The British Society of Allergy and Clinical Immunology (BSACI) is a membership organisation. We are a registered charity whose aim is to support our members and those who work in the field of allergy and clinical immunology, to provide the best care and achieve the best outcomes for patients. In the course of our work, we both collect and process personal data, that is, information which identifies a living person, or which can be identified as relating to a living person.
This Privacy Policy sets out how the BSACI collects, stores and uses information about you when you interact with us.
We only store data on individuals which has been given to us by the individuals themselves. This may be when they register for membership of the Society, a BSACI course or conference to receive general information from us, or when using our website.
The BSACI is protecting the rights and freedoms of data subjects and safely and securely processing their data in accordance with all of our legal obligations.
The British Society of Allergy and Clinical Immunology is a membership organisation. We both collect and process personal data, that is, information which identifies a living person, or which can be identified as relating to a living person.
The British Society for Allergy and Clinical Immunology (BSACI), Studio 16, Cloisters House, 8 Battersea Park Road, London, SW8 4BG.
We require your data to be able to administer your membership/event attendance and provide the membership services you are signing up to when you apply for membership/book attendance at an event. Our lawful basis for processing your personal data is that we have a contractual obligation to you as a member/non-member to provide the services you are registering for.
We use your personal data for administrative and business purposes (particularly to contact you), to process your membership, send you membership email communications, to improve our business and website to analyse your use of our website and in connection with our legal rights and obligations. We share your allergy service and contact details on the BSACI Find a Clinic directory service on our website, where this has been requested by you.
We only store data on individuals which has been given to us by the individuals themselves. This may be when registering for membership of the Society, a BSACI course or conference or to receive general information from us, or when using our website.
The information we routinely collect includes:
The BSACI may share your data with the below companies in order to provide you with some of your membership benefits or for membership processing:
The BSACI does not sell your information to third parties, nor do we buy information.
Our membership database is hosted through Sheep CRM. Sheep and the BSACI are committed to data security and have entered into a contract to make sure your personal data is kept safe and secure in line with all data protection legislation. All BSACI Data is stored within the European Economic Area as per the Data Protection Act 2018. Data is encrypted and security and disaster recovery measures are in place to ensure that all data is secure.
All website traffic is secured using appropriate technical and organisational measures such as storing your information on secure servers, encrypting transfers of data to or from our servers using Secure Sockets Layer (SSL) technology, encrypting payments you make on or via our website using Secure Sockets Layer (SSL) technology, only granting access to your information where necessary and, where necessary password protecting certain information to ensure information cannot be intercepted.
Conference/Course bookings are stored by third parties who process bookings on our behalf.
Additional data, for example, awards information, conference/course attendance information is stored on office computers that are password protected and can be wiped remotely. BSACI files stored on BSACI Computers are continuously backed up to the cloud via Microsoft One Drive.
Any written documents are stored safely and securely in lockable cabinets. Shredding of documents is carried out in our office.
We normally keep members’ data after they resign or their membership lapses. This is because we find members sometimes later wish to re-join. However, we will delete any former members’ contact details entirely on request.
Historical prize lists and research are required for archiving purposes and names cannot be removed from them. Similarly, archived news articles, whether on the website or in BSACI’s Allergy Update (both printed or online), will not usually be deleted.
Other data, such as that relating to accounting or personnel matters, are kept for at least the legally required or recommended period.
Personal data processed from non-member enquiries shall be kept for purposes of responding to or providing the service or information requested. After attendance at one of our events, attendees will be sent a follow up email asking if they wish to be sent information relating to events in the future.
You also have the right to lodge a complaint with us or the Information Commissioner’s Office (ICO), the supervisory authority for data protection issues in England and Wales.
Our Data Protection Officer can be contacted by email and post at the following addresses:
Data Protection Officer
The British Society of Allergy and Clinical Immunology
Studio 16 Cloisters House
8 Battersea Park Road
London
SW8 4BG
Email: [email protected]
By becoming a member of BSACI, you are consenting to the processing of your data as outlined in this privacy policy.
