Conference, Training & Event Customers

Purpose

The Royal College of Physicians of Edinburgh (“RCPE” or "the College" or "College" or “us” or “we”) is committed to protecting your personal information and being transparent about any information we hold about you.

Using personal information allows us to develop a better understanding of our customers and to provide you with relevant and timely information about the work we do.

This statement explains how we collect and use the information we receive from you.

The lawful basis for obtaining and using your data

Article 6 of the EU GDPR Regulations concerns the “Lawfulness of Processing” and the following three definitions provide the legal basis for the College to process data in relation to its business

6(1) (b) – Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract

When you register to attend a conference, course or other event you are entering into a contract with us. In order to perform this contract we need to process and store your data. For example, we may need to contact you by email or telephone in the case of cancellation of an event, or if there are problems with your payment.

6(1) (f) – Necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject

For RCPE Education events we may collect and process additional personal information for purposes that are in our legitimate organisational interests and in the interest of improving the educational events we provide. However, we only do this if there is no overriding prejudice to you by using your personal information in this way.

6(1) (a) – Consent of the data subject

Personal data we collect will only be used as described here and not be shared with third parties however where the event organisers have requested that a specific third party are provided with some limited information about those registering for their event then we will request your explicit consent during the event registration process.

The data we collect

We keep a record of, and process, data when a transaction is made through our Events Calendar booking system, in person, by telephone, by email or in writing. This can include information such as your name, email address, postal address and telephone number. Any information related to payment will be processed through a secure payment gateway as soon as possible and will then be securely destroyed. We will store for a period a record of your event registration and payment record.

When we send you a mailing we store a record of this, and in the case of emails we keep a record of which ones you have opened and which links you have clicked on. When you visit our website, we collect information about how you interact with our content.

We occasionally receive information about you from third parties. For example, when an RCPE event is taking place at an external venue and where an appropriate data sharing agreement is in place.

What do we do with your data?

We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as which events you have booked to attend in the past, as well as any preferences you may have told us about.

We use our legitimate organisational interest as the legal basis for communications by post and email. In the case of postal mailings, you may object to receiving these at any time using the contact details at the end of this policy. In the case of email, we will give you an opportunity to opt in to receiving them during your first purchase with us. We will provide you with an option to unsubscribe or change your preferences in every email we send you. Alternatively you can use the contact details at the end of this policy.

We may also contact you about our work by telephone. However we will always obtain explicit consent from you to do this this. Please bear in mind that this does not apply to telephone calls that may be necessary for events you are attending or payment arrangements for those events.

Other processing activities

In addition to marketing communications, we also process personal information in the following ways that are within our legitimate organisational interests:

  • We may analyse data we hold about you to ensure that the content and timing of communications that we send are as relevant to you as possible.
  • To improve our website we may analyse information about how you use it and the content and adverts that you interact with. You may also see promotions from us on social media that are tailored to your interests.
  • To ensure membership records are up to date, we will share data with the the College Membership team.
  • For the smooth running of events, we may share data with front-of-house staff.
  • We may analyse data we hold about you in order to identify and prevent fraud.

Any credit/debit card data used to pay for an event is not stored on our Events Calendar but is processed securely through the WorldPay Payment Gateway. If you use credit or debit card to make a payment in person by telephone or by post, we will ensure that this is processed securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).

When we share your data

Your personal details and event registration data will not be shared with any external third party other than:

  • Where the College has your express consent to do so,
  • Where the College has a legal obligation,
  • We may be required to share your data with our own service providers who process data on our behalf and on our instructions, such as with providers of print services or postal mailing services. In these cases we make every effort to ensure that these third parties comply strictly with our instructions and with relevant data protection laws.

How long we keep your data

We store your personal information indefinitely so that for subsequent registrations or purchases that you make we are able to link these to a single unique record that we hold for you on our system.

How you can access your data

To access your data online and to update your preferences, please go to the Events Calendar or for College members our main website

Alternatively, you can contact the College on +44 (0)131 247 3600 (open Mondays-Fridays, 9am-5pm).

What can you do if you want to complain about how your data is being used?

The College greatly values the relationship it has with its customers and aims to resolve any issues relating to data protection informally, efficiently and amicably. We will respond quickly to any requests to change your preferences, correct errors with the data we hold, provide access to your data or, if necessary, erase your data. If any matter cannot be resolved by us for you then you may wish to discuss the issue further with the ICO (Information Commissioner’s Office).

Cookies

This website uses cookies to monitor browsing preferences We do not provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.

How we use cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

RCPE Site cookies

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Name

Purpose

Expires

has_js

Registers whether or not the user has activated JavaScript in the browser.

Session

Twitter cookies

Cookies set by twitter to discover how people are using their services and to make them work better.

https://help.twitter.com/en/rules-and-policies/twitter-cookies (link is external)

Name

Purpose

Expires

lang

Remembers the user's selected language version of a website

Session

i/jot

Pixel, a small amount of code placed by twitter to track interaction with web content.

Session

i/jot/syndication

Pixel, a small amount of code placed by twitter to track interaction with web content.

Session

r/collect

Pixel, a small amount of code placed by twitter to track interaction with web content.

Session

Google Analytics cookies

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

https://policies.google.com/technologies/cookies (link is external)

Name

Purpose

Expires

__utm.gif

Google Analytics Tracking Code that logs details about the visitor's browser and computer.

Session

__utma

Collects data on the number of times a user has visited the website as well as dates for the first and most recent visit. Used by Google Analytics.

2 years

__utmb

Registers a timestamp with the exact time of when the user accessed the website. Used by Google Analytics to calculate the duration of a website visit.

Session

__utmc

Registers a timestamp with the exact time of when the user leaves the website. Used by Google Analytics to calculate the duration of a website visit.

Session

__utmt

Used to throttle the speed of requests to the server.

Session

__utmz

Collects data on w h ere the user came from, what search engine was Used, what link was clicked and what search term was Used. Used by Google Analytics.

6 months

SiteImprove cookies

Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

https://siteimprove.com/en/privacy/cookie-notice/ (link is external)

Name

Purpose

Expires

heat.aspx

Used to determine where a user clicks on the screen.

Session

nmstat

Used to determine if the user has visited the website previously.

999 days

siteimproveses

Used to register the order of pages that the user has visited on the website.

Session

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Controlling your personal information

You may choose to restrict the collection or use of your personal information in the following ways:

  • whenever you are asked to fill in a form on the website you will be asked to indicate whether you do or do not want your personal information to be used for direct marketing purposes
  • if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time:
    • write to us at Membership, Royal College of Physicians of Edinburgh, 9 Queen Street, Edinburgh EH2 1JQ
    • email us at webmaster@rcpe.ac.uk
    • members can update their preferences within the secure membership area

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting only if you tell us that you wish this to happen.

You may request details of personal information which we hold about you under the General Data Protection Regulation. If you would like a copy of the information held on you please write to:

Data Protection Officer, Royal College of Physicians of Edinburgh, 9 Queen Street, Edinburgh EH2 1JQ.

or email dpo@rcpe.ac.uk .