Privacy Policy

Notice

This course is administered by the company The Conference Consultancy Limited (CC). Hereunder the Organiser of the course – the University of York – has stipulated an ‘Additional Privacy Policy’ that will be its own responsibility to which CC will have no liability or connection. These additions will be separate to those of CC and the Customer may or may not agree to those at the Customer’s own risk. Any additions thereof will by no means supersede or invalidate CC's Privacy Policy, but CC will not be responsible for any result both directly or indirectly caused by the Customer’s agreement of the Organiser’s Additional Privacy Policy and/or its clause(s).

By using this website you consent to your data being collected and stored by The Conference Consultancy Limited (CC) on behalf of the University of York for the purposes of administering your participation in the course.

When you create a user account, register for a course or submit an enquiry, you will be added to a mailing list to receive information about current and future editions of the Distributional Cost-Effectiveness Analysis Course and other similar courses and events organised by University of York or CC. If you do not wish to be included on this list, please email [email protected].

University of York Privacy Policy

Data Protection

The University recognises the importance of personal privacy and ensures that all personal data is held in accordance with the General Data Protection Regulation and Data Protection Act 2018. Compliance is managed by the University's Data Protection Officer in accordance with the University's DPA policy and procedures.

Freedom of Information Act

The University is committed to the principles of freedom of information. The University's Publication Scheme is a guide to the information the University publishes. Compliance is overseen by the Information Governance Office in accordance with the University's FoIA policies and procedures.

Logs

The University maintains logs of its servers’ activities. The server log files include the IP address of each computer which accesses the University’s website. The logs are used to support essential maintenance of the site including analysing how the site is used.

Web forms

A site visitor may be asked to provide personal information when requesting a service. For example, visitors requesting a printed copy of a prospectus may be asked to complete an online form. By supplying this personal information, the visitor consents to the University storing the information for the stated purpose. The information is held by the University in accordance with the provisions of the General Data Protection Regulation and Data Protection Act 2018.

Read a copy of the University’s General Privacy Notice.

See our Data Protection Officer contact details.

Cookies on the University of York website

The Conference Consultancy Limited Privacy Policy Introduction

This website is operated by The Conference Consultancy Limited (CC) (“we”, “us” and “our” below) and CC acts as data processor on behalf of the Organiser of the course – the University of York. This statement sets out our privacy policy and explains what we do with the personal information that we collect. Please read the following to understand our views and practices regarding personal information. If you have any questions or concerns regarding this statement, you should contact us using the details given at the end of this statement.

Please note that this policy applies only to our website and the websites that we administer and not to the web sites of other organisations to which we may provide links. We are not responsible for the privacy policies or practices of such third party sites and you should make your own enquiries in respect of them.

Introduction

The Conference Consultancy Limited (CC) complies with the General Data Protection Regulation (GDPR) 2016/679 and the data protection laws in the United Kingdom, and takes all reasonable care to prevent any unauthorised access to your personal data. CC respects your privacy and is committed to safeguarding the confidentiality of your personal information. This policy explains how and why CC collects and uses the personal information of its members, customers and website visitors, and how CC protects your privacy. When disclosing your personal information to us by using a CC website or by completing and submitting electronic forms to us, you consent to the collection, storage and processing of your personal information as stated in this policy.

The personal information that we collect from you shall be obtained, processed and transmitted in compliance with applicable data protection legislation – European Regulation 2016/679 (GDPR) and, as our offices are located in the United Kingdom, the UK Data Protection Act 2018 (DPA). Per the European Regulation 2016/679 (GDPR), ‘Personal Information’ means any information relating to an identified or identifiable natural; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This general policy is in addition to any specific policies concerning specific products or services. It may be amended at any time so we invite you to visit this page regularly for updates.

