Privacy Policy
Table of Contents
- Anaesthetic Research Society Data Privacy Notice
- Overview
- Data we Hold
- Introduction
- Types of Personal Data we Collect
- Purposes for Processing Personal Data
- Legal Basis for Processing Personal Data
- Who we Share your Personal Data with
- Data Retention
- ARS Website
- Use of Cookies by the ARS
- Your Rights
- About this Data Privacy Notice
Anaesthetic Research Society Data Privacy Notice
Overview
The Anaesthetic Research Society (ARS) ("we" or "us" or "the Society") is committed to data protection and data privacy. Following the General Data Protection Regulation (GDPR) becoming enforceable on 25 May 2018, we have reviewed our operations and the way we handle and use data.
The Anaesthetic Research Society is the Data Controller; website www.ars.ac.uk; email: anaestheticresearchsociety@gmail.com
Data we Hold
We have no employees. We have officers of our charity who execute the articles and objectives of our Society. Occasionally, individuals can also volunteer to support us in delivering our charitable aims and objectives. We hold personal data on our officers and members to meet legal obligations and to perform vital internal functions.
As part of our work, we host educational and academic meetings and symposia. Individuals can become members of our Society (by application), or attend our events without membership. We are also invited to review grant, bursary and academic award applications. Our activities are therefore relevant to:
- Members of the ARS ("the Member")
- Non-members who attend our meetings or participate in the functions of the Society ("the Participants")
ARS donors may be individuals (Members or Participants) or corporate donors (e.g. grant funding bodies, industry). We may hold details of the names and addresses of our individual donors which may include confirmation that they are UK tax payers.
This notice details the personal data we may retain, process and share with third parties and for vital operations of our charity. We are committed to ensuring that any personal information is secure, accurate and relevant. To prevent unauthorised access or disclosure, we have implemented suitable physical, electronic, and managerial procedures to safeguard and secure personal data we hold.
We do not hold physical data.
Introduction
We have issued this notice to describe how we handle personal information. We respect the privacy rights of individuals and are committed to handling personal information responsibly and in accordance with applicable law. This notice sets out the personal data that we collect and process, the purposes of the processing and the rights that data subjects have in connection with it.
If you are in any doubt regarding this notice, please contact the President of the ARS.
The current President is Dr. Ben Shelley, University of Glasgow. Email: b.shelley@clinmed.gla.ac.uk
Types of Personal Data we Collect
In relation to our officers and members, the types of personal information we may process include, but are not limited to:
- Identification data - such as name, gender, photograph, date of birth.
- Contact details - such as home and business address, telephone/email addresses, emergency contact details.
- Background information - such as academic/professional qualifications, education, CV.
In relation to the Members and Participants, the types of personal information we may process include, but are not limited to:
- Identification data - such as name, gender, photograph/video image, date of birth.
- Contact details - such as home and business address, telephone/email addresses.
- Special categories of personal data (see below).
In relation to our donors, the types of personal information we may process include, but are not limited to:
- Identification data - such as name, gender.
- Contact details - such as home address.
- Financial information - such as tax information.
Sensitive personal data ('special categories of personal data' under the General Data Protection Regulation) includes any information that reveals a data subject's racial or ethnic origin, religious, political or philosophical beliefs, genetic data, biometric data for the purposes of unique identification, trade union membership, or information about health/sex life. We will not hold such data.
Purposes for Processing Personal Data
Membership and Participation
If you apply to become a member of the ARS or attend one of our meetings, we may collect and use your personal data as specified above. This personal data may be used to determine your suitability for a specific role (membership, meeting participation, prizes and awards). The regular business of the Society is carried out by the Committee and by MoorePay (see below). Personal data held by the Society (email addresses) will only be used to advise members of Society activities, for example (but not limited to) forthcoming meetings or opportunities.
