Privacy Notice

Association of British Healthcare Industries Limited

Privacy Notice

Contents

  1. Introduction
  2. What information does ABHI process?

2.1     If you browse our Site:

2.2     If you contact us or engage with us:

2.3     If you work for one of our healthcare, life sciences or industry partners:

2.4     If we send you newsletters, insights, or other marketing material from us:

2.5     What do each of these legal reasons mean?

  1. Payment processing
  2. Who do we share your information with?
  3. Where does ABHI store your information?
  4. How does ABHI protect your information?
  5. External sites
  6. How long is your information kept for?
  7. Anonymised data
  8. What rights do you have with your personal information?
  9. Updates to this Notice
  10. How you can contact us

 

1. Introduction

We are the Association of British Healthcare Industries ("ABHI").

This is the Privacy (and Cookies) Notice ("Notice") for our services and the website hosted at www.ukhealthcarepavilion.com (the "Site") (together "we", "us", "our" and the "Services").

For the purposes of UK and EU data protection law, we are the data controller of your information, except where we explain otherwise in this Notice.

This Notice explains how we collect, manage and protect your personal information. Please read this Notice carefully.

2.           What information does ABHI process?

The personal information we collect about you will depend on whether you:

  • browse our Site,
  • contact us,
  • are one of our healthcare, life sciences or industry partners,
  • sign up to receive insights and marketing from us.

We must have a relevant legal reason, called a 'lawful basis' for each way that we use your personal information. We say what these are in each section below, and we explain what each one means here.

2.1          If you browse our Site:

If you browse our Site, we will automatically collect information from you each time you use our Site.

We will automatically collect information from you each time you use our Site. This includes:

Technical information

Technical information may include the Internet Protocol (IP) address, login information.

Information about your visit

Information about your visit may include the full Uniform Resource Locators (URL), clickstream to, through and from our Site (including date and time), services you viewed or searched for, demographic information (including age and gender), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), traceable campaign links (e.g. in emails, or via tracking URLs), methods used to browse away from the page, and any phone number used to call our customer service number or social media handle used to connect with our customer service team and our social media accounts.

Location data

Location data includes country location (based on your full or partial IP address and/or Google Analytics information) which we use to provide location services (if you ask or permit us to), so that we can deliver content, advertising or other services that are dependent on knowing where you are, like checking for fraudulent transactions.

Location data may be collected in combination with device ID, so we can recognise your mobile browser or device when you return to the Service.

Delivery of location services will involve us checking any of the following:

·              the coordinates (latitude/longitude) of your location;

·              your current country or region, by referencing your current IP address against public sources; and/or

·              your Identifier for Advertisers (IFA) code for your Apple device, or the Android ID for your Android device, or a similar device identifier.

You can opt-out of location sharing.

 

We use this automatically collected information to:

  • Understand how individuals use our Site, and how we can improve it.
  • Ensure content from our Site is presented in the most effective manner for you and for your computer / device.
  • aggregate, analyse and report on visitor analytics data.
  • provide aggregated, anonymous information analytics dashboards for healthcare, life sciences and industry partners with profiles on our site.

Legal reason(s): We do this in our legitimate interests, (where we have considered these are not overridden by your rights) or with your consent if required (e.g. to non-strictly necessary cookies).

See our Cookie Notice for more information on the use of cookies and device identifiers on the Service.

2.2          If you contact us or engage with us:

If you browse our Site, we will collect contact and communications information from you when you contact or engage with us.

Contact information includes basic contact information, including:

·              first and last name,

·              job title,

·              company name,

·              company address

·              email address,

·              country,

·              company phone number(s),

·              industry role (distributor, manufacturer, clinician, investor, other (which you may specify)),

·              content of enquiry.

Communications information includes records of any correspondence and communications if you contact us, including information you supply if you report a problem with our Site to us. This covers information we learn about you from:

·              emails,

·              calls,

·              texts, in-app messaging & other digital messaging,

·              conversations you have with us (in person or virtually).

Please do not include any personal medical or other sensitive information when submitting a form to us or otherwise getting in touch with us.

We use this contact and communications information to:

  • Put you in touch with each organisation you have ask us to share your information with.
  • Contact you if you have asked us to do so, including to respond to your questions and other messages from you, troubleshoot problems, and help with any issues you may have with our Site.
  • Provide you with any information you might request about our services (for example, our online pavilion tiers).

Legal reason(s): We do this in our legitimate interests. We may also do this to take steps to enter into any contract with you or to fulfil our obligations under any contract with you (including our Terms & Conditions).

2.3          If you work for one of our healthcare, life sciences or industry partners:

If you work for one of our healthcare, life sciences and industry partners with a profile on our Site, we will collect contact information on profile creation, and further profile information throughout the course of your organisation's membership.

