PRIVACY POLICY

(1) Who are we

The Excellence in Pediatrics Institute (EIPI) is a not-for-profit association that provides continuing medical education to a global network of pediatricians, general practitioners, pediatric nurses and other child healthcare professionals in 90 countries on five continents. EIPI aims to act as a hub for sharing the latest developments and advice with all stakeholders involved in the care of children and adolescents, aiming to facilitate an open exchange of scientific knowledge and clinical best practices. EIPI is a collaborative global network allowing members to engage in peer-to-peer learning through our online platform, enabling members to connect and work with their colleagues worldwide. Excellence in Pediatrics is open for healthcare professionals worldwide to become members and is free to join and participate. This Privacy Policy applies to all of EIP’s activities and initiatives, including The Excellence in Pediatrics Annual Conference, Other Excellence in Pediatrics Conferences, meetings and summits, The Excellence in Pediatrics Webinars and online courses, The Excellence in Pediatrics Community, The LifeCourse Immunisation Group Meeting, The Spot the Early Signs Education Program, The Excellence in Pediatrics online surveys and mapping questionnaires.

(2) Purpose

This Privacy Policy explains when and why we collect personal information about our members and other people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure. EIPI is a “data controller”. This means we are responsible for deciding how we hold and use personal information about you. Under data protection legislation, we must notify you of the information in this privacy policy. This Privacy Policy also informs you about some of your key rights under data protection laws. From 25 May 2018 onwards, you and your personal data are protected by the EU General Data Protection Regulation (which is otherwise known as GDPR) and the new United Kingdom Data Protection Act 2018. In this privacy policy, we refer to this legislation as ‘the data protection laws’. We will only process your personal data in the manner set out in our privacy policy or otherwise notified to or agreed by you or as we are otherwise permitted to do in accordance with data protection laws.

(3) Our commitment

EIPI is fully committed to handling personal information in accordance with data protection legislation and data protection and information security best practices. This means that your personal information will be processed lawfully, fairly, and transparently; Collected for specified, explicit and legitimate purposes; Only collected so far as required for our lawful purposes; As accurate and up-to-date as possible; Retained for a reasonable period of time, in accordance with retention policies; Processed in a manner which ensures an appropriate level of security. Whether through this policy or otherwise, we hope to ensure that everyone understands why we process personal information and, where we do, the rights they may have.

(4) How do we collect personal information?

We collect information about you in a central database when you use any of the following EIPI websites: EIP Institute, EIP Community, EIP Conference, Spot the Early Signs, Together, to, for example, inform about membership, committees, conferences, courses, events, surveys or if you register to receive our newsletter. In addition, like most educational organisations that handle personal information, there are various ways in which we collect information from the people we deal with, such as Email and written correspondence with the EIP Secretariat, Telephone discussions with the EIP Secretariat, Our social media pages; Application forms and other information requests; Conference Abstract Submissions; Conference Registrations; Conference Hotel Bookings. It will be obvious when we collect your personal data in nearly all instances.

(5) What personal information do we collect?

We collect information about you when you register with us or place an order for services. We also collect information when you voluntarily complete surveys and provide feedback. Website usage information is collected using cookies. For any person registering to attend one of our online educational activities, the personal data include (but are not limited to) as provided to us; Name, Organisation, Working place, Specialty, Years of experience, Contact details (such as telephone number, postal and e-mail addresses), Demographic information such as preferences and interests, Feedback on our services and educational materials, Records of enquiries, meetings and other direct engagement, Copies of physical and electronic correspondence, Professional opinions related to scientific matters as expressed through related online surveys.

For any person registering to attend a conference, the personal data include (but are not limited to) as provided to us; Name, Organisation, Working place, Specialty, Years of experience, Contact details (such as telephone number, postal and e-mail addresses), Demographic information such as preferences and interests, Feedback on our services and educational materials, Records of enquiries, meetings and other direct engagement, Copies of physical and electronic correspondence, Professional opinions related to scientific matters as expressed through related online surveys, Copies of documents such as passport or professional licence provided as proof for conference registration discounted fees, Information in respect of any medical condition, special dietary, disability or reduced mobility which may affect any person attending our conference – this comes within special categories of personal data (see below), For visitors to our website – your IP address, and information regarding what pages are accessed and when. When registering, we do not retain any financial or banking details following payment processing.

(6) What are the special categories of personal data?

Personal data that concerns your health or reveals your racial or ethnic origin or your sexual orientation are special categories of personal data. Other information also comes within special categories, but this is unlikely to be relevant to the registration and attendance at any conference. Generally speaking, processing special personal data categories requires your explicit consent. Accordingly, information concerning any disability, medical condition, restricted mobility or other health-related issues which may affect your attendance at any conference (and related requirements), as well as dietary restrictions which disclose your religious beliefs or a health issue, are special categories of personal data. We will ask for your consent to process this information when you make your booking or your booking enquiry.