Working with Us
If you contact us to ask about getting involved in our work, we may collect and use your personal data to determine your suitability for a specific role. This includes assessing your skills, qualifications and verifying your information, carrying out reference checks or background checks (where necessary) and to generally manage getting you involved with us.
Charity Records
We collect and process personal data relating to our officers and members to comply with our legal obligations. We take the security of data seriously and are committed to being transparent about how we collect and use that data and to meeting our data protection obligations.
We collect and use this personal information for managing our legal obligations, including with the Charities Commission - for example date of birth and contact details.
Our officers are obliged to keep their personal details up to date with us and failing to provide this data may mean that we are unable to comply with our statutory obligations.
Legitimate Business Purposes
We may also collect and use personal information when it is necessary for other legitimate purposes, such as to help us conduct our charity business more effectively and efficiently - for example, for general IT security management, accounting purposes or financial planning. We may also process personal information to investigate violations of law or breaches of our own internal policies.
Legal Purposes
We may also use your personal data where we consider it necessary for complying with laws and regulations, including collecting and disclosing personal information as required by law (e.g. for tax, health and safety, anti-discrimination laws), under judicial authorisation, or to exercise or defend our legal rights.
Legal Basis for Processing Personal Data
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the way we collect it. We will normally collect personal data where we have your freely given consent to do so, or where the processing is in our legitimate interests and only where this interest is not overridden by your own interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Any processing based on consent will be made clear to you at the time of collection or use - consent can be withdrawn at any time by contacting the President of the Society.
Who we Share your Personal Data with
We take care to allow access to personal data only to those who require such access to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the data is used in a manner consistent with this notice and that the security and confidentiality of the data is maintained.
Transfers to Third Parties
We do not routinely disclose personal data that we hold to third parties. However, there are some circumstances in which we may be required to disclose personal data to third parties on other lawful grounds, including:
- To comply with our legal obligations, including where necessary to abide by law, regulation or contract, or to respond to a court order, administrative or judicial process
- In response to lawful requests by public authorities (including for national security or law enforcement purposes)
- As necessary to establish, exercise or defend against potential, threatened or actual litigation
- Where necessary to protect the vital interests of our officers, members or another person or
- With your freely given and explicit consent at your request
The ARS Accountants (and auditors if required) will not access or hold any personal data regarding ARS members.
The administration of our direct debit membership fees is handled by our payroll administrator Moorepay Ltd who hold personal data of our members in order to execute their duties and those of the ARS. Moorepay Ltd are GDPR-compliant and their privacy statement is available here: https://www.moorepay.co.uk/privacy-policy/
Data Retention
Personal data will be stored in accordance with applicable laws and kept for as long as needed to carry out the purposes described in this notice or as otherwise required by law. Generally, this means our officers and members' personal information will be retained until the end of their working relationship with us (typically termination of membership) plus a reasonable period of time thereafter to respond to inquiries or to deal with any legal matters (e.g. Charities Commission requirements).
ARS Website
When someone visits www.ars.ac.uk we use third-party services (e.g. Google Analytics) to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site in order to refine our content. This information is only processed in a way which does not identify users of the website.
Use of Cookies by the ARS
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns and does not identify any individual. We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. They help us to improve our website and to deliver a better and more personalised service. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site.
Your Rights
Data Subjects may exercise with us the rights available under data protection law as follows:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- Rights in relation to automated decision making and profiling.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. You can read more about these rights at:
To exercise any of these rights, please contact the President of the Society.
About this Data Privacy Notice
This Data Privacy Notice was considered and reviewed by the ARS Committee in November 2018.
Issues and Complaints
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This notice was drafted with clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. However, we are happy to provide any additional information or explanation needed.
If you want to make a complaint about the way we have processed your personal information, you can contact the Information Commissioner’s Office in their capacity as the statutory body which oversees data protection law - https://ico.org.uk/make-a-complaint/.
Contact Details
Please address any questions or requests relating to this notice to the President of the Society.