Contact information includes basic contact information, including:

·              first and last name,

·              job title,

·              company name,

·              company address

·              email address,

·              log-in details & password,

·              country,

·              company phone number(s),

·              industry role (distributor, manufacturer, clinician, investor, other (which you may specify)), and

·              content of enquiry.

If you join, over the course of your membership, we will collect any further information about your company's profile and services which you may choose to provide, for example in any virtual exhibition. This may include contact information for multiple users, or information about individuals included in the information you provide to the site (e.g. photos, audio or videos of individuals, including livestreams, and brochures and other information and promotional material). Your organisation is the data controller for its own profile information. Please contact your organisation with any questions about profile content.

For information about payment information, see our payment processing section.

 

We use this contact and Company information to:

  • Put you in touch with each other organisation you ask us to share your information with.
  • Put Site visitors in touch with your organisation
  • Add you to the ABHI database.
  • Add your organisation's profile to the Site and maintain this profile.

Legal reason(s): We may also do this to take steps to enter into any contract with you or to fulfil our obligations under any contract with you (including our Terms & Conditions).

2.4          If we send you newsletters, insights, or other marketing material from us:

Contact information includes basic contact information, such as your:

·              first and last name,

·              job title,

·              company name,

·              company address

·              email address,

·              country,

·              company phone number(s),

·              industry role (distributor, manufacturer, clinician, investor,                              other (which you may specify)), and

·              content of enquiry.

Marketing preferences means our records of what information you would or would not like to receive from us, including if you have opted out of any direct marketing.

 

We use this contact and marketing preference information to:

  • Provide you with our newsletter(s), insights and other marketing material.
  • Provide you with information we think you may be interested in about our healthcare, life sciences and industries partners.
  • Contact you to ask for feedback, including through surveys and other marketing research.

Legal reason(s): In certain circumstances, we may do this in our legitimate interests (where we have considered these are not overridden by your rights).

You can opt-out of further marketing at any time by selecting the “unsubscribe” link at the end of all our promotional updates.

What do each of these legal reasons mean?

We must have a relevant legal justification, called a 'lawful basis' for each way in which we use your personal information.

Lawful bases include consent, a contract with you (as a data subject), compliance with our legal obligations and our specified legitimate interests.

●      Consent: We'll use your personal information to send you promotional or marketing content (for example, our insight updates or newsletters), if you have given us consent to us doing so, where required by law. We may also send direct marketing based on our legitimate interests (see below).

You can opt-out of further marketing at any time by selecting the “unsubscribe” link at the end of all our promotional updates and marketing to you.

We also rely on consent for some of the cookies we use (see our Cookies Notice for more detail).

●      Contract: We collect, store and process your personal information if it is necessary for performing a contract you have with us (for example, our Terms & Conditions), or where you have asked us to take specific steps before entering into that contract. This includes notifying you about changes to our Services. This does not include any agreement we may have with a company you work for or provide services to – this is based on our legitimate interests (see below).

●      Legal Obligation: We may need to process your personal information to comply with our legal obligations, including under applicable UK law, and/or any court orders. This may include compliance with know-your-client and anti-money laundering rules.

●      Legitimate interests: We may process your personal information if it is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests.

Our legitimate interests include:

o    Administering, improving and expanding our Site and services

▪   Keeping our records updated.

▪   Gaining insights on how you use our Site.

▪   Gaining your feedback and reviews,

▪   Delivering, developing and improving our services.

▪   Enhancing, customising or modifying our Site, services and communications.

▪   Implementing and improving our security measures

▪   Growing our business and informing our marketing strategy.

o    Marketing

▪   Marketing and promoting our Services to a company you work for or provide services to.

▪   measuring or understanding the effectiveness of advertising we serve to you and others and delivering relevant advertising to you (including when you visit other websites).

o    Fulfilling agreements with your organisation

▪   Complying with any agreement we may have with a company you work for or provide services to.

▪   Enforcing or applying our terms or other agreements with you or with a company you work for or provide services to.

In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests. If you would like further information about how we assess our legitimate interests, please contact us at info@ukhealthcarepavilion.com

We also use different types of cookies on our Site – we explain this in the Cookies Notice.

 

3.           Payment processing

Payments made on the Platform are made through our payment gateway provider, Stripe, Inc. ("Stripe"). You will be providing credit or debit card information directly to Stripe which operates a secure server to process payment details, encrypting your credit/debit card information and authorising payment. Information which you supply to Stripe is not within our control and is subject to Stripe's own privacy policy and terms.

4.           Who do we share your information with?

We will share your information with selected third parties if you have asked us to (for example, if you want to connect with one of our ABHI pavilion members).

We may also share your information with:

  • Any member of our company group, which means our ultimate holding company and its subsidiaries, and/or our subsidiaries who may support our processing of personal information under this Notice.
  • Our service providers, organisations who process your personal data on our behalf and in accordance with our instructions and the data protection law.
    • This includes supporting the services we offer through the Site, in particular those providing website and data hosting services, providing distributing any communications we send, supporting or updating marketing lists, facilitating feedback on our services, digital invoicing and payment processing providers who provide secure payment processing services, and providing IT support services from time to time.