How CC collects personal information

CC is an intermediary agency providing a range of administrative, consulting and delivery services to Association, academic and not-for-profit organisations and to organisations who work with these sectors. This may require the handling of personal information of the individuals involved in these activities and / or acting as a data processor ion behalf of our clients, and hence CC collects personal information in a number of ways from a number of sources. This information may be communicated to CC on paper forms received through the postal services, or electronically through registration on a CC website and use of CC’s online services or through other electronic forms made available through partner websites or electronic mailings.

The sources of personal information received by CC are:

The individuals themselves

Third parties acting on behalf of individuals (e.g. membership organisations, third party clients)

As per Article 14 of the European Regulation 2016/679, where we receive personal information about individuals from sources other than the individuals themselves (e.g. for CC’s clients), we will take all practical steps to contact the person concerned to advise of their rights.

The principal ways in which CC collects personal information are:

When you register personal details when creating or updating an ‘account’ in our event management databases or completing a contact form via the CC Website

When you, or an agent or other third party acting on your behalf, enter personal details on a form requesting a CC product or service (e.g. when registering for a CC administered event or course)

When you, or someone on your behalf, submits proposals or content in connection with scientific sessions at an event, meeting or course being administered by CC (e.g. Abstract submissions).

When you enter personal details on a form applying to become a Member or Participant of one of the Associations / organisations to whom CC are providing administrative services

When you enter details or a specific application for Awards or Grants which are being administered by CC on behalf of a third party organisation.

What personal information is collected by CC

Personal information you provide us with.

Mandatory Personal Information

As a general rule, the following minimum information must be provided in order for your order, request, application, etc. to be processed.

Nominative Information - Title, First Name(s), Family Name(s): Your nominative details are needed to properly identify you, to communicate with you, to provide you with the products and services you have requested and to ensure that items are properly labelled as yours (e.g. meeting badges and scientific contributions such as abstracts and presentations, etc).

Full Postal Address: The Postal Address is needed when items will be sent to you by post or when you purchase something generating an invoice.

Date of Birth: Your date of birth is used to help us correctly identify you and avoid duplicate records and, where specific fees or charges apply which depend on age, to determine eligibility for these fees.

Email address: Your email address is needed because it is used as part of the login information (to access your ‘Personal Account’ area of our clients’ membership, event registration or content management platforms which are being administered by CC) and is necessary in order to communicate with you and provide you with order/request confirmations. Finally, it permits ‘Reset Password’ to be handled in an automated secure way.

Additional personal information, which is mandatory for persons creating an ‘Personal Account’ on websites being administered by CC is:

Emailing Preference: We ask you to advise us whether or not you wish to receive marketing emails from ourselves or on behalf of the organisations we are providing administrative support. This is so that we can respect your privacy as regards electronic communications, as required by European and UK laws.

Profile Information: We ask you for optional information about your;

Professional Activity

Place of Work

Fields of Interest

Areas of Expertise

Social Media Links

to enable us to provide you with more relevant information and to better understand the preferences of our audience so that we can give a better service generally.

Other Personal Information

Other information may be requested which is necessary or relevant for specific activities.

Mandatory information for specific purposes

Credit Card information is required for anyone wishing to make payment by this method. You have the choice to save these details, securely, for later use or not.

Curriculum vitae, list of publications and other evidence of scientific achievement is requested to support membership applications and Grants and Research Awards being administered by CC.

Affiliation information (to an organisation) is required for all persons wishing to submit an Abstract and for Membership applications which CC is administering.

Professional status (together with proof) is requested for all persons requesting certain fees (e.g. specific registration fees), at events, meetings and courses being administered by CC.

Detailed Financial and Position of Influence disclosure information is requested for persons required for those wishing to apply for a position of office within an organisation to whom CC is providing a support service.

Optional information

Telephone - to enable us to contact you rapidly in case of need

Subscriptions to eNewsletters and email notifications enable you to request to receive regular CC newsletters and email alerts

Information we collect automatically

When you visit a CC website, information is collected in an automated manner about your computer/device, your IP address, the referring website, what pages you visit, how long you stay on them and the general use you make of the website.

When you make use of our services (purchase a subscription, registration or membership or consume an educational product), we keep track of this activity in logs.

