This privacy notice describes how STARS protects and makes use of the information given by its event delegates. This policy is updated from time to time. This privacy notice was updated on: 1st May 2018
STARS gathers and uses certain data in order to provide relevant information and store key data with regards their event delegates. They also collect data to better understand how visitors use their website and to present timely, relevant information to them.
WHAT DATA WE GATHER ON OUR EVENT DELEGATES
We collect the following information from our event delegates:
Name and Job Title
Contact information including postal, e-mail addresses and telephone number
Event registration information
Please note that credit card information may be provided during online registration. Stripe is used for the processing of these payments and no credit card information is held by STARS. Manual credit card payments may be taken from time to time and any card details are destroyed immediately after the event.
HOW WE USE OUR EVENT DELEGATES’ DATA
Collecting this data helps us send information about any events an individual may be attending and future events, which may be of interest to them. Event delegates are asked to consent to receive information about future events. Specifically, we may use data:
For our own internal records
To contact you in response to a specific enquiry
To send you updated information about an event you are registered to attend
To send you information about future STARS events, which may be of interest to you
CONTROLLING INFORMATION ABOUT YOU
As a delegate attending an event run by STARS, you will be asked, when appropriate, to:
Opt-in to have your name and hospital name printed on the delegate list
Opt-in to receive information about future events run by STARS
If you have agreed that we can use your information in this way, you can change your mind by contacting STARS at email@example.com
STARS does not release your details to any organisation or external body unless we have your permission. Any personal information we hold about you is stored and processed under our data protection policy, in line with the Data Protection Act 1998 and the General Data Protection Regulation 2018.
SUBJECT ACCESS REQUESTS
You have the right to request a copy of the data we hold about you free of charge (excessive requests by an individual for this information may attract a small admin fee). You also have the right to be forgotten if you no longer wish us to hold information about you. Information about how to make a request is as follows:
Please contact the Data Manager by e-mail at firstname.lastname@example.org
Requests should be titled, “Subject Access Request” and should be accompanied by proof of ID and an outline of the nature of your request i.e. are there specific documents you wish to access or are you requesting a general search of our records. Requests will be complied with within one month.
STARS will cease to communicate with any delegate unless they have expressed otherwise. For attendees at STARS events, electronic data is retained for the purpose of identifying proof of event attendance and, if consent has been obtained, for contacting individuals about future events.
We will always hold your information securely. To prevent unauthorised disclosure or access to your information, we have implemented strong physical and electronic security safeguards. We also follow stringent procedures to ensure we work with all personal data in line with the Data Protection Act 1998 and the General Data Protection Regulation 2018.
STARS has put in place the appropriate procedures to ensure personal data breaches are detected, reported and investigated effectively. STARS has mechanisms in place to assess and then report relevant breaches to the ICO where the individual is likely to suffer some form of damage (e.g. through identity theft or confidentiality breach). There are also appropriate mechanisms in place to notify affected individuals where the breach is likely to result in a high risk to their rights and freedoms. Any wilful disregard or intentional breach of the Data Protection Policy by data processors (and identified data controllers in their own right) acting on STARS’s behalf under contract shall be regarded as a breach of contract and treated as such.