THE BRITISH THORACIC SOCIETY PRIVACY POLICY
Privacy Policy
WHO WE ARE
We are The British Thoracic Society (BTS).
BTS is the controller and responsible for this website. We are registered with the ICO under registration number Z7560263.
HOW DO YOU USE MY DATA?
When you are involved in British Thoracic Society activities, the BTS Lung Disease Registry, the BTS MDR-TB Clinical Advice Service, BTS Clinical Audit or Respiratory Futures programmes.
We have produced specific notices for when you are involved in our clinical advice, registry or clinical audit programmes. Please follow the links below to view the notices that apply to each programme.
How we handle data submitted through one of the BTS websites (BTS/Respiratory Futures/clinical audit/registry/MDRTB CAS) is outlined in the BTS Information Governance Policy and specific information about handling clinical data is outlined in the BTS Clinical Data Policy.
When you become a BTS member
When you apply to become a member of BTS, we will use your personal data to process your membership application and provide you with your membership information and benefits, such as your subscription to our journal or linked membership of the European Respiratory Society. The personal data we collect from you when you become a member include your name, address, email, telephone numbers, date of birth, gender, employer/academic institution, ethnic origin (optional), disability status (optional) and payment details.
Our membership is restricted to healthcare professionals such as doctors, nurses and other professionals working in respiratory health. Therefore we process your personal data in this way based on our legitimate interest to assess your suitability to become a member or to enter into a contract with you, register you as a member to provide you with ongoing membership services and benefits and to monitor diversity and inclusion where you consent for us to use your information in this way.
When you attend one of our events
When you attend one of our events (such as our Winter Meeting, Summer Meeting or a short course), we collect the following personal data: your name, address, email, telephone number, date of birth, gender, employer/academic institution, ethnic origin (optional), disability (optional) and payment details. We may sometimes collect special category personal data related to any special conditions such as dietary requirements, disability or other health conditions to make arrangements for you. If you are already a member and register to attend an event, we will use the membership details we already hold on file for you to confirm your booking. We use your personal data in this way to enter into a contract with you.
We provide a delegate list to the organisations and other individuals who attend our events. We do this because we have a legitimate interest in wanting to help build and develop the scientific community. We also provide information to third parties to facilitate our online short courses and meetings (for example Zoom and our online conference provider). You can object to us using your information in this way by contacting us via any of the methods listed on our contact us page.
When you use our website to submit an Abstract for one of our conferences.
We will use your personal data to process your abstract submission and provide you with details about the abstract process including the outcome of the abstract selection process. The details we collect from you when you submit an abstract include your or the author's name, address, email, telephone numbers, date of birth, gender, job title, and ethnic origin (optional) and disability status (optional).
When you have asked to receive promotional communications from BTS:
This section applies if you have opted in to receive promotional communications from us. You are not under any obligation to provide us with your personal data for promotional purposes, and you can update your communication preferences at any time by logging into our website or contacting us via any of the methods listed on our contact us page. We will only use your personal data to send you promotional communication where you have provided your consent.
We use your personal data (such as your name, email address, postal address, telephone number and previous interactions with us) to provide you with promotional communications in line with your preferences.
You can tell us that you do not want your personal information to be processed in this way at any time by contacting us via any of the methods listed on our contact us page or, where relevant, by following the unsubscribe link shown in every marketing communication you receive from us.
When you use our website and consent to our use of cookies we will collect information about how you use our website. We use this information to improve our website and to better understand how people use it. More detail on the information we collect and how we do this is set out in our Cookie Policy.
When you attend one of our events (including virtual events via video conferencing providers including Zoom), we will usually collect your name, address, email address and phone number. We collect this information because it’s in our legitimate interests to promote our business and to know who’s attending our events.
When you apply for a job with us we may collect your name, contact details, recruitment information (e.g. right to work documentation and references), test results (inc. psychometric), qualifications, accreditations and any additional information we may receive from our recruitment partners.