This information is collected using various technologies which includes saving cookies to your computer or device.

During meetings, events and courses we are administering; attendees, exhibitors, guests and others may be photographed and videotaped by CC, its clients or its partners. Some of these photographs or videos may be displayed by CC or its partners in future publications, on the website or in materials connected with the event, meeting or course as well as social media. If you do not wish for your image to be displayed by CC, please step away or ask the photographer not to be photographed. Without contradictory instructions from your side, you hereby grant CC, the irrevocable rights to record and use free of charge, on a worldwide basis and for the entire duration of protection of the rights thereto, on any and all supports or forms of media, your image, voice, name, photographs, and video on which you appear for purposes related to Scientific, Educational or Promotional Purposes. You hereby release, waive and discharge CC, its employees and independent contractors from any and all demands, claims, causes of action, damages and liabilities directly or indirectly arising out of any use of your image, voice or name pursuant to the foregoing rights grant.

Place of processing

Personal data is processed at our operating offices and in any other places where the parties involved in the processing are located.

Depending on the user's location, data transfers may involve transferring the data to a country other than their own. In certain circumstances, we may transfer your personal information to countries outside the European Economic Area. This may include circumstances where we use service providers who are based outside the EEA or who use “cloud” infrastructure which means that their servers are based all over the world. Where we transfer your information to companies outside the EEA, we will make sure it’s protected in a manner that is consistent with how your information will be protected by us. This can be done in a number of different ways, for instance:

The country that we send the information to might be approved by the European Commission.

The recipient company might have signed a contract obliging them to protect your information.

The recipient is located in the US and is a certified member of the EU-US Privacy Shield scheme.

In other circumstances the law may permit us to otherwise transfer your information outside the EEA. In all cases however, we will ensure that any transfer of your information is compliant with the Data Protection Legislation.

How CC uses personal information

Personal information is needed by CC to enable it to properly manage its members and customers to fulfil its role in providing a wide range of services.

The personal information which you supply may also be specifically used to:

Set up your ‘personal account’

Provide you with an online service where you can provide/review/edit your personal information

Process an application for services on behalf of our clients

Process an application for a grant, training fellowship or other award on behalf of our clients

Process a registration for a meeting, course and other event (both at a physical location or online), prepare meeting badges, facilitate online access to courses, etc. and provide certificates of attendance on behalf of our clients, which also require the nominative information supplied

Handle attendance at a social event at a client meeting or another event being organised by CC

Process registration(s) or hotel request(s) for another person(s) if you are acting on behalf of a third party or parties

Handle scientific programme activities in connection with meetings, events and courses being administered on behalf of our clients by CC. These include abstract submission and grading process, speaker and chairperson management, handling of agreement forms, preparation of the scientific programme, presentation management onsite, publication of the scientific content on third party websites

Process a subscription to a journal (including access online) on behalf of our clients and administer your online access to its contents

Handle specific processes for client organisation leadership and volunteers representing our client organisations, including hotel accommodation, expense claims and Declarations of Interest

Manage access to and use of Learning Platforms on behalf of our clients or other third parties

Manage access to restricted content on client and third party websites (certain resources may have restricted access)

Enable individual communications with you about specific matters - e.g. sending confirmations, receipts, requesting further information to solve queries, responding to Helpdesk Requests, etc. and sending emails to you with information about our and third party activities which we believe will be of interest to you (subject to your prior consent to receive CC or client organisation generated emails)

Send electronic newsletters and notifications (alerts) to you (where you have subscribed to receive them)

The information we collect automatically is used to:

Enable us to improve our website and ensure the content is presented to you in the most optimal way. We analyse our users’ activities on the websites to deduce what works well, what needs to be improved on and what is of little value to our visitors, which allows us to focus on the main areas to ensure you have a pleasant experience on our websites.

Provide you with personalised suggestions and recommendations on our websites and e-communications customised to your usage of our website.

Promote our activities in a coherent and adequate manner.

