SDRM - Privacy Policy
1. INTRODUCTION
1.1 This privacy policy (Privacy Policy) sets out the ways in which we, SDRM, The International Society for the Development of Research on Magnesium may collect and use your personal data (your personal information) in connection with our business. It also explains what rights you have to access or change your personal data.
1.2 In this Privacy Policy:
Account means a registered account that enables you to make contribution as membership with access to reserved area (including access to meeting slides, videos, pictures)
Contribution means any submissions, edits, information or data (in any form) you make available via your Account including uploading of abstracts and supporting documents for Event or other applications, and posts, documents or videos uploaded to the SDRM Network;
Events means events that are determined by SDRM, including the SDRM Congress and initiatives or approved by SDRM managed on behalf of SDRM and using a SDRMCONGRESS.ORG for registration (i.e. events for which SDRM collects and uses personal information and is acting as a data controller for personal information).
It excludes other events that may be in receipt of SDRM funding, such as certain events operated by OTHER Societies; if you are attending such an event you should refer to the privacy policy of the relevant Society.
Platforms means websites, desktop and mobile applications owned or operated by SDRM or by a third-party data processor under the instruction of SDRM including:
https://www.sdrmsociety.org/home.html
https://www.sdrmsociety.org/events.html
https://www.sdrmsociety.org/membership_reg.html
https://www.sdrmsociety.org/reserved-area/
https://www.sdrmsociety.org/scientific_societies.html
https://www.sdrmsociety.org/contacts.html
you and your means a person visiting the Platforms, registering for an Account with us or using services on the Platforms as well as if you are registering for an Event, or otherwise interacting with us and using our services outside of the Platforms in any way.
1.3 Our Platforms are not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 18. If you are under the age of 18, please do not access our Platforms at any time or in any manner. We will take appropriate steps to delete the personal information of persons under the age of 18.
2. ABOUT US
SDRM PRESIDENT
Prof. Federica I. Wolf
Istituto di Patologia generale
Facoltà di Medicina “A. Gemelli”
Università Cattolica del Sacro Cuore
Largo F. Vito, 1
00168 – Roma
president@sdrmsociety.org
federica.wolf@unicatt.it
SDRM VICE-PRESIDENT
Prof. André Mazur
INRA – Unité de Nutrition Humaine
Centre de Recherche de Clermont-Ferrand / Theix
63122 St. Genes-Champanelle
63122 – St. Genes-Champanelle (France)
andre.mazur@inra.fr
SDRM TREASURER
Dr. Edmond Rock
INRA – Unité de Nutrition Humaine
Centre de Recherche de Clermont-Ferrand / Theix
63122 St. Genes-Champanelle
63122 – St. Genes-Champanelle (France)
edmond.rock@inra.fr
SDRM ORGANIZING SECRETARIAT
Nathalie Spinelli
FREELANCE EVENT ORGANIZER
Phone (+33) (6) 52.35.89.91
sdrm@sdrmsociety.org
sdrmsociety@gmail.com
2.1 We are an Association (law of 1/7/1901), named SDRM ASSOCIATION 1901 Société Pour le Dévelopment des Recherches sur le Magnesium SDRM Address: 10 Rue des Pervenches 63800 Cournon-d’Auvergne – France SIRET: W751033661
2.2 If you have any queries about this Privacy Policy or how we use your personal data, please contact us using the following details:
SDRM ORGANIZING SECRETARIAT
Nathalie Spinelli
Address: 10 Rue des Pervenches
63800 Cournon-d’Auvergne
sdrm@sdrmsociety.org
sdrmsociety@gmail.com
2.3 For all other queries about our Platforms, including technical questions about website functionality, and payment, registration and abstract matters for events, please use the contact form on the relevant part of the Platform.