These organisations (which may include third party suppliers, agents, sub-contractors and/or other companies in our group) will only use your information to the extent necessary to perform their support functions.

  • our auditors, legal advisers and other professional advisers;
  • if we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer.
  • any person to whom disclosure is necessary to enable us to protect the rights, property, or safety of ABHI, our clients, or other third parties, and to enforce our rights under this Notice or under any agreement (for example, our Terms & Conditions) with you. This includes exchanging information with other companies and organisations for the purposes of detecting and preventing fraud and cyber-crime.
  • if required to do so by court order or if we are under a duty to disclose your information in order to comply with (and/or where we believe we are under a duty to comply with) any legal obligation. This includes exchanging information with law enforcement agencies, regulators, or other similar government bodies.

5.           Where does ABHI store your information?

ABHI is based in the UK. We may transfer your personal information outside the UK / EEA:

  • in order to store it;
  • in order to enable us to provide our Services to you;
  • in order to facilitate the operation of our businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights; and
  • where we are legally required to do so.

We may transfer your personal information outside the UK / EEA, including to the organisations listed below:

Organisation

Country

Transfer safeguard

Google LLC (Google Cloud, Google Ads / Analytics)

USA

Google Cloud Standard Contractual Clauses

Google Ads Standard Contractual Clauses

The Rocket Science Group LLC d/b/a MailChimp

USA

Standard Contractual Clauses

Message Systems, Inc. (dba SparkPost)

European Economic Area ("EEA") countries

UK Adequacy recognition for EEA states

6.           How does ABHI protect your information?

All information you provide to us is stored on our servers. Our website uses secure end-to-end encryption to protect your information. All connections into our platform are secured using industry standard security and encryption.

All data we capture is stored in secured databases and data storage systems with strict access limitations. All data access requests are logged and monitored in accordance with any threat detection policies.

Unfortunately, the transmission of information via the internet is not completely secure. We do our best to protect your personal information, but we cannot guarantee the security of your data transmitted to us; any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.

7.           External sites

ABHI may, from time to time, contain links to external sites. If you follow a link to any of these websites, please note that these websites have their own privacy policies. ABHI does not accept any responsibility or liability for these policies or any content on external sites and does not necessarily endorse the views expressed within them. ABHI has no control over the availability of any of these websites. Please check each site's policies before you submit any personal information to these websites.

8.           How long is your information kept for?

We will process personal information:

  1. for as long as it is necessary for the purpose(s) for which it was originally collected, and
  2. for six years after that to identify any issues and resolve any legal proceedings.

We may retain your personal data for a longer period in the event of a complaint, if we reasonably believe there is a prospect of legal proceedings, or we are aware of pending or ongoing legal proceedings. In some circumstances, we may keep data longer if applicable law says we have to.

If you have opted to receive insights, newsletters, or other promotional material, but later decide to opt out from receiving these updates, or object to any other processing of your personal information, we may keep a record of your opt-out or objection so we can respect your preferences.

9.           Anonymised data

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you and you cannot be re-identified). This anonymised data (for example, aggregated statistics) is no longer personal data, and we may keep and use this anonymised information indefinitely without further notice to you. We use this to help us provide, develop and improve our services.

10.        What rights do you have with your personal information?

  1. to be provided with a copy of your personal information held by us;
  2. to request the correction or deletion of your personal information held by us;
  3. to request that we restrict the processing of your personal information (while we verify or investigate your concerns with this information, for example);
  4. to object to the further processing of your personal information, including the right to object to marketing;
  5. to request that your provided personal data be moved to a third party, and
  6. to withdraw consent.

If you wish to exercise any of these rights in relation to the personal information we hold about you, you can contact us at info@ukhealthcarepavilion.com  If you have any concerns, you have the right to lodge a complaint with a data protection supervisory authority.

  • The Information Commissioner's Office (ICO) is the supervisory authority in the UK and can provide further information about our rights, an organisation's obligation in relation to your personal information, as well as deal with any complaints that you may have. You can visit their website at ico.org.uk.
  • If you are outside the UK, you can find your local data protection authority here.

11.        Updates to this Notice

Any changes we make to this Notice in the future will be posted on this page.

If we make any substantive changes, we will notify you through email, or website pop-ups within our Site.

12.        How you can contact us

Questions, comments and requests regarding this Notice are welcomed. Contact us:

Address

Association of British HealthTech Industries (ABHI)

Suite 2, 4th Floor, 1 Duchess St, London, W1W 6AN

Telephone

+44 (0)20 7960 4360

Email

info@ukhealthcarepavilion.com

You may also wish to visit our Contact page.