Privacy Policy
The British & Irish Society for Oral Medicine (from now on referred to a “us”, “we”, “our” or “the Society”) operates https://bisom.org.uk (the “website or site”) to bring you information about our Society, our events and a range of resources and research which encourage best practice in oral medicine.
This privacy policy page provides you with information about how we collect, use and disclose of any Personal Information you provide when using our website.
Our remit is to use the personal information you provide to improve your experience of the website and to manage member areas of the site. We are committed to holding your data securely, only sharing it if you agree to this and giving you as much control as possible about how you update, delete and access your data.
The information we collect from you
While using our website, we may ask you to provide us with certain information which is personally identifiable. This may include, but is not limited to, your name and email address, mobile phone number and GDC number (“Personal Information”).
This applies in particular to anyone who is a member of the Society or anyone who registers to attend events or receive job opportunity information.
Becoming a member online provides you with an array of options to make payments, manage these options and access or contribute to resources and research.
We organise the site in this way so we can run the Society efficiently and contact you with updates and links to claim your associated CPD.
How long is your information stored?
Your personal information is stored for as long as you are a member of the Society.
Information is gathered when you book on to our events. This is stored to ensure that certificates can be provided for you and information about your attendance can be forwarded to the appropriate awarding bodies. We also add your details to our mailing list which is used to inform you of future CPD events. You can unsubscribe from this list at any time and your details will be erased.
We undertake a regular audit of the personal information we hold and use this to ensure that we store information securely and monitor how it is used and shared.
We also store Log Data
As is common practice, we store information on the visits people make to our website. This is carried out by collecting information that your browser sends whenever you visit our website (“Log Data”) using Google Analytics. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
We use the information provided by Google Analytics and Log Data to see how effective our website is and how to make changes to improve your experience. Google Analytics provides options to limit the amount of time data is retained and these are currently set to 26 months.
The legal basis for holding your details
We hold details which relate to your membership of the Society as well as your attendance at events. Because of this we have a legitimate reason for keeping a record to satisfy your CPD and GDC requirements. All of your details are stored with password protection and managed by a designated data controller. You have a right (see below) to ask for your details and also for these to be deleted and forgotten and you can do this by contacting us.
Your data and your right to access Personal Information
The storage of your Personal Information is important to us. We respect your right to privacy and your right to access information held about you.
You have the right, under the GDPR, to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request a correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request erasure of your personal information, ensuring your ‘right to be forgotten’. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below). You should be aware that, for legal reasons, we may be unable to erase certain information.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you would like to make a request, please email us at secretary@bisom.org.uk and we will answer and deal with your request within fourteen working days. You will not have to pay a fee to access your personal information. However, we may have to charge a small fee if your request for access is deemed to be unfounded or excessive.
Security
The security of your Personal Information is of vital importance to us. All users of the internet should have confidence in accessing and sharing information.
However it is important to understand that no method of transmission over the Internet, or method of electronic storage, is 100% secure. We have set up a series of safeguards and complied with current regulations to protect your Personal Information, but we cannot guarantee its absolute security.
In the event of a breach of security we pledge to notify you within three days of its discovery with a plan of action to help you to take any necessary steps if your data has been compromised.
Communicating with you
We promise that we will only use your Personal Information to contact you with emails, newsletters and information about the British & Irish Society for Oral Medicine, our events and activities. There is a professional requirement for you to undertake CPD to enhance your day-to-day practice and benefit patients so we will send emails to you to alert you of what can be considered legitimate opportunities to engage with these aspects of your profession.
MailChimp
Your name and email address will be stored securely with our email provider MailChimp on servers in the United States. MailChimp may not supply this information to third parties unless there is a legal obligation to do so.
The details
MailChimp has certified their agreement to EU/US and Swiss Safe Harbor Frameworks since 2007. Since the Safe Harbor Frameworks have been replaced by the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, they have certified their agreement with these Privacy Shield Frameworks. To find out more please view MailChimp’s Privacy Policy.
