Date last revised: February 2021
Who we are:
Healthcare Europa Limited (trading as Healthcare Business International) incorporated in England and Wales under company number 07823199 with its registered office and trading address situated at Commercial Unit A, 111 Seven Sisters Road, London N7 7FN (“Healthcare Europa”, “we” and “our”) are committed to protecting and respecting your privacy.
This policy sets out how we collect, use and process personal data. Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting any of our websites, you are accepting and consenting to the practices described in this policy.
For the purpose of the General Data Protection Regulation 2016 (GDPR) and the Data Protection Act 2018, we are the data controller of the personal data we collect.
Data we may collect from you and how we collect it
By personal data we mean identifiable information about you. Generally, this is likely to include information such as your name, email address, correspondence address and your IP address if you access our website.
We may collect, use, store and transfer different kinds of personal data about you:
- Identity Data includes data such as first name, last name, username or similar identifier, date of birth and any information you include in any profile you create on our website;
- Contact Data includes data such as your email address, telephone number, geographical address, job title and company address;
- Financial Data includes details you provide to us so that we can process your payments including bank details and credit or debit card information;
- Transaction Data includes details of memberships you have purchased, access to events purchased and payments made;
- Technical Data includes data such as internet protocol (IP) address, your login data, browser type and version, cookies, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website and any communications we may send to you;
- Usage Data includes information about how you use our website such as information about your visit to our website, including the full Uniform Resource Locators (URL) clickstream to and through and from our Site (including date and time); pages you viewed or searches you made, page response times, download errors, length of visit, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number; and
- Marketing Data includes your preferences in receiving marketing from us.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as it does not directly or indirectly identity you. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we will treat the combined data as personal data which will be used in accordance with this policy.
We do not knowingly collect personal data of children. Please do not provide personal data to us unless you are at least 18 years old.
Personal data you provide to us
From time to time you may provide to us Identity Data, Contact Data, Financial Data and Marketing Data. This may be because:
- You access and interact with our website;
- You create an account on our website;
- You purchase membership to our services;
- You attend one of our events, either online or off line;
- You or your employer provides services to us;
- You apply to work with us as an employee or a consultant;
- You provide feedback or reviews to us;
- You respond to a survey or questionnaire or enter a promotion or competition;
- You sign up for our newsletter;
- You otherwise contact us including with queries, comments or complaints, including in relation to our website.
All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraud, we will record this and we may also report this to the appropriate authorities.
When you contact us by email or post, we may keep a record of the correspondence and we may also record any telephone call we have with you.
Personal data we automatically collect about you
When you use our website, we may automatically collect and store information about your Transaction Data, Technical Data and Usage Data for the purposes of research and analysis.
Personal data we receive from others
If your employer is a client of Healthcare Europa, then your employer may provide your personal data to us. If you do not wish your employer to do so, please tell your employer; and you can of course exercise your rights set out at the end of this policy including asking us to remove your personal data from our systems.
If we reasonably believe that any of the personal data you have provided to us is inaccurate, we may receive further personal data from third parties, such as credit reference agencies and Companies House, to try to confirm your identity.
We may also receive personal data about you from our third party service providers, including our payment service providers, customer relationship management providers and our analytic service providers.
How we use your information
We will only use your personal data where we have a lawful basis to do so. The lawful purposes that we rely on under this policy are:
- consent (where you choose to provide it);
- performance of a contract with you;
- compliance with legal requirements; and
- legitimate interests. When we refer to legitimate interests we mean our legitimate business interests in the normal running of our business which do not materially impact your rights, freedom or interests.
TYPE OF DATA
LAWFUL BASIS FOR PROCESSING INCLUDING BASIS OF LEGITIMATE INTEREST
To register you/your employer for membership and/or create an account on our website
Performance of a contract with you
To manage your membership, including managing payments, your attendance and interactions at events and sending you content
Performance of a contract with you
Legitimate interests (fraud-checking)
Performance of a contract with you
To administer and protect our business and this website (including improving and fixing our service, troubleshooting, analysis, testing, research, system maintenance, support, reporting and hosting of data)
Necessary for our legitimate
interests (for running our business security, to prevent fraud and in the
context of a business reorganisation or group restructuring exercise)
To deliver relevant website content and advertisements to you and measure and understand the effectiveness of the advertising we serve to you
Necessary for our legitimate interests (to analyse how customers use our website and manage our business accordingly)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To send you marketing information
Disclosure of your information
For our legitimate interests, we may share any of your personal data with our service providers, sub-contractors, consultants and agents that we may appoint to perform functions on our behalf and in accordance with our instructions, including customer relationship management providers, payment service providers, IT service providers, group companies, accountants, auditors and lawyers.