We will use your personal information to assess your suitability for our available roles. We do this to perform our contract obligations or to take steps at your request, before entering into a contract. Where we process your right to work documentation, we will do so to comply with our legal obligations.
If our business is sold. We process your personal information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your personal information in this way, the buyer of our business may not be able to provide services to you.
WHERE IS MY DATA STORED?
Personal information collected by BTS, including clinical data collected through our Audit/Registry and MDR-TB CAS sites, is stored on secure servers based within the EEA.
However, many of the third parties we use to help us run our charity are based outside of the European Economic Area (EEA), so their processing of your personal information will involve a transfer of your personal information to a location outside of the EEA.
Whenever we transfer your personal information outside of the EEA, we ensure it is protected by making sure at least one of the following safeguards is in place:
- by transferring your personal information to a country that has been deemed to provide an adequate level of protection by the European Commission;
- by using specific contracts approved by the ICO which give your personal information the same protection it has inside the EEA; and
- where we use providers based in the US, we may transfer data to them if based on one of the approved transferring mechanisms such as the Standard Contractual Clauses with a UK Addendum or the International Data Transferring Agreement. .
To keep this privacy policy as short and easy to understand as possible, we have not set out the specific circumstances when each of these protection measures are used. You can contact us via any of the methods listed on our contact us page for the details as to how we protect specific transfers of your data.
HOW LONG DO WE RETAIN YOUR DATA FOR?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or regulatory requirements.
To determine the appropriate retention period for the personal information we hold, we consider the amount, nature and sensitivity of the personal information, the risk of harm from unauthorised use or disclosure of your personal information, the reasons why we handle your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
As outlined in the BTS Information Governance Policy and the BTS Clinical Data Policy, we may anonymise your personal data so that it can no longer be associated with you for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Who do you share my data with?
- Business partners, suppliers and subcontractors, including recruiters for the performance of the contract we enter into with them or you.
- Payment providers to complete your membership application, we share your personal information with our subcontractors who are involved in the membership application process, such as payment providers, as well as credit reference agencies who we use to assess fraud, credit and/or security risks.
- Delivery providers and logistics companies for the performance of the contract we enter into with you to deliver the products you order.
- Promotional events and marketing organisations, we do not sell data for marketing purposes, but may share your data with an event organiser or collaboration brand including where we run workshops with co-presenters and offer a promotion alongside a partner brand. We will always tell you before (usually on the event registration form) and you will be given the chance to opt-out before we do this.
- Regulators/ Authorities/ Enforcement Agencies if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our clients or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
- Prospective buyers of our business under our legitimate interest to ensure our business can be continued by the buyer.
WHAT ARE MY RIGHTS UNDER DATA PROTECTION LAWS?
You have various other rights under applicable data protection laws, including the right to:
- access your personal data (also known as a “subject access request”);
- correct incomplete or inaccurate data we hold about you;
- ask us to erase the personal data we hold about you;
- ask us to restrict our handling of your personal data;
- ask us to transfer your personal data to a third party;
- object to how we are using your personal data; and
- withdraw your consent to us handling your personal data.
You also have the right to lodge a complaint with us or the Information Commissioner's Office, the supervisory authority for data protection issues in England and Wales. If you are based in the EU you can find your relevant supervisory authority here.
Please keep in mind that privacy law is complicated, and these rights will not always be available to you all of the time.
WHAT ABOUT WEBSITES WE LINK TO?
Our site connects you to different websites. If you follow a link to any of these websites or use our services, please note that you have left our site and these websites have their own privacy policies.
We do not accept any responsibility or liability for these policies or websites. Please check their policies before you submit any personal information to them.
WHEN WILL YOU CHANGE YOUR PRIVACY POLICY?
Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or post.
Please check back frequently to see any updates or changes to our privacy policy.
HOW DO I CONTACT YOU WITH FEEDBACK?
Your feedback and suggestions on this notice are welcome. If you feel that we have overlooked an important perspective or used language which you think we could improve, please let us know by contacting us via any of the methods listed on our contact us page.
This privacy policy was last updated on 09 June 2023.