MailChimp lawfully transfers EU/EEA personal data to the U.S. pursuant to our Privacy Shield Certification. MailChimp also complete a SOC II Type 2 examination on an annual basis for the Trust Principal Criteria of Security, Processing Integrity, Confidentiality, and Availability.
The Society has signed a Data Processing Agreement with MailChimp in order to meet the requirements of the GDPR. This permits us to continue to lawfully transfer EU personal data to MailChimp and permits MailChimp to continue to lawfully receive and process that data so we can send you newsletters about activities which are of interest to dental professionals.
Stripe payment gateway
We take online payments for your membership and one-off events using the Stripe payment gateway. Stripe’s services in Europe are provided by a Stripe affiliate—Stripe Payments Europe Limited (“Stripe Payments Europe”)-an entity located in Ireland. In providing Stripe Services, Stripe Payments Europe transfers personal data to Stripe, Inc. in the US.
To ensure that your personal data is adequately protected, Stripe have certified to the EU-U.S. and Swiss-U.S. Privacy Shield Framework. View the Stripe Privacy Policy.
In addition to Privacy Shield, Stripe continues to employ additional compliance measures to ensure an adequate level of protection of personal data transferred outside the European Economic Area.
Cookies
Cookies are files with small amounts of data which are generated when you click on a site or specific pages in a site. The data gathered may include what is known as an anonymous unique identifier. The identifier identifies the action taken, not you, which is why they are called anonymous.
The cookies we use are sent to your browser and stored on your computer’s hard drive. This information is used by your browser to remember the pages you have visited so that when you return to the site you can do this more quickly and efficiently.
How the Society uses cookies
The Society use cookies for the following purposes: to enable certain functions of the Service, to provide analytics we use Google Analytics cookies, and to store your preferences we use session cookies.
The session cookies are essential for providing an appropriate shopping experience. It ensures that the site remembers when you have added something to your basket in order to keep shopping or check out and make your payment. The session cookie we use is:
wp_woocommerce_session
Cookies for analytical purposes
The Society uses Google Analytics, a web analysis service provided by Google Inc. (“Google”) for statistical purposes. This service uses cookies (both persistent and session) to analyse how visitors use our website. The information generated by the cookies concerning your use of our website (including your IP address, time of visit to the site, the type of browser that you use, the pages you consult and the files you download) is transferred to and archived by Google on servers in the United States.
Google uses this information to create reports on the website activity for us. Google may not supply this information to third parties unless there is a legal obligation to do so. Google will not combine your IP address with other data at its disposal. By using our website, you consent to the processing of the information by Google in the manner and for the purposes as described above. The Google cookies are:
_ga
_gat
_gid
Google complies with the Safe Harbor principles and subscribes to the Safe Harbor programme operated by the U.S. Department of Commerce.
In the event that you do not wish data on your website visit to be forwarded to Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on.
You will find further information in Google Analytic’s privacy policy.
Third-party cookies
In addition to our own cookies, we use Stripe as our payment gateway. In order to make payments you will need to accept the following Stripe cookies:
__stripe_mid
__stripe_sid
What are your choices regarding cookies
If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.
Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features of our website.
Where can your find more information about cookies
You can learn more about cookies and the following third-party websites:
All About Cookies: http://www.allaboutcookies.org/
Your Online Choices: http://www.youronlinechoices.com/
Changes To This Privacy Policy
This Privacy Policy is effective as of 1 May 2019. If we make any changes in its provisions in the future, these will be updated with the date they are changed and will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Policy at any time so we recommend checking this Privacy Policy periodically. Your continued use of the Service after we post any modifications on this page is taken as an acknowledgment of the changes and that you consent to abide and be bound by the modified Privacy Policy.
If we do make any material – significant – changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.
Contact Us
If you have any questions about this Privacy Policy, please contact secretary@bisom.org.uk. You can also contact us if you have any queries about your personal data. We will endeavour to answer your query as soon as possible.