At the Association for Pharmacology in the Pharmaceutical Industry (AHPPI) we take your privacy very seriously. We will only use the personal information we collect about you if you have provided opt-in consent. We will ensure that all such information is processed fairly and lawfully, in accordance with our obligations and your rights under current UK legislation including, but not limited to, the General Data Protection Regulation (GDPR) and the Privacy and Electronic Communication Regulations (PERC) 2003.
We take appropriate security measures in relation to the sensitivity of the information we hold on you, and we will not hold your information on our systems for any longer than is necessary for us to meet the purpose of holding that information.
The following statement sets out our policies regarding the personal information which we collect through our website. For the purposes of the General Data Protection Regulation, the Data Controller is AHPPI. The following policy describes our practices in relation to data collection and use, as well as your rights as a data subject.
Information We Collect
AHPPI relies on freely given opt-in consent for collection of your personal data. We collect information about you, provided by you when you register with our website. This may include your name, email address, employer and job title. If you contact us, we may keep a record of that correspondence.
Details of your visits to our website may be automatically collected, these include: traffic data, information about the devices and platforms you access us through, location data, cookies and the resources that you access. These records may be associated with the information described in the paragraph above.
We will not collect sensitive personal information about you and we will never sell your information to a third party.
Information we use
The information collected by AHPPI is held in line with GDPR standards. We collect information with your consent and for legitimate business purposes. We use the information collected to provide and personalise our services both on-line and off-line. We do not anticipate that our purposes are likely to cause objection or complaint.
The information we collect will be used to notify subscribers when new content (such as a blog posting, news article or event) is available. Other uses may include dealing with your membership enquiries.
If, at any time, you would like to opt-out of receiving marketing and promotional material from us, you can simply email us at email@example.com, requesting us to make the appropriate changes.
Security and Retention
The information we collect is retained for as long as we consider it to be potentially useful or required for legal purposes, given we have not received any objections to retention or processing by you, the data subject. For more information about objections please read the section below discussing your data rights and unsubscribing.
We retain the personal information you provide on third-party computer servers in controlled, secure environments, which are protected from unauthorised access.
Our site may, from time to time, contain links to and from other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Information we hold may be transferred internationally during the use of our third-party processors. Transfers and retention of this data are secured by the encryption services of our third-party processors; for particulars of these, please see below.
We prefer to use third-party processors that are within the EU.
Where this is not possible, not practical or cost-prohibitive we then choose third-party providers that are based in the US and a certified to the EU-US Privacy Shield framework, a mechanism to comply with data protection requirements when transferring personal data from the European Union to the United States.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features and all reasonable efforts to prevent unauthorised access. In the event we become aware that any of our data has been subject to unauthorised access which may adversely impact you, you will be promptly notified.
Disclosure of your information
The information we collect may be shared with and processed by the named third parties as shown below. These third parties provide services to us and may process information for us. We will review the list of third parties from time to time and update it as necessary.
We reserve the right to use or disclose your personal information if required by law, or if we reasonably believe that such actions are necessary to protect our rights, your safety, or the safety of others. Your information will be shared if we are under a duty to disclose your personal data in order to comply with any legal obligation; or in order to enforce or apply our Website Terms and Conditions or Terms and Conditions of Supply and other agreements; or to protect the rights, property, or safety of AHPPI, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Third party Processors
- Jetpack: We use Jetpack to monitor website traffic and statistics. Jetpack does not identify you individually, but simply presents aggregated information about the numbers of visitors to our website at given times
- MailChimp: We use MailChimp for email distribution services and consent tracking. When users register with our website, Mailchimp acts as a repository for the details provided, including consent tracking. It further acts on AHPPI’s behalf to send certain messages based on the information users have asked to receive. When you read an email sent via Mailchimp it may be able to record the time and date you opened the email, how often you opened the email and the country location of where you were when you opened the email
- Highrise: We use Highrise as a membership database to record your contact details such as phone number, email address, membership payment details and dates. We may also record incoming and outgoing emails to you in Highrise so that we can be sure that we are responding to your enquiries effectively
- GoCardless: If you pay your membership fees via Direct Debit, this is handled via GoCardless. They track your name, address, email address, bank account details and records of payments
- SurveyMonkey: From time to time we will survey our members using SurveyMonkey. They may record your email address (if that is how the survey is being distributed)
- Eventbrite: We use Eventbrite to coordinate and manage AHPPI meetings. They track your name, address, email address, bank account details and records of payments
A cookie is a text file that a website transfers to your computer’s hard disk so that the website can remember who you are. Cookies only record those areas of a website that have been visited by your computer and for how long.
Your Rights as a Data Subject
The GDPR provides the following rights for individuals:
The GDPR provides the following rights for individuals:
- The right to be informed about the information AHPPI collects and how it is used.
- The right to request a copy of the personal information being held.
- The right to rectification of information that is inaccurate or not up to date.
- The right to have personal data erased.
- The right to restrict processing if data are not being used for legitimate purposes, users can request that the purposes are restricted.
- The right to request a copy of the data in a commonly used, machine-readable format.
- The right to object to the use of the data in certain circumstances.
- Rights in relation to automated decision making and profiling: Automated individual decision-making is a decision made by automated means without any human involvement. AHPPI does not engage in automated decision-making and data will not be used in this manner.
If you have any questions about privacy, or wish to exercise any of your rights as a data subject, please write to firstname.lastname@example.org.
Last revised 18-May-2018.