Last updated 15 December 2020
This notice tells you what to expect when we collect your personal information.
1. Who we are and what this policy is about
This notice contains information about:
- Why we collect personal information about you
- What personal information we collect from you and how we collect the information
- How we use your personal information
- How long we keep your personal information
- Information sharing and third parties and where we store your personal information
- How we keep your personal information secure
- Your rights if you are a resident of the EEA or UK
- How you can complain or contact us
2. Why we collect personal information about you
We hold and process visitors’ personal data for a variety of reasons:
- To respond to enquiries from visitors who complete the contact form;
- To send blog subscribers an email notification whenever a new blog is posted to the website;
- To send information to newsletter subscribers;
- To manage registrations for BioMed21 Collaboration events; and
- To comply with legal obligations.
3. Information we collect about you and how we collect the information
The information we collect on or through the website may include: (1) information that you provide to us by filling in forms on the website (this includes information provided at the time of registering interest to join the ), as well as records and copies of your correspondence (including email addresses) if you contact us; and (2) information we collect through automatic data collection technologies.
Information you voluntarily provide
We collect and maintain certain personal information about you when you send us an e-mail or complete any of our forms, such as when you request information from us, subscribe to our blog, subscribe to our online newsletter, or forward a web page, electronic blog post notification, or electronic newsletter using our “email” function; , and other information collected in the forms Such information may include your name and e-mail address, and other information collected in the forms.
We also collect certain usage information to better understand how visitors use the website, which includes your IP address, URL you are coming from before visiting the website. The website logs these IP addresses, URL’s, device information such as identifier, name and type of operating system, mobile network information and web information such as browser type and pages accessed on the website, and aggregates them for system administration and to monitor the use of our site. We use the aggregated information to measure the number of visits to our site, the average time spent on our site, the number of pages viewed, and various other site statistics. This monitoring helps us to provide a more useful and engaging online experience to website visitors, and helps us to improve the quality of our content.
4. Ways information about you is used
We may use the information collected for various purposes:
- to contact you regarding BioMed21 Collaboration events we feel you may be interested in;
- to send you a notification email when a blog is posted, if you are a subscriber;
- to allow you to participate in interactive features of the Website when you choose to do so;
- to provide and maintain the website;
- to gather analysis to improve the website;
- to monitor usage of the website; and
- to detect, prevent and address technical issues.
Every recipient of our electronic communications can quickly and easily “opt out” of future such communications by contacting us at email@example.com or by following the instructions on any electronic communication we send.
5. How long do we keep your personal data?
We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.
We will also retain usage data for internal analysis purposes. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.
6. How do we share your personal data?
- to advertisers and advertising networks, including Google, that require the data to select and serve relevant adverts to you and others; and
- third-party service providers who have provided us with assurances that they process personal information under suitable data protection arrangements and security controls in place. These third-party service providers include: cloud storage providers, IT services providers and analytics service providers
We will share your information with law enforcement agencies, public authorities or other organisations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
- comply with a legal obligation, process or request;
- enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
- detect, prevent or otherwise address security, fraud or technical issues; or
- protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).
Where do we store your personal data?
Your information, including personal data, may be transferred to – and maintained on – computers and servers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the data, including personal data, to United States and process it there.
From time to time, the website may link to other web sites not operated by HSI/HSUS. HSI/HSUS attempts to link only to those web sites which also respect a visitor’s privacy and the goals of the BioMed21 Collaboration. However, if you click on a third-party link, you will be directed to that third party’s site. HSI/HSUS has no control over and assumes no responsibility for the content or privacy policies or practices of third-party web sites. We strongly advise you to review the privacy policies of every site you visit. If you find inoperable links or are concerned about any of the sites that the Website currently links to, please inform the BioMed21 Collaboration by contacting us at firstname.lastname@example.org.
7. How we keep your personal information secure?
The security of your data is important to us; however, the transmission of information via the internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the Website or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal data against loss, theft and unauthorized use, access or modification.
HSI/HSUS uses generally accepted, industry-standard security systems, software, and encryption technologies — Secure Sockets Layer (SSL) — for the secure transfer of personal data and to protect against unauthorized access to HSI/HSUS servers, equipment, and other components of our online presence. Our web servers are hosted off-site at multiple, physically secure facilities with limited access.
8. Children’s Privacy
The website is not intended for use by anyone under the age of 18 (“Child”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
9. Residents of the European Economic Area (EEA) and the United Kingdom (UK)
HSI/HSUS is the “data controller” of the personal data processed in connection with the website for the purposes of the General Data Protection Regulation (the GDPR) (which applies across the EEA and the UK). Personal data is defined in the GDPR as any information relating to an identified or identifiable natural living person.
Legal Basis for Processing
The laws on data protection provide a number of different reasons (legal basis) for organizations to collect and process your personal data. We generally process data on the basis that it is necessary for the pursuit of our legitimate interests. We process data to pursue our legitimate interests in ways which might reasonably be expected and which do not materially impact your rights, freedom or interests. For example, by sending direct marketing information to keep our supporters updated on projects, activities, news, events and action alerts. We will only do this where we have reason to believe that this information will be of interest to you.
In circumstances where required by applicable law, we will rely on consent as a basis for processing personal data and we will specifically obtain your consent in the course of collecting the data. We may also need to collect and process your data if we are required to by law. We may also use data to improve our level of service. Where we do this, we do it to help inform us how to improve the way we work since both we and those we deal with have an interest in us doing so.
Every recipient of our electronic communications can quickly and easily “opt out” of future such communications by following the instructions on any electronic communication we send.
Withdrawal of Consent
Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by e-mailing us at email@example.com. You may also unsubscribe at any time in every email communication we send you.
If you are in the European Union, depending on the information we hold about you and the reason for us holding it, you have certain rights which are set out below. You may have additional rights in relation to the personal data we hold about you. We set out below an outline of those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by sending us a copy of your passport or driving license. To exercise any of your rights, please email firstname.lastname@example.org. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.
- Access: You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
- Portability: You have the right to receive a subset of the personal data you provide us if we process it on the bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal data to another party.
- Correction: You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data completed.
- Erasure: You may request that we erase the personal data we hold about you in the following circumstances: where you believe it is no longer necessary for us to hold the personal data, we are processing it on the basis of your consent and you wish to withdraw your consent, we are processing your data on the basis of our legitimate interest and you object to such processing, you no longer wish us to use your data to send you marketing or you believe we are unlawfully processing your data.
- Restriction of Processing to Storage Only: You have a right to require us to stop processing the personal data we hold about you other than for storage purposes in the following circumstances: you believe the personal data is not accurate for the period it takes for us to verify whether the data is accurate, we wish to erase the personal data as the processing we are doing is unlawful but you want us to simply restrict the use of that data; we no longer need the personal data for the purposes of the processing but you require us to retain the data for the establishment, exercise or defence of legal claims; and you have objected to us processing personal data we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal data whilst we determine whether there is an overriding interest in us retaining such personal data.
- Objection: You have the right to object to our processing of data about you and we will consider your request.
10. How you can complain or contact us
In the event that you wish to make a complaint about how we process your personal data, please contact us at email@example.com and we will endeavor to deal with your request.