3. INFORMATION WE MAY COLLECT ABOUT YOU
2.1 We are an Association (law of 1/7/1901), named SDRM ASSOCIATION 1901 Société Pour le Dévelopment des Recherches sur le Magnesium SDRM Address: 10 Rue des Pervenches 63800 Cournon-d’Auvergne – France SIRET: W751033661
3.1 Information that you provide to us
3.1.1 We will collect any information that you provide to us when you:
(a) make an enquiry, provide feedback or make a complaint over the phone, by email or on our Platforms;
(b) submit correspondence to us by post, email or via our Platforms;
(c) register for or are provided with an Account;
(d) provide us with your details by post, email or over the phone;
(e) update your profile and other Account details;
(f) submit, edit or review a Contribution via your Account during our Events;
(g) apply/register to and/or attend our Events;
(h) complete any forms provided to you at our Events;
(i) submit application details for consideration for SDRM patronage or grants to support Event organization;
(j) subscribe to our newsletter or mailing lists;
(k) fill in a form, respond to surveys
3.1.2 The information you provide to us will include (depending on the circumstances):
(a) Identity and contact data: title, names, addresses, email address, phone number, age or date of birth, gender and nationality;
(b) Account profile data: depending on the Platform upon which you are registering for an Account, you may also provide a username, password, job title/position, affiliations, ORCID identifier and research interests and/or position, or similar such information.
(c) Event and funding application information: if you are applying to attend Events, then we will also collect information to enable your application to be assessed. Such information will, depending on the Event, include your academic and work history (or CV), references, bank and invoicing details travel documents, and any other such similar details as may be required;
(d) Survey data: from time to time we might ask if you would be willing to participate in our surveys; if you agree, we will also collect any information that you provide as part of that survey;
3.2 Information we collect about you
3.1.1 We will collect any information that you provide to us when you:
3.2.1 Information contained in correspondence: we will collect any information contained in any correspondence between us. For example, if you contact us using a contact form via the Platforms or by email or telephone, we may keep a record of that correspondence;
3.2.2 Information transmitted via the Platforms: we will collect information that you upload or post to your Account and/or any correspondence or interactions that you may have with other Account holders via our Platforms;
3.2.3 Platform usage and technical data: we will also collect certain information about how you use the Platforms and the device that you use to access the Platforms even where you have not created an account or logged in. This might include your geographical location, device information (such as your hardware model, mobile network information, unique device identifiers), the data transmitted by your browser (such as your IP address, date and type of the request, content of the request regarding the specific site, time zone settings, access status/HTTP status code, volume of data transmitted, browser type and version, language settings, time zone settings referral source, length of visit to the Platforms, date and time of the request, operating system and interface), number of page views, the search queries you make on the Platforms and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies.
3.3 Sensitive Personal Information
3.3.1 If you register to attend an Event you may provide information about your dietary requirements, health or a disability. Any information you provide in this way will solely be used for the purpose of making reasonable adjustments for your circumstances and on the basis of your explicit consent. You may withdraw your consent to our processing this data about you at any time.
3.4 Information we receive from third parties
3.4.1 In certain circumstances, we will receive information about you from third parties. For example:
(a) Verification services: we may use third-party providers to verify information provided by you via your Account, including via any Contributions. For example, we may use MEDLINE, Scopus and/or any other third-party databases or websites to confirm your CV or publication history;
(b) Referring organisations or contacts: we may receive information about you from third parties that are referring you to SDRM. For example, if you are the co-author or institutional contact of a submitting author, the submitting author will be required to provide us with information about you, or a colleague or institutional contact may be required to provide us with information about you if they are registering for an Account or Event on your behalf or if they are providing your details as their referee. If you are the referring party, you warrant that you have obtained the necessary consent to share this information with us;
(c) Service providers: we may collect personal information from our website developers, app developer, IT support provider (who may be based inside or outside the EU) and our publishing service providers and Event organizers who will process article processing charges and registration charges;
(d) Website security: we will collect information from our website security service partners who are based inside the EU, about any misuse to the website, for instance, the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful; and
3.4.2 We might also receive information about you from third parties if you have indicated to such third party that you would like them to share such information.
