The British Thoracic Society (BTS) is committed to protecting your personal data and respecting your privacy. This policy explains when and why we collect personal information about people who visit our websites, how we use it, the conditions under which we may disclose it to others and how we keep it secure. The policy is applicable to all of our activities which rely on collecting and using personal data via websites and related tools. Activities include those accessible via the BTS website, and also via the websites hosting BTS Clinical Audits; the BTS Lung Disease Registry activity; the BTS MDR-TB Clinical Advice Service and Respiratory Futures.
WHO WE ARE
For the purpose of the Data Protection Act 2018, and for General Data Protection Regulations that apply from 25 May 2018, the British Thoracic Society is the data controller for all data collected by both BTS and Respiratory Futures. BTS is a Company Limited by Guarantee (number 1654201) with its registered Office at 17 Doughty Street, London, WC1N 2PL. We are also registered as a Charity in England and Wales (number 285174), and registered in Scotland as a charity with the Office of the Scottish Charity Regulator (number SC041209). This policy is governed by English law.
SCOPE OF POLICY
The policy sets out the basis on which any personal data we collect from you or that you provide to us will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
This policy also applies to your use of the BTS websites and any of the services we offer and should be read in conjunction with our Terms and Conditions notice regarding the use and content of the BTS websites here.
INFORMATION WE MAY COLLECT FROM YOU
The personal information we may collect about you (including that obtained through our web-based systems and our on-line activities) includes but is not limited to your:
• first name and last name;
• email address;
• telephone number;
• gender; ethnicity; job title;
• information you may give if you contact us including when you report a problem with our website;
• information that you provide by filling in forms on our website or submitted to us by mail or over the telephone. This includes information provided at the time of registering to use our site(s), joining the Society, using our on-line clinical improvement tools or submitting bookings, abstracts, Declarations of Interest, participating in on-line elections and other BTS activities as may be developed in future;
• when making payments, for example for membership subscriptions or delegate fees for BTS Courses and conferences. Your card information is not held by us. It is collected by our third party payment processing arrangements which are described in the next section;
• information about your computer, hardware, software, platform, device including device IDs, network connection including IP address, MAC address, type of network connection.
This information will be stored by us and may be analysed using analytics tools such as, but not limited to, Google Analytics.
We may also ask you to complete surveys, ratings, reviews and complete on-line feedback forms that we use for evaluating our services and events and assessing the impact of our clinical improvement activities, although you do not have to respond to them.
WHERE WE STORE YOUR DATA
We store this information in our databases. Subject to the provisions of this policy, these databases are held in the European Economic Area (EEA). We may from time-to-time use this data to send you information, updates and other messages. For more information please see the BTS Information Governance policy.
When you are using our secure on-line event booking and membership management pages, your payments are processed by a third party payment processor, which specialises in the secure on-line capture and processing of credit and debit card transactions. Any sensitive information (such as credit or debit card details) is encrypted and protected with industry standard and PCI 3.1 compliant encryption protocols. When you are on a secure page, a lock icon will appear on web browsers such as Microsoft Internet Explorer. We do not store credit or debit card details. If you have any queries please email firstname.lastname@example.org.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
HOW WE USE PERSONAL INFORMATION
Personal information provided to us will be used for the purposes outlined at the time of collection or registration in accordance with the preferences you express.
Personal data collected and processed by us may be used for the following purposes:
• Administration of your membership of the Society, and related members benefits such as the subscription to our journal Thorax and/or linked membership of the European Respiratory Society;
• Administration of your accounts for our Clinical Audit Programme, Lung Disease Registry, MDR-TB Clinical Advice Service, or for Respiratory Futures.
• Communication about events bookings, abstract submission, our clinical improvement and advice service tools and other activities that we think may be of interest to you;
• Administration of activities relating to Elections held by the BTS membership of individuals to BTS Council or Honorary Officer and/or other positions and membership of Committees or groups, collection of display of the content of Declarations of Interest from individuals on the BTS website, production of BTS publications and other resources;
• Research and statistical analysis of feedback from events and activities in order to improve what is provided, and collation of information about numbers of members/delegates/users of services) to inform planning and distribution of resources and developing services;
The information you supply will be held on file and on databases held on the Society’s central servers. Personal data collected and processed by us may be shared with BTS employees and Board members and also, under strictly controlled conditions, with contractors and associates.
We will never sell or rent your personal data to third parties for marketing purposes.
We may share information with appropriate third parties* in order to improve clinical practice, provide general data about medical training and workforce trends, and our services, but never for marketing purposes.
You are always in control of how we communicate with you. You can update your choices by logging into our website here or contacting email@example.com.
CLINICAL DATA – BTS Audit/Registry/MDRTB CAS
Clinical data submitted through one of the BTS websites (clinical audit/registry/MDRTB CAS) is held securely on our databases as outlined in the BTS Information Governance Policy and used in accordance with the BTS Clinical Data Policy.
YOUR RIGHTS AND CHOICES
You have a choice about whether or not you wish to receive information from BTS. If you do not want to receive direct marketing communications from BTS you can select your choices by ticking the relevant boxes on the form on which we collect your information.
You can also exercise the right at any time by contacting us via our contact page or at firstname.lastname@example.org .
ACCESS TO INFORMATION
The Data Protection Act 2018 gives you the right to access information held about you. Your right of access can be exercised in accordance with that Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
Updated July 2018
* Examples of third parties in this regard may include, but not exclusively: UK Departments of Health; education, CPD and training programmes in higher education and the NHS; the Federation of Royal Medical Colleges or individual Royal Colleges; the General Medical Council; Postgraduate Deaneries.