How long personal information is kept

Your personal ‘data’ is only kept for a reasonable period of time, dependent upon the nature of the information and its intended use, but subject to a maximum of five years after your last use of a CC or client product or service.

For certain specific uses (e.g. leadership positions, award certifications, etc.), data is kept for varying amount of times according to the process involved. Should you wish to know how long your personal data will be kept for specific processes, please contact us.

For accounting purposes, invoices and expense claims are kept for 10 years in our systems.

Email addresses

Electronic communication is for most purposes CC’s preferred method of communication because it is generally convenient, rapid, effective and efficient. In order to be able to communicate with you directly electronically, CC needs your email address. You are therefore required to supply your email address when you create your ‘personal account’ on registration and event management software being administered by CC accessible via our website or third party websites being administered by us, which enables you to access a variety of services online.

Unique email address

For your convenience and security, your email address is unique to you in the system. (CC does not permit two different persons to have the same email address in the system). You are strongly recommended to use an email address which is personal to you and that is not shared with others. This is to ensure that communications which are sent to you personally are not read by others, and that others do not gain access to the information in your ‘CC’ account. Additionally, the unique email permits handling of ‘Forgot Password’, enabling you to reset your password in an automated and secure way using your personal email address.

Email privacy

CC respects the privacy of personal email addresses and complies with the current European legislation on email communication. The objective is not to send you unwanted messages, and your email details will not be passed on to any other individual or organisation without your permission for marketing purposes.

You can manage the extent to which CC communicates with you by communicating your Privacy and Data Protection preferences to us. If you decide that you do not wish to receive email communications from CC, you can select to opt out of marketing communications. All mailings sent to you offer the possibility to unsubscribe.

If you indicate that you do not wish to receive CC generated emails, you will only receive emails directly related to the transactions you have with our clients which are being administered by CC (e.g. confirmations of registrations, etc.) and other necessary individual communications required to fulfil our contractual obligations.

Disclosure of information to third parties

CC does not sell, trade, or rent your personal information to others. CC may supply your information to its contractors to perform specific services such as, for example, to the publishers who arrange access journals, the mobile app suppliers who supply guidelines, recommendations and meeting applications, CRM service providers (e.g. EventsAir), email service providers (e.g. Microsoft 365), banking and merchant partners, and others.

Otherwise, CC does not disclose personal information to any other person or organisation without your consent. In this context, your personal data may be disclosed to the following external partners of CC in the circumstances described below:

Meeting exhibitors, at events being administered by CC, who scan your meeting badge: If you accept to have your badge scanned when visiting an exhibiting company stand, or by a hostess at an Industry Sponsor session, your badge will enable them to retrieve the following personal data: nominative (title, first name(s), last name(s)), address (postal address and email), telephone, fax and profile information (professional activity, place of work and fields of interest).

Agencies handling hotel bookings, for events or courses which CC are administrating: Nominative information is provided to local agencies where CC offers a hotel booking service for a particular meeting, event or course.

Groups representatives and Agencies handling your meeting, event or course registration: Where your participation is being handled by someone other than yourself, your confirmations, badges or vouchers may be sent to this third party. These contain nominative details about you.

List of third parties and purposes of processing

Handling payments

Payment processing services enable CC websites to process payments by credit card, bank transfer or other means. To ensure greater security, the website shares only the information necessary to execute the transaction with the financial intermediaries handling the transaction. Some of these services may also enable the sending of timed messages to the user, such as emails containing invoices or notifications concerning the payment.

STRIPE (STRIPE INC) Stripe is a payment service provided by Stripe Inc.

PAYPAL Paypal is a payment service provided by Paypal Holdings Inc.

Hosting and backend infrastructure

This type of service has the purpose of hosting data and files that enable CC websites to run and be distributed as well as to provide a ready-made infrastructure to run specific features or parts of the website. Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the personal data is stored.

THINKIFIC LABS INC. is a hosting and backend service provider. More information regarding their data collection and privacy policy can be found at https://www.thinkific.com/privacy-policy/

MICROSOFT365 is an email service provided by Microsoft Corporation.