4. HOW WE USE INFORMATION ABOUT YOU
4.1 We will use your information for the following purposes either on the basis of:
4.1.2 your consent (where we request it);
4.1.3 where we need to comply with a legal or regulatory obligation; or
4.1.4 our legitimate interests or those of a third party (see paragraph 4.3 below).
4.2 We use your information for the following purposes:
4.2.1 To provide access to our Platforms: to provide you with access to the Platforms in a convenient and optimal manner.
4.2.2 To register your Account: to provide you with details about your Account
4.2.3 To enable you to make and manage Contributions: to enable the uploading of abstracts and supporting documents for Event applications, and posts, documents or videos uploaded to the SDRM Network.
4.2.4 To administer Events: to enable receipt, review and processing of Event applications/registrations and Event submissions such as abstracts and to manage other services for attendance at an Event (sharing your information with selected third parties such as SDRM Congress organizers as required), as well as to manage applications, review and awarding of Event funding (including for Event participation support schemes and Event organization grants) and to make payments in respect of awarded funding (on the basis of performing our contract with you and our legitimate interests in the smooth running of our Events);
4.2.5 To administer SDRM Fellowships, prizes and other SDRM funding: to enable receipt and review of applications, to make payments in respect of awarded Fellowships and other funding, and monitor awarded Fellowships (on the basis of performing our contract with you and our legitimate interests in managing our Fellowships, prizes and other funding programs);
4.2.6 Relationship management: to manage our relationship with you, and asking you to leave a review or take a survey (on the basis of performing our contract with you, to comply with our legal obligations and on the basis of our legitimate interests to keep our records updated and study how our Platforms and services are used);
4.2.7 Marketing: to keep in contact with you about SDRM news, SDRM Network, Events, new Platform features or services that we believe may interest you, provided that we have the requisite permission to do so, and sharing your information with our marketing services provider in the case of the SDRM e-newsletter (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so);
4.2.8 User and customer support: to provide customer service and support (on the basis of our contract with you or on the basis of our legitimate interests to provide you with customer service), deal with enquiries or complaints about the Platforms and services and share your information with our website developers, IT support provider, payment services provider as necessary to provide customer support (on the basis of our legitimate interest in providing access to our services to our Platforms users and to comply with our legal obligations);
4.2.9 Suggestions and recommendations: to share your information with selected third parties, to enable them to contact you with information about things that may interest (only where you give us your consent to do so);
4.2.10 Social media interactions: to interact with users on social media platforms including Facebook, Twitter, Linkedin for example responding to comments and messages, posting, ‘retweeting’ and ‘liking’ posts (on the basis of our legitimate interest in promoting SDRM and our services and communicating with interested individuals);
4.2.11 Analytics: to use data analytics to improve our Platforms, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our Platforms and services, to keep our Platforms updated and relevant, to develop our business and to inform our marketing strategy);
4.2.12 Research: to carry out aggregated and anonymized research about general engagement with our Platforms (on the basis of our legitimate interest in providing the right kinds of services to our Platform users);
4.2.13 Fraud and unlawful activity detection: to protect, investigate and deter against fraudulent, unauthorized or illegal activity, including identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so); and
4.2.14 Compliance with policies, procedures and laws: to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).
4.2.13 Fraud and unlawful activity detection: to protect, investigate and deter against fraudulent, unauthorized or illegal activity, including identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so); and
4.2.13 Fraud and unlawful activity detection: to protect, investigate and deter against fraudulent, unauthorized or illegal activity, including identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so); and
4.3 As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we refer to using your information on the basis of our “legitimate interests”, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in:
4.3.1 personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you;
4.3.2 to provide you with marketing communications where we may lawfully do so;
4.3.3 promoting SDRM and our services and communicating with interested individuals;
4.3.4 detecting and preventing fraud and operating a safe and lawful business;
4.3.5 improving security and optimization of our platforms and services.
4.3.3 promoting SDRM and our services and communicating with interested individuals;
4.4 Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” below.