By supplying your personal data to BSACI via any other means, you are consenting to the processing of your data as outlined in this privacy policy.
You may ask that any photograph of you that appears on the website be deleted by contacting [email protected].
Once you have resigned your membership or it has lapsed, you may ask for your data to be deleted by contacting [email protected].
You have the right to have inaccurate personal data rectified and to access information held about you. If you are interested in any particular aspects, specifying them will help us to provide you with what you need quickly and efficiently. We are required to provide this to you within one month, or if complex, a further two months.
When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small text files known as cookies. They cannot be used to identify you personally, cannot carry viruses, or install malware.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser, and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies can be used by web servers to identify and track users as they navigate different pages on a website, and to identify users returning to a website.
Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date.) A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
For more information about cookies or if you would like to learn how to remove cookies set on your device, visit: www.aboutcookies.org.
Below is a full list of all cookies used on the BSACI Website
| Cookie | Purpose | Expiry |
| wordpress_logged_in_ | WordPress cookie for a logged in user. The cookie is set as: wordpress_logged_in_ followed by a hash of numbers. | End of browser session |
| wordpress_sec_ | To provide protection against hackers, store account details. The cookie is set as: wordpress_sec_ followed by a hash of numbers. 2 of these cookies are set, one for the /wp-admin and one for /wp-content/plugins because All logged in users use resources from wp-admin and plugins, not just admins. The cookies are for keeping track of the logged in user’s authorization to access each resource. If a visitor does not log in, no cookies are set at all by default. | End of browser session |
| wordpress_test_cookie | WordPress sets a cookie named wordpress_test_cookie to check if the cookies are enabled on the browser to provide appropriate user experience to the users. This cookie is used on the front-end, even if you are not logged in. | End of browser session |
| wp-settings-1 | WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. | 1 year from set/update
|
| wp-settings-time-1 | WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the user’s database table. This is used to customize your view of admin interface, and possibly also the main site interface. | 1 year from set/update |
| wpe-auth | This cookie is set by WP Engine to keep users logged in. | End of browser session
|
| wpsl_attrs | This cookie is set when the user searches for a clinic. | 24 hours from set |
| PHPSESSID | To identify your unique session on the website. | At end of session |
| __utma | Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
| 2 Years |
| __utmb | Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
| 30 Mins |
| __utmc | Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
| End of browser session |
| __utmt | Used to throttle request rate.
| 10 Mins |
| __utmz | Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
| 6 Months |
| _ga_L1W4EFKJ1Z | This cookie is used by Google Analytics to persist session state. | 1 year 1 month |
| _ga | This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. | 1 year 1 month |
| vuid | These cookies are used by the Vimeo video player on websites. | 1 year 1 month |
| YSC | This cookie is set by YouTube to track views of embedded videos. | Session |
From time to time we conduct online customer surveys, using Survey Monkey. Survey Monkey uses cookies to make their surveys work properly. More information about Survey Monkey’s cookies can be found here
We use these for the purposes of analysing website traffic. For instance: To evaluate site performance in terms of number of visits, unique visitors, drop-off rate for transactions etc. We measure numbers and volumes of visitors to different parts of our site and this helps us ensure the service is fast and available when you want it. It also helps us ensure that different pages on our site are useful and easy to find. The following links will give you further information on how this is done and how you can opt out of such tracking.
Google Analytics Cookie Usage on Websites
How to opt out of Google Analytics
By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site if the particular settings you have chosen disables functionality our website relies on to display properly.
If you have a concern, or question about this privacy policy or the way BSACI has handled your data, please contact [email protected]
If you contact us by phone you may be asked to verify information so that we can identify you as a customer.
Any changes we may make to our privacy policy will be posted on this page and, where appropriate, notified to you by email.
Reviewed November 2023