Who we are
Our website address is: https://www.issad.org.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
ISSAD Conference Privacy Notice
ISSAD.org, is a data controller for the purposes of the Data Protection Act 1998 and the General Data Protection Regulation (GDPR). The conference undertakes to treat your personal data in accordance with these data privacy laws.
This privacy notice together with our Data Protection Policy, guidance, and any additional documents referred to within them, explains how we process your personal data. Please read this notice carefully. If you have any questions in relation to the processing of your personal data, please contact firstname.lastname@example.org.
This privacy notice applies to attendees of events at ISSAD Conference, as well as those who express an interest in attending our event, whether by providing details online, by email, post, or telephone, or at the conference. We will keep your details in respect of events and other activities that you have indicated that you are interested in, for example, a specific network, research centre, project, disease, or country.
The conference must process and retain certain personal data relating to you, to be able to provide this information.
How we obtain data about you
We receive data relating to you when you provide it to us by web interface (including third party services such as Eventbrite, Mail chimp, Microsoft Forms, WordPress, Sessionize), email, paper forms, by telephone, or in person at one of our events.
What Personal Data we process about you
- We may collect and process the following categories of data about you:
- Personal details such as name and title;
- Contact information such as addresses, telephone numbers, and personal email addresses;
- Job title and organisation;
- Your range of interests
We may also collect, store, and use the following “special categories” of more sensitive personal information:
- Demographic data, for example, to help us meet diversity aims;
- Dietary requirements;
- Country of residence;
- Your likeness for security purposes, whilst on our event premises;
- Your image in photos of the event for use in internal and external communications and marketing;
- Access requirements.
Purposes of Processing
The conference processes these personal data about you so that it can provide you with event experiences and related information where you have told us you would like to receive these from us. We may occasionally provide you with further information that we believe is related to the information you have indicated you would like to receive from us. We may also occasionally offer you options to receive further types of information from us.
Legal Basis for Processing Your Personal Data
Under the new data protection law starting in May 2018, we have several lawful reasons for using (or “processing”) people’s personal information. One of the lawful reasons is called “legitimate interests”.
Broadly speaking “legitimate interests” means that we can process your personal information if:
- we have a genuine and legitimate reason; and
- we are not harming any of your rights and interests
This means that when you provide your personal details to us, we use your information for our legitimate business interests to carry out our work raising awareness of our work in the specific area you have indicated an interest in. Before doing this, we will also carefully consider and balance any potential impact on you and your rights.
Some typical examples of when we might use the approach are for continuing to make you aware of events, enhancing, modifying or improving our services, and determining the effectiveness of our work. We also have a legitimate interest in keeping visitors, staff, and students safe on our event premises.
We believe that people who share our values would love to know how to support us. We will process the personal information you have supplied to us to conduct and manage our business to enable us to give you the most appropriate marketing, information, service, and products and provide the best and most secure experience. These are what we consider to be our “legitimate Interests”.
Occasionally, we may need to process your data based on your consent. If this happens, we will seek your consent to process your data for that purpose. We will explain to you how you can withdraw your consent at the time of you giving it. If you do withdraw consent, this will not affect the lawfulness of processing based on your consent before your withdrawal.
The following are some examples of when and why we would use this approach in our work:
Booking online: For us to process a booking, contact information must be collected.
Events: We will use your personal data for the smooth organisation and running of our events.
Direct Mail: We may send postal and email communications relating to the event(s) you wish to attend, and/or which further the aims and objectives of the Conference. We will also make sure our marketing is relevant for you, tailored to your interests.
Campaigns: Where you have expressed an interest in our campaigns, including fundraising, we may contact you by post, email and/or telephone, based on any preferences you have indicated to us.
Personalisation: Where the processing enables us to enhance, modify, personalise, or otherwise improve our services/communications for the benefit of our supporters.
Analytics: To process your personal information for the purposes of analysis, assessment, profiling, and direct marketing, on a personalised or aggregated basis, to help us with our activities and to provide you with the most relevant information if this does not harm any of your rights.
Research: To determine the effectiveness of campaigns and marketing, and to develop our services, systems, and relationships with you.
We will also hold information about you so that we can respect your preferences for being contacted by us.
When we process your personal information for our legitimate interests, we will consider and balance any potential impact on you and your rights under data protection and any other relevant law. Our legitimate business interests do not automatically override your interests –we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Remember, you can change the way you hear from us or withdraw your permission for us to process your personal details at any time by using our contact information in each email we send to you.
Transfers of personal data outside the EEA
Occasionally we partner with service providers and/or international organisations to plan and deliver conferences and other events overseas. If these events are directly relevant to the interests you have expressed in our work, we may share your information with such a partner, for the sole and specific purpose of that event.
When we share your personal data with a partner in this way, we may do so using cloud computing solutions, and/or we may transfer your personal data to a recipient outside of the European Economic Area. Where we do this, and the recipient is in a country which the European Commission has decided does not have adequate data protection laws, we will make sure that appropriate safeguards are in place to protect your information and your rights under privacy law.
Retention of your personal data
We will hold your personal data for the time specified in our data retention schedules, or if there is no such time specified, for a reasonable time. This may mean that we retain your information indefinitely, until you tell us you no longer wish to receive the information, or until the area of the Conference’s work you are interested in ends. We will aim to keep your contact information up-to-date and if we become aware that it is out of date and cannot be updated, we may at that time delete your data. We may contact you for time to time to confirm your continued interest in our work.
Contact details for queries
If you want further information about how your personal information is used or want to correct, restrict, or erase personal details, please consult email@example.com