The European Society of Hypertension (collectively, “ESH”, “we”, “us” or “our”) takes very seriously and respects the importance of protecting personal information collected from Members and other users of the services. By submitting information to ESH you consent to practices described in this policy, which aim to maintain the security, integrity and privacy of any information in accordance with the EU General Data Protection Regulation (GDPR).
This document describes how ESH collects and uses the personal information you provide to us. It will also describe the choices available to you regarding our use of your personal information as well as how you can access, update and delete this information.
This Policy sets out the following:
- What personal data we collect and how we collect your data
- How do we use your personal data and why
- How we can share your data
- International Data Transfers
- Your rights
- How to contact us
All personal data is collected and processed in accordance with EU data protection laws.
What Personal Data We Collect and How We Collect Your Data
“Personal data” means any identifiable information about you, like your name, email, address, telephone number and so on and any information about your access to our websites. When you visit our websites or use our services, we collect personal data. The categories of information and the ways we collect it can be broadly categorised into the following:
- Information you provide to us directly
The information you provide by filling in the registration form on our websites, such as: Name and Surname, gender, date of birth, Country and town of residence, email address, personal ID number and detail, medical specialization and professional role, healthcare organization. We might ask you to provide personal data to us when you contact us with questions or request support. We may also ask you to complete surveys that we use to improve our services or for research purposes. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services.
- Information we collect automatically
We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible (e.g., by personalising the content you see). Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our cookie notice. For our Cookies policy see here.
How Do We Use Your Personal Data and Why
First and foremost, we use your personal data to operate our websites and provide you with any services you’ve requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
- Customer Services communications in the event of updates, technical changes and so on: we send you communications about the services you have asked for and any changes to such services. These communications are not made for marketing purposes and cannot be opted-out of.
- To analyse, aggregate and report: We may use the personal data we collect about you and other users of our websites and services to produce aggregated and anonymised analytics and reports, which we may share with third parties.
Note that we do not perform any data profiling based on the data we collect from you for statistical and analysis purposes.
- Asking for your feedback or to take part to survey about your user experience.
- Administrative and legal purposes in order to deal with a dispute or claim.
If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.
How we can share your data
There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:
- third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services.
- regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure.
- other people where we have your consent.
International Data Transfers
When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to Germany, where our data hosting provider’s servers are located. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected. For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like New Zealand), or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties).
Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens.
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements). We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.
It’s your personal data and you have certain rights relating to it. You have rights to:
- know what personal data we hold about you, and to make sure it’s correct and up to date.
- request a copy of your personal data, or ask us to restrict processing your personal data or delete it.
- object to our continued processing of your personal data.
- tell us if you are unhappy with how we are processing your personal data.
You can exercise these rights at any time by sending an email to email@example.com. We will review and investigate your complaint and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.
How to contact us
For any queries regarding this privacy statement, the practices of this website, or your dealings with this website, please contact: firstname.lastname@example.org