP addresses to identify the location of users, to block disruptive use and to establish the number of visits from different countries.
· To protect our team and those with whom we work, or to prevent crime and dishonesty.
· To analyse and improve the activities and content offered by our website(s) and to provide
you with the most user-friendly navigation experience.
· We may also use and disclose data in aggregate (so that no individuals are identified) for our marketing and strategic development purposes.
We may share your personal data with the following:
· Organisations and individuals which we may employ to perform services on our behalf or help us to provide products and services.
· Organisations which help us run and improve ours service, for example doing market research, seeking feedback on our products and services and sending online and offline communications about us, our products and our services.
The GDPR gives you certain rights regarding the processing of your personal data. To help you exercise these rights we will:
· Provide, on request and free of charge, one copy of the personal data we hold on you. For
the security of your data, we may ask for proof of your identity.
· On request, rectify any inaccurate personal data we hold and complete any incomplete personal data.
· On request, and where legitimate grounds apply, restrict our processing of your personal data or erase your personal data.
You can find more information about your rights under the GDPR from the Information
Commissioners Office at www.ico.org.uk
Retention of Personal Data
We will retain your personal data for as long as we think it is reasonable to do so. The criteria we use to determine this is whether retaining your personal data will help us to pursue our Legitimate Interest. For example, we may retain your data if you continue to work in an industry or a related industry in which we also work or may work in the future.
We are committed to keeping your data secure.
We take appropriate technical measures, for example password protection and security software to help prevent unauthorised access. We regularly review who has access to data. If third parties are involved in processing your data, we carry out checks on them beforehand and have appropriate contracts and guidelines in place. Compliance is monitored at regular intervals.
Transfers to Third Countries
We may transfer your data to third countries outside the EU or to international organisations but only in circumstances where appropriate standards and safeguards are in place.
If you are unhappy with the way in which we process your personal data, please contact the Data Protection Officer using the contact form below. You have the right to lodge a complaint about how we process your personal data with the Information Commissioner. You can find more details on how to do this at www.ico.org.uk
How to get in touch
If you’d like more information, want to ask anything about this notice or if you’d like to see a copy ofyour personal data, please write to:
The Data Protection Officer
©WMPCPS. 2019. All rights reserved.