Webinar platforms

ZOOM.US Zoom.us is a webinar provider and is one of the available options for delivering online content within CC online streaming solutions.

VIMEO is a company providing online video hosting, sharing and related services through CC websites.

User database management

This type of service allows CC to build user profiles by starting from an email address, a personal name, or other information that the user provides, as well as to track user activities through analytics features. This personal data may also be matched with publicly available information about the user (such as social networks' profiles) and used to build private profiles that CC can display and use for improving its websites.

Some of these services may also enable the sending of timed messages to the user, such as emails based on specific actions performed on the website.

EVENTS AIR is a registration and communications software company headquartered in Eight Mile Plains, QLD, AUSTRALIA. It is used to facilitate registration, surveying and participant data storage, as well as communication support via email.

We may also supply your personal information to government bodies and law enforcement agencies but only: if we are required to do so by the requirements of any applicable law; if in our good faith judgement, such action is reasonably necessary to comply with legal process; to respond to any legal claims or actions; or to protect the rights of CC, its customers and the public.

Right of access to, rectification and/or erasure of your Personal information

In accordance with the section 2 of the chapter 3 of the European Regulation 2016/679 with regards to data protection, you have the right to request from CC, access to and rectification or erasure of your personal data or restriction of processing concerning your data or to object to processing as well as the right to data portability.

For such, please contact (together with a proof of identity):

Data Privacy at CC by email [email protected]

You have the right to lodge a complaint with a supervisory authority, and for information, CC has appointed a Data Protection Officer that you can reached at [email protected].

Note that an opposition or deletion request once treated will not delete all trace of financial transactions which need to be kept, for accounting purposes, for a duration of 10 years.

Data security

Unfortunately, no company or service can guarantee complete security. Your account is protected by a password for your privacy and security. We strongly suggest you prevent unauthorized access to your account by selecting and protecting an appropriate password and limiting the access to your computer and devices.

Please note that CC will never ask you for your personal details, password or credit card details by email. We advise you to be vigilant and apply caution.

Payment collection

Payment collection is made securely through our clients’ banking partners such as, Stripe or Paypal accounts, a Payment Card Industry Data Security Standard (PCI-DSS) certified organizations. PCI-DSS is an information security standard that has been created by the major credit card companies (American Express, Discover, JCB, MasterCard and Visa) to improve controls around credit card data handling and to reduce fraud.

In order to be certified, providers undergo regular assessments by external parties: Penetration testing, vulnerability assessment and audit by an external Qualified Security Assessor (QSA).

If you have requested to save your payment details, only the credit card type, last 4 digits and expiration dates are stored in our CRM. The full details are only kept by Stripe or Paypal, our financial partners, on their secure servers.

Use of cookies and other tracking technologies

Cookies are pieces of information that a website transfers to your computer’s hard disk for record keeping purposes. They are small text files that a website can use to recognise repeat users and facilitate their ongoing access to, and use of, the site. They do not pose a threat to your system or files.

Our websites do work without cookies, but you will lose some features and functionality if you choose to disable cookies. In particular, if you do choose to disable cookies, you will not be able to enjoy the full range of online services available through our line event management and membership platforms or client data platforms being administered by CC. We also use clear gifs in our email marketing communications which is used to track the emails that are opened by the recipients. This information allows us to have accurate reports and improve the effectiveness of our marketing and make our services and websites better for you.

Finally, we utilise web analysis services to better understand your use of our websites and services. These services collect information such as what pages you visit, how long you stay on them and where you came from before visiting that page. This information is used to examine the use of the Websites as well as potentially your actions to contextualise and personalise some of our content to your personal interests.

External links

CC’s websites my contain links to other websites. Please be aware that CC is not responsible for the privacy policies of other sites. You are therefore encouraged to read the privacy policies of any other site that collects personally identifiable information. This privacy policy applies solely to information collected by CC.