However, we shall provide our service providers, sub-contractors, consultants and agents only with such of your personal data as they need to provide the service for us and if we stop using their services, we shall request that they delete your personal data or make it anonymous within their systems.
If we need to use your personal data to comply with any legal obligations, demands or requirements, for example, as part of anti-money laundering processes or to protect a third party’s rights, property, or safety then in doing so, we may share any of your personal data with third party authorities and regulatory organisations and agencies. This may be because we need to in order to enforce or apply our terms and conditions or for the purposes of fraud protection and credit risk reduction.
For our legitimate interests, we may share your personal information with any member of our group which means our subsidiaries, our ultimate holding company and its subsidiaries as defined in section 1159 of the UK Companies Act 2006.
Again, for our legitimate interests, we may disclose your personal information to third parties if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. Likewise, if Healthcare Europa or substantially all of its assets are acquired by a third party, personal data held by us will be one of the transferred assets.
Where we store your personal data
The data that we collect from you may be transferred to, and stored at, a destination outside United Kingdom and/or the European Economic Area (“EEA”). It may also be processed by staff operating outside the United Kingdom and/or EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.
Security of your data
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. Do not share your password with anyone.
Healthcare Europa respects your data and has taken appropriate technical and organisational measures to ensure we have mitigated against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
You may consent to receive marketing email messages from us about our website and our services, website, events, membership and business. You can choose to no longer receive marketing emails from us by contacting us, changing the settings within your online account or clicking unsubscribe from a marketing email. Please note that it may take us a few days to update our records to reflect your request.
If you ask us to remove you from our marketing list, we shall keep a record of your name and email address to ensure that we do not send to you marketing information. If you still have a membership with us, we shall continue to email you in relation to your membership only, such as sending you our newsletters.
You have a number of rights under applicable data protection legislation. Some of these rights are complex, and not all of the details have been included below. Further information can be found here.
- Right of access: You have the right to obtain from us a copy of the personal data that we hold for you.
- Right to rectification: You can require us to correct errors in the personal data that we process for you if it is inaccurate, incomplete or out of date.
Right to portability: You can request that we transfer your personal data to another service provider if you initially provided consent for us to use the personal data or where we used the personal data to perform a contract with you.
- Right to restrict or object to processing: In certain circumstances, you have the right to require that we restrict the processing of your personal information. If you believe our processing impacts on your fundamental rights and freedoms. However, we may demonstrate that we have legitimate grounds to process your personal data not withstanding your rights and freedoms.
- Right to be forgotten: You also have the right at any time to require that we delete the personal data that we hold for you, where it is no longer necessary for us to hold it. However, whilst we respect your right to be forgotten, we may still retain your personal data in accordance with applicable laws and when we respond to your request we shall notify you of any specific legal reasons that we have to retain your personal data.
- Right to stop receiving marketing information: You can ask us to stop sending you information about our services, but please note we shall continue to contact you in relation to any matters relating to your membership if you have one or your attendance at an event.
We reserve the right to charge an administrative fee if your request in relation to your rights is manifestly unfounded or excessive, and we may ask for identification from you before we can fully respond to your request.
Retention of personal data
Subject to the provisions of this policy, we will retain personal data in accordance with applicable laws.
We may be required to retain personal data for a particular period of time to comply with legal, auditory or statutory requirements, including requirements of HMRC in respect of financial documents and in order to deal with any dispute you might raise. To determine the appropriate retention period for personal data, we consider the type of the personal data, the potential risk of harm from unauthorised use or disclosure of the personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.
Where we have no legal basis for continuing to process your personal data, we shall either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
For the avoidance of doubt, we may use anonymous data, such as usage data for research or statistical purposes indefinitely without further notice to you.
Questions, comments and requests regarding this policy are welcomed and should be addressed to Healthcare Business International, Commercial Unit A, 111 Seven Sisters Road, London N7 7FN