Privacy Policy

The British Society of Allergy and Clinical Immunology is a membership organisation. We are a registered charity whose aim is to support our members and those who work in the field of allergy and clinical immunology, to provide the best care and achieve the best outcomes for patients. In the course of our work we both collect and process personal data, that is, information which identifies a living person, or which can be identified as relating to a living person.

This Privacy Policy sets out how we, The British Society for Allergy and Clinical Immunology (BSACI), collect, store and use information about you when you interact with us.

We only store data on individuals which has been given to us by the individuals themselves.  This may be when they register for membership of the Society, a BSACI course or conference or to receive general information from us, or when using our website.

The British Society for Allergy and Clinical Immunology (BSACI) is protecting the rights and freedoms of data subjects and safely and securely processing their data in accordance with all of our legal obligations

Who are the BSACI?

The British Society of Allergy and Clinical Immunology is a membership organisation. We both collect and process personal data, that is, information which identifies a living person, or which can be identified as relating to a living person.

Who is the Data Controller?

The British Society for Allergy and Clinical Immunology (BSACI), Studio 16, Cloisters House, 8 Battersea Park Road, London, SW8 4BG.

Why we need your personal data

We require your data to be able to administer your membership/event attendance and provide the membership services you are signing up to when you apply for membership/book attendance at an event.  Our lawful basis for processing your personal data is that we have a contractual obligation to you as a member/non-member to provide the services you are registering for.

How we use your personal data

We use your personal data for administrative and business purposes (particularly to contact you), to process your membership, send you membership email communications, to improve our business and website to analyse your use of our website and in connection with our legal rights and obligations. Sharing of your allergy service and contact details onto the BSACI Allergy Service Finder on our website, where this has been requested by you.

The Personal Data We Collect

We only store data on individuals which has been given to us by the individuals themselves. This may be when registering for membership of the Society, a BSACI course or conference or to receive general information from us, or when using our website.

The information we routinely collect includes:

  • Name, home addresses, email addresses and date of birth, gender, ethnicity and telephone numbers
  • Professional details such as: job title, work address, services you provide (for our online website ‘Find a clinic’ directory)
  • IP address, information from cookies, information about your computer or device, information about how you have used our website, geographical location
  • Financial details such as: credit card and bank details
  • Main specialty details
  • Membership and event participation information including booking and payment information.
  • Other information which would be reasonably necessary for a provider of membership, events and training services to collect about members, course participants and non-members who attend BSACI events.
Reasons for processing your data and who we share it with
  • Administration and processing of your membership subscription, ensuring you receive all the membership benefits you are eligible to receive.
  • Communicating and keeping you up-to-date with relevant news and Society information.
  • Enabling you to receive member discounts, promotions or offers from third parties, including confirming to that third party that you are a member of BSACI, where there is a condition for the discount, promotion or offer.
  • To help improve the website so that the content is presented in the most effective manner to you and for your computer.
  • To provide statistical information to BSACI Council members and the AGM so that they are aware of the current and past status’ of budgeting, new members, lapsed members, membership demographics/roles, enabling them to review, plan and improve membership benefits and the service the Society provides to its members/
  • Sharing of award applications to BSACI Council, the judging of these and announcing successful applicants via the website, E-News and Allergy Update.
  • Sharing of your allergy service and contact details onto the BSACI Allergy Service Finder on our website, where this has been requested by you.
  • If you attend a BSACI course/conference we will provide your name, institution and job role only to exhibitors at the event if you have previously given us permission for us to do so. We do not share your personal data with other third parties for commercial or marketing purposes.
  • We do not share your data with enquirers to the BSACI office without your prior permission.
  • BSACI reserves the right to disclose your personal data to comply with any legal obligation.
Disclosure of your information to third parties: 

The BSACI may share your data with the below companies in order to provide you with some of your membership benefits or for membership processing:

  • The World Health Organisation.  View their policy here
  • Medivents (BSACI Conference Partner)
  • Sheep CRM (BSACI Database Provider) View their policy here
  • European Academy of Allergy and Clinical Immunology. View their policy here
  • GoCardless (direct debit provider) View their policy here
  • Stripe (Online Credit Card Provider). View their policy here
  • Ctec Systems Ltd (IT support)

The BSACI do not sell your information to third parties, and we do not buy information either

Where we store our data

Our membership database is hosted through Sheep CRM. Sheep and BSACI are committed to data security and have entered into a contract to make sure your personal data is kept safe and secure in line with all data protection legislation. All BSACI Data is stored within the European Economic Area as per the data protection act. Data is encrypted and security and disaster recovery measures are in place to ensure that all data is secure. 

All website traffic is secured using appropriate technical and organisational measures such as storing your information on secure servers, encrypting transfers of data to or from our servers using Secure Sockets Layer (SSL) technology, encrypting payments you make on or via our website using Secure Sockets Layer (SSL) technology, only granting access to your information where necessary and, where necessary password protecting certain information to ensure information cannot be intercepted.

Conference/Course bookings are stored by third parties who process bookings on our behalf.

