The British Society of Allergy and Clinical Immunology is a membership organisation. We are a registered charity whose aim is to support our members and those who work in the field of allergy and clinical immunology, to provide the best care and achieve the best outcomes for patients. In the course of our work we both collect and process personal data, that is, information which identifies a living person, or which can be identified as relating to a living person.
This Privacy Policy sets out how we, The British Society for Allergy and Clinical Immunology (BSACI), collect, store and use information about you when you interact with us.
We only store data on individuals which has been given to us by the individuals themselves. This may be when they register for membership of the Society, a BSACI course or conference or to receive general information from us, or when using our website.
The British Society for Allergy and Clinical Immunology (BSACI) is protecting the rights and freedoms of data subjects and safely and securely processing their data in accordance with all of our legal obligations
The British Society of Allergy and Clinical Immunology is a membership organisation. We both collect and process personal data, that is, information which identifies a living person, or which can be identified as relating to a living person.
Who is the Data Controller?
The British Society for Allergy and Clinical Immunology (BSACI), Studio 16, Cloisters House, 8 Battersea Park Road, London, SW8 4BG.
We require your data to be able to administer your membership/event attendance and provide the membership services you are signing up to when you apply for membership/book attendance at an event. Our lawful basis for processing your personal data is that we have a contractual obligation to you as a member/non-member to provide the services you are registering for.
How we use your personal data
We use your personal data for administrative and business purposes (particularly to contact you), to process your membership, send you membership email communications, to improve our business and website to analyse your use of our website and in connection with our legal rights and obligations. Sharing of your allergy service and contact details onto the BSACI Allergy Service Finder on our website, where this has been requested by you.
We only store data on individuals which has been given to us by the individuals themselves. This may be when registering for membership of the Society, a BSACI course or conference or to receive general information from us, or when using our website.
The information we routinely collect includes but is not limited to:
The BSACI may share your data with the below companies in order to provide you with some of your membership benefits or for membership processing:
The BSACI do not sell your information to third parties, and we do not buy information either
Our membership database is hosted through Sheep CRM. Sheep and BSACI are committed to data security and have entered into a contract to make sure your personal data is kept safe and secure in line with all data protection legislation. All BSACI Data is stored within the European Economic Area as per the data protection act. Data is encrypted and security and disaster recovery measures are in place to ensure that all data is secure.
All website traffic is secured using appropriate technical and organisational measures such as storing your information on secure servers, encrypting transfers of data to or from our servers using Secure Sockets Layer (SSL) technology, encrypting payments you make on or via our website using Secure Sockets Layer (SSL) technology, only granting access to your information where necessary and, where necessary password protecting certain information to ensure information cannot be intercepted.
Conference/Course bookings are stored by third parties who process bookings on our behalf.
Additional data, for example, awards information, conference/course attendance information is stored on office computers that are password protected and can be wiped remotely. BSACI files stored on BSACI Computers are continuously backed up to the cloud via Microsoft one drive.
Any written documents are stored safely and securely in lockable cabinets. Shredding of documents is carried out in our office.
We normally keep members’ data after they resign or their membership lapses. This is because we find members sometimes later wish to re-join. However, we will delete any former members’ contact details entirely on request.
Historical prize lists and research are required for archiving purposes and names cannot be removed from them. Similarly, archived news articles, whether on the website or in BSACI’s Allergy Update (both printed or online), will not usually be deleted.
Other data, such as that relating to accounting or personnel matters, are kept for at least the legally required or recommended period.
Personal data processed from non-member enquiries shall be kept for purposes of responding to or providing the service or information requested. After attendance on one of our events, attendees will be sent a follow up email asking if they wish to be sent information relating to events in the future.
By becoming a member of BSACI, you are consenting to the processing of your data as outlined in this privacy policy.
By supplying your personal data to BSACI via any other means, you are consenting to the processing of your data as outlined in this privacy policy.
You may ask that any photograph of you that appears on the website be deleted by contacting [email protected]
Once you have resigned your membership or it has lapsed, you may ask for your data to be deleted by contacting [email protected]
You have the right to have inaccurate personal data rectified and to access information held about you. If you are interested in any particular aspects, specifying them will help us to provide you with what you need quickly and efficiently. We are required to provide this to you within one month, or if complex, a further two months.
When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small text files known as cookies. They cannot be used to identify you personally, cannot carry viruses, or install malware
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser, and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies can be used by web servers to identity and track users as they navigate different pages on a website, and to identify users returning to a website.
Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
For more information about cookies or if you would like to learn how to remove cookies set on your device, visit: http://www.aboutcookies.org.
Below is a full list of all cookies used on the BSACI Website
Cookie | Purpose | Expiry |
wordpress_logged_in_ | WordPress cookie for a logged in user. The cookie is set as: wordpress_logged_in_ followed by a hash of numbers. | End of browser session |
wordpress_sec_ | To provide protection against hackers, store account details. The cookie is set as: wordpress_sec_ followed by a hash of numbers. 2 of these cookies are set, one for the /wp-admin and one for /wp-content/plugins because All logged in users use resources from wp-admin and plugins, not just admins. The cookies are for keeping track of the logged in user’s authorization to access each resource. If a visitor does not log in, no cookies are set at all by default. | End of browser session |
wordpress_test_cookie | WordPress sets a cookie named wordpress_test_cookie to check if the cookies are enabled on the browser to provide appropriate user experience to the users. This cookie is used on the front-end, even if you are not logged in. | End of browser session |
wp-settings-1 | WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. | 1 year from set/update
|
wp-settings-time-1 | WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the user’s database table. This is used to customize your view of admin interface, and possibly also the main site interface. | 1 year from set/update |
wpe-auth | This cookie is set by WP Engine to keep users logged in. | End of browser session
|
wpsl_attrs | This cookie is set when the user searches for a clinic. | 24 hours from set |
PHPSESSID | To identify your unique session on the website. | At end of session |
__utma | Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
|
2 Years |
__utmb | Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
|
30 Mins |
__utmc | Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
|
End of browser session |
__utmt | Used to throttle request rate.
|
10 Mins |
__utmz | Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
|
6 Months |
Survey Monkey
From time to time we conduct online customer surveys, using Survey Monkey. Survey Monkey uses cookies to make their surveys work properly. More information about Survey Monkey’s cookies can be found here
Google Analytics:
We use these for the purposes of analysing website traffic. For instance: To evaluate site performance in terms of number of visits, unique visitors, drop-off rate for transactions etc. We measure numbers and volumes of visitors to different parts of our site and this helps us ensure the service is fast and available when you want it. It also helps us ensure that different pages on our site are useful and easy to find. The following links will give you further information on how this is done and how you can opt out of such tracking.
Google Analytics Cookie Usage on Websites
How to opt out of Google Analytics
By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Can I remove or block cookies
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site if the particular settings you have chosen disables functionality our website relies on to display properly.
If you have a concern, or question about this privacy policy or the way BSACI has handled your data, please contact [email protected]
If you contact us by phone you may be asked to verify information so that we can identify you as a customer.
Any changes we may make to our privacy policy will be posted on this page and, where appropriate, notified to you by email.
Reviewed December 2020