Privacy Policy

Our website address is: https://sedric.org.uk.

What personal data we collect and why we collect it

Comments

This policy is effective from August 14, 2019.

Wellcome is committed to safeguarding your personal information in accordance with data protection law. This Statement explains how, and on what legal basis, we collect, store, and use personal information about you in relation to The Surveillance and Epidemiology of Drug-Resistant Infections Consortium (SEDRIC), (“we”, “us”)  and is committed to protecting and respecting your privacy. This Privacy Notice (together with any other documents referred to in this document) sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our general business activities and communication.

SEDRIC is a part of Wellcome and we are committed to safeguarding your privacy.

This privacy policy relates to how Wellcome processes collects, stores and publishes your information in relation to SEDRIC. For further information on how Wellcome generally handles your personal data, view Wellcome’s Privacy Policy here.

The Wellcome Trust Limited is a charitable company limited by guarantee incorporated in England and Wales (company number 2711000) (as trustee of the Wellcome Trust (a registered charity with number 210183)) (“Wellcome”).

Wellcome is the “data controller” of your personal information. This means that we are responsible for deciding how we hold and use personal information about you.

If you wish to contact us in relation to this Statement, you can do so by contacting our Data Protection Officer using the following details:

Data Protection Officer

Wellcome Trust

215 Euston Road

London NW1 2BE

United Kingdom

dataprotection@wellcome.ac.uk

Further information on data protection law can be found here: https://ico.org.uk/for-the-public

Your Rights

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Under the General Data Protection Regulation you have a number of important rights. In summary, those include rights to:

  • access to your personal data and to certain other supplementary information that this Privacy Notice is already designed to address
  • require us to correct any mistakes in your information which we hold
  • request the erasure of personal data concerning you in certain situations
  • request access to the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
  • object at any time to processing of personal data concerning you for direct marketing
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  • object in certain other situations to our continued processing of your personal data
  • otherwise restrict our processing of your personal data in certain circumstances
  • claim compensation for damages caused by our breach of any data protection laws.

Your Personal Information

Information we collect from you

We will collect and store some or all of the following types of information from you when signing up to receive our newsletter:

  • Email address
  • Your name

When submitting a membership application and when you are a member we will collect and store  the above information as well as the following information:

  • Your name and title
  • Your current and previous job titles
  • Current and previous places of employment
  • Your areas of expertise and scientific interest

We will be doing so where you have contacted us to become a member of SEDRIC in accordance with SEDRIC’s terms of reference.

With your consent gathered during membership application we will publicise some of that information on the SEDRIC website so that others working in the area can contact you on matters pertaining to the surveillance and epidemiology of drug-resistant infections. Information that will be shown on the website:

  • Your name and title
  • Your email address
  • Your current and previous job titles
  • Current and previous places of employment
  • Your areas of expertise and scientific interest

Should you not wish to publicise this information you can request this, or otherwise withdraw your consent, at any time and for any reason by emailing SEDRIC@wellcome.ac.uk.

If you contact us, we may keep a record of that correspondence.

Should you wish to withdraw your information from our systems at any time and for any reason you can do so by emailing SEDRIC@wellcome.ac.uk

Information we collect from other sources

We do not collect information from other sources. The only information we collect has been provided by yourself.

Lawful basis for processing

Our processing of personal data with regard to assessing your membership application and processing your details in relation to your membership is on the basis of the legitimate interests of membership community development, such as connecting members with others working in the field to share expertise and sharing opportunities for members to get involved with SEDRIC’s work, invitation to take part in surveys pertaining to your work on surveillance and epidemiology or an enquiry to hear more on your fields of expertise and work.

The lawful basis on which we process personal data in relation to sending you newsletters or event invitations, or where we want to publish your personal information is consent. Consent will be collected when you submit a membership application or otherwise sign up to receive a SEDRIC newsletter and can be withdrawn at any time by emailing SEDRIC@wellcome.ac.uk or dataprotection@wellcome.ac.uk

The relevant excerpts from the General Data Protection Regulation are below:

Article 6(1)

a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

 (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Purposes of data collection and storage

We use information held about you to contact you for business related communications with your consent. These may include:

  • SEDRIC updates and newsletters
  • Event invitations

 Should you wish not to be contacted for any of these you can request this for any reason and at any time by emailing SEDRIC@wellcome.ac.uk.

In terms of assessing your membership application and processing your membership with regard to the terms of reference will include:

  • Invitation to take part in SEDRIC’s work
  • Invitation to take part in surveys pertaining to your work on surveillance and epidemiology
  • Enquiry to hear more on your fields of expertise and work.

How we store your personal data

Security

We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to view it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through any online means, therefore any transmission remains at your own risk.

Where we share your personal data

In addition to where you consent to your personal data being publicized, Wellcome may share your personal data with the SEDRIC Board [insert hyperlink] as constituted from time to time in relation to your membership of SEDRIC.

Where we store your personal data

Your personal data will be stored in the EU and the US (dotdigital and WPEngine) and take reasonable measures to ensure the security of our data processing suppliers.

In particular, your data may be accessible to i) our suppliers’ staff in the USA or ii) may be stored by our suppliers hosting service provider on servers in the USA as well as in the EU. A Data Processor Agreement has been signed between our suppliers and its overseas group companies, and between the supplier and each of its data processors. These data processor agreements are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data. In addition, WPEngine data processor located in the USA and is covered by the EU-US Privacy Shield accreditation which ensures a higher level of protection for Europeans’ personal data.

How long we keep your personal data

We will retain your data for up to 2 years, after our most recent communication.

Your personal information will be deleted on one of the following occurrences:

  • deletion of your personal information by your request or
  • at the end of the retention period, unless otherwise stated by yourself.

For further information on your rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

  • contact us using our Contact details below,
  • let us have enough information to identify you,
  • let us have proof of your identity and address, and
  • let us know the information to which your request relates.

Contact

All questions, comments and requests regarding this Privacy Notice should be sent via to SEDRIC@wellcome.ac.uk or dataprotection@wellcome.ac.uk by post, FAO SEDRIC Secretariat, Wellcome, 215 Euston Road, London, NW1 2BE.

How to complain

We hope that we can resolve any query or concern you raise about our use of your information, please email SEDRIC@wellcome.ac.uk or dataprotection@wellcome.ac.uk

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at http://ico.org.uk/concerns/ or telephone: 0303 123 1113.