Additional data, for example, awards information, conference/course attendance information is stored on office computers that are password protected and can be wiped remotely. BSACI files stored on BSACI Computers are continuously backed up to the cloud via Microsoft one drive.

Any written documents are stored safely and securely in lockable cabinets. Shredding of documents is carried out in our office.

How long we keep your data for

We normally keep members’ data after they resign or their membership lapses.  This is because we find members sometimes later wish to re-join.  However, we will delete any former members’ contact details entirely on request.

Historical prize lists and research are required for archiving purposes and names cannot be removed from them.  Similarly, archived news articles, whether on the website or in BSACI’s Allergy Update (both printed or online), will not usually be deleted.

Other data, such as that relating to accounting or personnel matters, are kept for at least the legally required or recommended period.

Personal data processed from non-member enquiries shall be kept for purposes of responding to or providing the service or information requested. After attendance on one of our events, attendees will be sent a follow up email asking if they wish to be sent information relating to events in the future.

  • Your rights in relation to your information:
    • To access your information and to receive information about its use
    • To have your information corrected and/or completed
    • To have your information deleted
    • To restrict the use of your information
    • To receive your information in a portable format
    • To object to the use of your information
    • To withdraw your consent to the use of your information
    • To complain to a supervisory authority
How can you ask for data to be removed?

By becoming a member of BSACI, you are consenting to the processing of your data as outlined in this privacy policy.

By supplying your personal data to BSACI via any other means, you are consenting to the processing of your data as outlined in this privacy policy.

You may ask that any photograph of you that appears on the website be deleted by contacting info@bsaci.org

Once you have resigned your membership or it has lapsed, you may ask for your data to be deleted by contacting membership@bsaci.org

How you can check what data we have about you

You have the right to have inaccurate personal data rectified and to access information held about you. If you are interested in any particular aspects, specifying them will help us to provide you with what you need quickly and efficiently. We are required to provide this to you within one month, or if complex, a further two months.

Cookies on the BSACI Website

When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small text files known as cookies. They cannot be used to identify you personally, cannot carry viruses, or install malware

What is a Cookie?

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser, and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies can be used by web servers to identity and track users as they navigate different pages on a website, and to identify users returning to a website.

Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

For more information about cookies or if you would like to learn how to remove cookies set on your device, visit: http://www.aboutcookies.org.

Cookies used on this website

Below is a full list of all cookies used on the BSACI Website

Cookie Purpose Expiry
wordpress_logged_in_ WordPress cookie for a logged in user. The cookie is set as: wordpress_logged_in_ followed by a hash of numbers. End of browser session
wordpress_sec_ To provide protection against hackers, store account details. The cookie is set as: wordpress_sec_ followed by a hash of numbers. 2 of these cookies are set, one for the /wp-admin and one for /wp-content/plugins because All logged in users use resources from wp-admin and plugins, not just admins. The cookies are for keeping track of the logged in user’s authorization to access each resource. If a visitor does not log in, no cookies are set at all by default. End of browser session
wordpress_test_cookie WordPress sets a cookie named wordpress_test_cookie to check if the cookies are enabled on the browser to provide appropriate user experience to the users. This cookie is used on the front-end, even if you are not logged in. End of browser session
wp-settings-1 WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. 1 year from set/update

 

wp-settings-time-1 WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the user’s database table. This is used to customize your view of admin interface, and possibly also the main site interface. 1 year from set/update
wpe-auth This cookie is set by WP Engine to keep users logged in. End of browser session

 

wpsl_attrs This cookie is set when the user searches for a clinic. 24 hours from set
PHPSESSID To identify your unique session on the website. At end of session
__utma Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.

 

2 Years
__utmb Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.

 

30 Mins
__utmc Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.

 

End of browser session
__utmt Used to throttle request rate.

 

10 Mins
__utmz Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.

 

6 Months

Survey Monkey

From time to time we conduct online customer surveys, using Survey Monkey. Survey Monkey uses cookies to make their surveys work properly.  More information about Survey Monkey’s cookies can be found here

Google Analytics:

We use these for the purposes of analysing website traffic. For instance: To evaluate site performance in terms of number of visits, unique visitors, drop-off rate for transactions etc. We measure numbers and volumes of visitors to different parts of our site and this helps us ensure the service is fast and available when you want it. It also helps us ensure that different pages on our site are useful and easy to find. The following links will give you further information on how this is done and how you can opt out of such tracking.

Google’s Privacy Policy

Google Analytics Cookie Usage on Websites

How to opt out of Google Analytics

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Can I remove or block cookies

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site if the particular settings you have chosen disables functionality our website relies on to display properly.

Contact

If you have a concern, or question about this privacy policy or the way BSACI has handled your data, please contact info@bsaci.org

If you contact us by phone you may be asked to verify information so that we can identify you as a customer.

Any changes we may make to our privacy policy will be posted on this page and, where appropriate, notified to you by email.

Reviewed December 2020

Announcement

Funding to minimize future deaths from Anaphylaxis

Read more