(7) How is your information used?

We collect information about you to process your order and manage your membership, and if you agree, we will email you about other educational activities we think may interest you. We use your information collected from the websites to personalise your repeat visits to our websites. We may use your information to keep our membership listing up to date, carry out our obligations arising from any contracts entered into by you and us, and seek your views or comments on the courses or services we provide so that we can improve our activities, materials and services, notify you of changes to our events, courses or activities, send you communications which you have requested and that may be of interest to you. These may include information about events, conferences, or activities delivered by EIPI. We may also include in our communications information about events, conferences, or promotions we think will further our charitable objectives. We review our retention periods for personal information regularly. We are legally required to hold some information to fulfil our statutory obligations (for example, compliance with the requirements of tax authorities or the charities' regulator). We will hold your personal information on our systems for as long as is necessary for the relevant activity, such as membership or for the administration of courses and events that we offer, or for as long as is set out in any relevant contract you hold with us.

(8) What is the lawful basis for EIP’s processing activities?

We will only process personal information where we believe we have a lawful basis. The basis for processing will vary from activity to activity. In some instances, processing may have more than one lawful basis. The following information summarises the basis on which we process personal information. Lawful Basis: Processing is necessary for us to meet our legitimate interests as a provider of certain services to our members, including maintaining our membership database and delivering services we provide to our members, individuals enrolled on our courses and attendees at our events. Processing is necessary to perform a contract with our staff members, individuals enrolled in our courses, or suppliers. Examples of processing activities: General administration for maintaining our membership database, Corresponding with members in respect of the delivery of our services within the terms of our conditions of membership, Regulatory activity (e.g. complying with the law and tax requirements, and fulfilling our responsibilities with regard to applicable legislation, independent review of abstracts submitted for conferences, delivery of educational courses, including collaboration with our tutors, providing members with relevant news and updates which may be of interest to them. Processing is necessary for carrying out our obligations as a data controller with respect to our staff members and contractors in the field of employment, and where we use third-party suppliers for processing data, such as website maintenance, online services and administration of conferences and other events.

(9) Do we share personal data with third parties?

We will not sell or rent your information to third parties, and we will not share your information with third parties for marketing purposes. Third parties commissioned by EIPI, such as the providers of our conference registration management system, our abstract submission management system, our mailing management system, and our online surveys management system, will not share your personal information without your express permission. Information may also be provided to government / public authorities if required by them or as required by law. In certain circumstances, the processing activities set out above will require us to share personal information with approved international partners and collaborators for the administration of our activities, including the distribution of submissions to our body of academics, researchers and international collaboration centres for the independent evaluation, for the purposes of delivering our educational courses, for the administration of our international events, conferences and seminars, e.g. if you are registered to attend a conference and have booked your accommodation with us, we will provide to the conference hotel and venue the personal data they require to deliver their services related to your registration. Whenever we share personal data, we take all reasonable steps to ensure it will be handled appropriately and securely by the third party. However, when we use third-party service providers, we disclose only the personal information necessary to deliver the service. Our contract requires them to keep your information secure and not use it for their direct marketing purposes. We may transfer your personal information to a third party if we’re obliged to disclose or share your personal data to comply with any legal obligation, enforce or apply our terms of use, or protect the rights, property or safety of our members and customers. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected. The following is a list of the main third parties with whom we share personal information: Oversight regulators and statutory bodies, Software providers which allow us to operate efficient digital processes, Our approved events management partners as part of the organisation and administration of our conferences and seminars, Academics and researchers who provide valuable input into the delivery and design of our activities. For practical reasons, this is an indicative but not an exhaustive list. Please also note that the list may be updated from time to time.

(10) How long do we retain personal information?

The periods for which we retain personal information depend on the purpose for which the information was obtained. In general terms, we will retain personal data for so long as required by law or as may be required for record-keeping and legal claims purposes.

(11) Where do we store personal information?

The information you provide will ordinarily be stored on the secure servers of our software providers. By submitting personal information, you agree to this storage and processing. We will take all necessary steps to ensure that your data is treated securely and in accordance with this Privacy Policy. Our staff at our Secretariat mostly processes personal information. We must store data in secure servers linked to cloud-based services to operate efficient digital processes. We also work with third-party contractors, some hosting and operating certain website features. You agree to this transfer, storage, or processing by submitting your personal data. To ensure that your personal information receives an adequate level of protection, we have put in place appropriate measures to ensure that those third parties treat your personal information in a way that is consistent with and respects the EU and UK laws on data protection. If you require further information about these protective measures, you can request it using the contact details below. Your personal data may be processed within Switzerland, the United Kingdom and/or any other country(ies) of the European Economic Area (EEA). EEA countries are all European Union member states, together with Norway, Iceland and Liechtenstein. We may also process personal data outside the EEA. Data protection laws may not be as strong outside the EEA as in the EEA. Personal data will not be transferred to a country outside the EEA unless (1) the country to which it is transferred is one that the European Commission considers to provide an adequate level of data protection or (2) the personal data is transferred to a company which is required by our contract with them only to deal with the data in accordance with our instructions and to maintain appropriate security to protect the personal data which we are satisfied they have or (3) we are obliged to provide the personal data to a government / public authority to provide our services to you.

