5 May 2020, London
London School of Ultrasound (LSUS) is the trading name of Ultrasound Network Ltd, Registered in England and Wales under number: 7204693. Registered office: 2nd Floor, 13 John Prince’s Street, London, W1G 0JR, United Kingdom, from whom the Customer has purchased the Services.
This notice explains what personal data (information) we hold about you, how we collect, how we use and may share information about you. We are required to give you this information under data protection law.
Who are we?
London School of Ultrasound (LSUS) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
What data we collect
We do not collect any personally identifiable data from visitors to this website other than when you subscribe to any of our services. The basis on which we collect such data and other relevant information are set out in our Privacy Notice below. We explain below how we analyse data from this website. Any links to external sites are out of our control and we encourage you to always read the privacy statements on the other websites you visit.
Visits to our website
We use a third-party service, WordPress, to host our website. The security of the website is protected by industry standard encryption processes (SSL encryption). For more information about how WordPress secures and processes data, please see their privacy notice: https: https://wordpress.com/about/. We have no legal means of finding out the identities of persons visiting our website and do not make any attempt to do so.
Participation in the events
Zoom’s privacy notice can be found here: https://zoom.us/privacy-and-legal
If you attend a Zoom meeting or webinar as a participant, LSUS may choose to record the session, and if so, Zoom might help us to obtain consent from meeting participants by providing visual and audio cues to alert participants of a recording. We may need to turn on a pop-up notice which requires a participant to click a “continue” button to acknowledge notice of the recording. Recordings may contain personal data and may be stored in our local storage device, not in Zoom’s cloud. When we choose to do that, Zoom does not have any control over the recording.
If you attend a Zoom meeting or webinar as a participant, LSUS may have enabled Attention Tracking. This feature is operational only when we are sharing the screen. It places a small clock icon next to a participant’s name to indicate it only to the host (LSUS) and is not active for more than 30 seconds while the screen is shared. Neither the meeting host nor Zoom can see or access any other applications on a participant’s screen or computer. Also, the Attention Tracker does not allow Zoom to monitor what takes place in a meeting, and does not apply to meetings where screen sharing is not turned on. Using other features of the service does not activate Attention Tracker.
We use a number of different cookies for various purposes, including enhancing website functionality, website analytics and marketing. For example, we use Google Analytics to collect standard internet log information, details of visitor behaviour patterns and the number of visitors to the various parts of the site. This information is processed in such a way that we cannot identify a specific individual, i.e. there are no unique identifier cookies. Full details of all the cookies can be provided on request at firstname.lastname@example.org. When you visit this website, you are directed to this tool and asked to confirm your preferences. You are able to change your preferences at any time through this tool.
DATA PRIVACY NOTICE
The EU General Data Protection Regulation (GDPR), as read with the UK Data Protection Act 2018, both effective from 25 May 2018, give individuals in the European Union enhanced rights over the use of their personal data. Under the GDPR, we are required to give you certain information, including your rights when you provide us with your personal data.
If you subscribe to attend one of our conferences or other events, we will ask you for a minimal amount of personal data to enable us to process your booking, to keep you informed of any developments concerning your attendance at the conference or event and for administration purposes. Our legal basis for processing your personal data for these purposes is contractual (Article 6(1)(b) GDPR).
We retain third-party research services to identify appropriate persons at companies and other organisations who we feel, given their position and role, may be interested in, or benefit from, receiving details of our future conferences or other services. These researchers obtain the details of such persons from publicly-available information on the internet. The legal basis on which we process personal data and communicate with data subjects in these circumstances is our legitimate interests under Article 6(1)(f) of GDPR. In conducting our legitimate interests’ assessment, consideration was given to the following:
- The amount of personal data processed is minimal; • The data is publicly available and is not sensitive in any way; • The relationship is business to business and relevant to the job title; • There is minimal privacy risk; • There is no viable alternative means of communication; • The processing is vital to our business operations; • The data subjects are senior business people who would mostly be interested in the services we offer; • There is a simple opt-out facility.
On balance, we concluded that the processing is justified as it is vital to our business interests while having a minimal impact on the rights and freedoms of data subjects.
The personal data you provide us with when subscribing for our services will be used only for the purposes of providing you with and improving those services. Some data elements, e.g. job titles and company names, may be aggregated on an anonymised basis for analytical and statistical purposes to enable us to improve our services.
Protection of your Personal Information
We take all reasonable care and apply necessary technical and organisational measures to protect your personal data. Where we employ data processors to process your data on our behalf, we ensure that the necessary contractual protections are in place. We will not sell your personal data under any circumstances. We will not transfer your personal data to any third parties unless you have specifically consented to this under our marketing terms, other than to our data processors who will be contractually bound to process your data only in accordance with our instructions and to keep your data secure. We do not ourselves transfer your personal data outside of the EU/EEA. However, certain of our data processors may do so and where this occurs, such transfer will only be to the USA and will fall under the Privacy Shield.
In accordance with the principle of minimising data retention, we will retain your personal data only for so long as is necessary for the purposes for which it was acquired, subject to legal and other relevant requirements, in accordance with our data retention policy, as follows:
- Data acquired for contractual purposes – 7 years
- Data acquired through marketing activities – 1 to 2 year
At the expiry of the relevant data protection period, personal data will be deleted or anonymised.
Your rights under the GDPR include the following:
- The right at any time to withdraw your consent to the processing of your personal data for marketing purposes. • The right to be informed of what personal data we hold, how we obtained it, who we may have shared it with and why and how long we intend to keep it.
- The right to have your personal data rectified in the event that it is inaccurate or incomplete.
- The right to request the erasure of your personal data (also called the right to be forgotten), subject to our retention policy.
- The right to restrict the processing of your personal data.
- The right to data portability (i.e. transfer of your personal data at your request to another organisation).
- The right to be informed of any automated profiling (We currently do not process your personal data in this manner).
Your rights above can be exercised free of charge by contacting us as described below. In all cases, we will need to satisfy ourselves of your identity before we can action a subject access request under the GDPR. We will usually require proof of identity such as a passport or driver’s licence. If you feel that any of your rights have been infringed, you have the right to lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk).
HOW TO CONTACT US
If you have any queries about our website or about how we process data, you can contact us as follows:
London School of Ultrasound
Address: 2nd Floor, 13 John Prince’s Street, London, W1G 0JR, UK
Email address: email@example.com
Telephone No.: +44 207 0435 161