Privacy Policy

Personal data refers to any information that identifies you as a specific individual. This page explains the what, how and why of the information we collect about you when you visit our website or use our services. It also explains the specific ways we use and disclose that information.
We take your privacy extremely seriously and we never sell your data.

Who we are

Royal College of Surgeons of Edinburgh is the Data Controller for the personal information we hold to (i) operate our business including managing contracts with customers and partners, and (ii) market and sell to existing and potential customers and partners.

Below “we” and “us” refer to Royal College of Surgeons of Edinburgh.

What types of information we collect and how we collect them

In order to provide our services, we must process some personal information about you. We may collect:

Our legal grounds for processing your data

There are different legal grounds (or bases) on which we rely to use your personal information, namely:

Where it is necessary to provide you with our Products and Services

We will process your data in the course of providing our products and services to you, in performance of our contract (or in the course of creating a quote, and gathering information to create a quote, for providing products and services to you).

Where it is in our Legitimate Interests to do so

Royal College of Surgeons of Edinburgh collect information from you in the course of our business including through your use of our website, your relationship or interactions with our staff or when you engage us in the provision of services for the following purposes:

Based upon conducting a Legitimate Interest Assessment (LIA) – as advised by the ICO – it is deemed that the rights and freedoms of the data subjects would not be overridden in our correspondence regarding our services and that in no way would a data subject be caused harm by our correspondence.

Where you have provided consent for us to use your data for a particular purpose

Where you have given your explicit consent, we may use your data for specific purposes. Such as when you sign up to receive our blog email updates, we will process your contact details in order to send you those emails

How we use your personal data

We use your personal data, including any of the personal data listed in the “What types of Information we collect” section above, for the following purposes:

We also use your personal data for:

Direct Marketing

We may use your personal data to send you marketing communications about services, publications, industry updates, events, courses, surveys, promotions and competitions by Royal College of Surgeons of Edinburgh to display content that we believe may be of interest to you.

We will only contact you for these marketing purposes in accordance with our legitimate business interests or where you have explicitly agreed to this. Your agreement to the use of your personal data for these purposes is optional and if you do not wish to provide your agreement, your visit and use of our website and/or provision of services by Royal College of Surgeons of Edinburgh will not be affected.

You have the right to request us not to use your personal data for marketing communications. You can opt out of receiving these by clicking on the ‘unsubscribe’ link at the bottom of any such electronic communication or through following the opt-out instructions provided in any marketing communication.

Use of our website

There are facilities on our website which invite you to provide us with personal data including our contact us form and contact email addresses. The purpose of these facilities is apparent from the point at which you provide your personal data to us and we only use the information for those purposes.

Our website also uses Google Analytics, a web-based analytics tool that tracks and reports on the manner in which the website is used to help us improve it. For more details and information on how to disable cookies, please visit our cookie policy:
https://archiveandlibrary.rcsed.ac.uk/cookie-policy

Legal basis for using your personal data

We will only use your personal data when the law allows us to. In particular, we will use your personal data:

How long we keep your data

In line with ICO guidelines, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. If you have a question about explicit retention periods for particular types of personal data we hold, please contact us (contact details below).

Who we share your data with

Royal College of Surgeons of Edinburgh uses trusted third parties to provide support services for certain aspects of our business. Specifically, these include secure data storage, facilitating secure online transactions, website visitor analytics and sending email marketing communications.

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

We may also provide your information to regulators and law enforcement agencies where we are legally required to do so and where necessary for the purposes of preventing and detecting fraud or other criminal offences. If legally permitted, we will use reasonable efforts to notify you prior to disclosing your information to such parties.

Royal College of Surgeons of Edinburgh has ensured that all of the third party organisations we share your data with are GDPR compliant and have signed a data processor agreement with us. We will never sell your data.

This website may contain links to third party websites including social media sites such as LinkedIn, Twitter and Facebook. These sites are owned and operated independently from us and have their own separate privacy policies. Any personal data that you provide to these websites will be governed under the terms of the privacy policy of that website. If you use these sites, you should review their privacy policies to learn more about how your personal data is collected and used.

Cookies

This website uses cookies – small text files which are stored on your computer when you visit websites. We may automatically collect information about you through cookies.
For more information please click to see our cookie policy:
https://archiveandlibrary.rcsed.ac.uk/cookie-policy

How we protect your information

We take our responsibilities around the safety and security of your data very seriously and are committed to ensuring this.

As such we take steps to safeguard this, including:

From time to time, your information may be transferred to and stored in a country outside the EEA in relation to provision of the services (i.e. the USA). The laws in these countries may not provide you with the same protection as in the EEA; however, any third party referred to above outside of the EEA has agreed with us to abide by European levels of data protection in respect of the transfer, processing and storage of any personal data.

Requesting a copy of your information

Under the GDPR you have several rights regarding your personal data, including the right to be informed about the data we hold about you, the right to ask us to rectify that data if it is incorrect, and the right to ask for a copy of that data (called a Subject Access Request).

If you would like to request a copy of the data that we hold about you, please complete our Subject Access Request form and send it to privacy@past-view.com. We will aim to acknowledge your request promptly and in any event will respond to your request within one month.

If you are concerned about our data processing

If you are unhappy with how we have collected or processed your personal data you have the right to make a complaint at any time to the Information Commissioner’s Office (https://ico.org.uk/) (ICO), which is the UK supervisory authority for data protection issues.

However, if you have such a grievance we would politely request the chance to deal with your concerns before you approach the ICO – so please do contact us in the first instance.

Queries and contact

If you have any queries regarding the above or would like update or obtain a copy of your data held by us, our appointed privacy representative is Jacqueline Cahif, College Archivist who can be contacted via email at library@rcsed.ac.uk.

Notification of privacy policy changes

Whenever we make a material change to the information we collect or how we use it we’ll update the policy posted here. When this policy changes, we’ll announce it to let you know — or you can check back here for each update.


This policy was last updated on 1st August 2018