(12) IP addresses

We may collect information about the computer or device used to access our website. We use this information to improve the user experience and to help us better understand how our website is used. This may include information about the computer or device type, IP address, Operating system, Browser type and version, Time zone setting and browser plug-in types and versions. This is statistical data about our users' browsing actions and patterns. It is collected anonymously, aggregated, and does not identify individual users.

(13) Security precautions in place to protect against the loss, misuse or alteration of your information

We are committed to ensuring that your information is secure. When you give us personal information, we ensure it’s treated securely to prevent unauthorised access or disclosure. We have established suitable physical, technical and organisational procedures to safeguard and secure our collected information. Any personal information submitted on our website is encrypted and protected. When you are on a secure page, a lock icon will appear on the URL bar of the web browser, or the web address will start with https://. Non-sensitive details (your email address, etc.) are transmitted normally over the Internet, which can never be guaranteed 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we will ensure its security on our systems. Where we have given (or where you have chosen) a password that enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

(14) Profiling

We may analyse the personal information you have submitted to create a profile of your interests and preferences so that we can contact you with relevant information. We do not make use of additional information about you from external sources.

(15) Cookies

Our website uses cookie files to distinguish you from other site users and provide you with a bespoke user experience tailored to your individual preferences. A cookie file (a small file of letters and numbers) will be placed on your computer or other access devices each time you visit our site. We also use analytical cookie files. These allow us to recognise and count the number of visitors to our site and see how visitors move around it when they are using it. This helps us improve how our site works, for example, by ensuring that users find what they are looking for easily. If you wish to delete any such cookie files, please refer to the instructions for your file management software to locate the file or directory that stores cookies. You may refuse to accept cookie files when visiting our site by activating the settings on your browser, which allows you to refuse the setting of cookies. However, if you choose this setting, you may not get an optimal website experience and cannot access certain parts of our site.

(16) Other Websites

Our website and emails may contain links to other websites, such as other medical education associations or carefully selected useful databases or partner organisations. We are not responsible for the content or practices of these other sites, and we recommend that you check their privacy policies.

(17) Your rights where we are processing your information

The UK and EU data protection legislation gives certain rights to UK and EU citizens whose information is being collected by EIP and processed by our approved partners. The following is a quick summary of these rights: Access to your information – you have the right to request a copy of the personal information about you that we hold. If you want a copy of your personal information, please fill out our contact form or email us at [email protected]. Correcting your information – we want to ensure that your personal information is accurate, complete, and up to date, so you may ask us to correct any personal information you believe does not meet these standards. Please fill out our contact form or send us an email at [email protected].

(18) Deletion of your information

You have the right to ask us to delete personal information about you where you consider that we no longer require the information for the purposes for which it was obtained. We are using that information with your consent, and you have withdrawn your consent – see ‘withdrawing consent to using your information below; You have validly objected to our use of your personal information – see ‘objecting to how we may use your information below; Our use of your personal information is contrary to law or our other legal obligations. Please fill out our contact form or send us an email at [email protected] to ask for the deletion of your information.

(19) Objecting or restricting how we may use your information

You have the right to require us to stop using your personal information for marketing or newsletter purposes at any time. In addition, where we use your personal information to perform tasks carried out in the public interest or in exercising official authority vested in us, then if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue. Sometimes, you may ask us to restrict how we use your personal information. This right might apply, for example, when we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply if we no longer have a basis for using your personal information but you don't want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent for legal claims or where there are other public interest grounds to do so. Withdrawing consent using your information – where we use your personal information with your consent, you may withdraw that consent at any time, and we will stop using your personal information for the purpose(s) for which consent was given. Please fill out our contact form or email [email protected] if you wish to exercise these rights.

(20) Changes to our privacy policy

We keep this policy under regular review and will place any updates on this website. This privacy statement was last updated in May 2020.

(21) Your choices

You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about the services we offer, then you can select your choices by ticking the relevant boxes on the form on which we collect your information. You can also change your preferences at any time by contacting us using our contact form or sending us an email at [email protected].

(22) Complaints

While we seek to resolve directly all complaints about how we handle personal information, you also have the right to complain with the relevant authority. For further details, see www.ico.org.uk.