5. WHO WE MIGHT SHARE YOUR INFORMATION WITH
5.1 In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties such as:
5.1.1 Our service providers: service providers we work with to deliver our business, who are acting as our data processors and provide us with:
(a) Platform development and hosting services such as those provided by ARUBA S.p.A., Via San Clemente, 53 – 24036 Ponte San Pietro (BG), P.IVA 01573850516
(b) Graphic-Design, services provided by Paola Cucchiarini, Via delle Felciare, 17/F – 00065 Fiano Romano (Roma) Cell: 338.8553918 – paolacucchiarini@gmail.com
(c) IT, system administration and security services provided by Mirco Baldassarri IT-AL Consulenze alle Imprese – Cell: 335.5319096 – Tel: 075.9073870 – Fax: 075.5099817 – mail address: info@it-al.it – website: www.it-al.it
(d) Event organizers, who also process registration payments, and may be based outside of the EEA depending on where the Event is held;
(e) publishing services (including processing article processing charges) currently provided by John Libbey Eurotext (France)
(f) social media services including Facebook, Twitter and Linkedin
(g) banking services based in Europe and in the USA
(h) legal, accountancy, auditing and insurance services and other professional advisers based in France
(i) recruitment service providers
5.1.2 Affiliates: selected third parties that we work with, where necessary for the purposes of delivering and organizing our Events (including publishing your name in delegate lists in booklets, apps or other event platforms, unless you ask for this to be removed) and collecting payments for the Events;
5.1.3 Account users: other Account holders, where required for the purpose of enabling communication between Account holders;
5.1.4 Regulators and governmental bodies: HM Revenue & Customs, regulators, governmental bodies and other authorities acting as processors or joint controllers based in France who require reporting of processing activities in certain circumstances;
5.1.5 Marketing parties: any selected third party that you consent to our sharing your information with for marketing purposes;
5.1.6 Prospective sellers and buyers of our business: any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets; and
5.1.7 Other third parties (including professional advisers): any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) based in France and from time to time legal advisers based outside France who work with those firms based in France. Where this is necessary, it is to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees (collaborators/partners) or where such disclosure may be permitted or required by law.
5.1.7 Other third parties (including professional advisers): any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) based in France and from time to time legal advisers based outside France who work with those firms based in France. Where this is necessary, it is to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees (collaborators/partners) or where such disclosure may be permitted or required by law.
5.2 We require third parties to maintain appropriate security to protect your information from unauthorized access or processing.
6. COOKIES
6.1 We use cookies to ensure that you get the most out of our Platforms. Cookies are small amounts of information in the form of text files which we store on the device you use to access the Platforms. Cookies allow us to monitor your use of the software and simplify your use of the Platforms. For example, a temporary cookie is also used to keep track of your “session”. Without that temporary cookie (which is not stored after you quit your browser) you would have to log on every time you access a new page.
6.2 If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all the functions of the Platforms.
6.3 The names of the cookies used by the Platforms and the purposes for which these cookies are used are set out in the Cookies information for each Platform at the following locations:
Name of platform | SDRM website | SDRM Congress website |
Platform url | SDRM website https://www.sdrmsociety.org | www.sdrmsociety.org/events.html |
Cookie Policy | www.sdrmsociety.org/cookies/ | Example http://magnesiuminneuroscience2018.org/ |
6.4 Our Platforms may contain content and links to other websites that are operated by third parties that may also operate cookies. We don’t control these third-party websites or cookies and this Privacy Policy does not apply to them. Please consult the terms and conditions and privacy policy of the relevant third-party websites to find out how that website collects and uses your information and to establish whether and for what purpose they use cookies.
7. HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
7.1 We use appropriate technological and operational security measures to protect your information against any unauthorized access to or unlawful use, such as:
7.1.1 ensuring the physical security of our offices, warehouses or other sites;
7.1.2 ensuring physical and digital security when using our equipment and devices including appropriate password protection and encryption;
7.1.3 maintaining a data protection policy for, and delivering data protection training to, our employees; and
7.1.4 limiting access to your personal information to those in our company or our Affiliates (as defined in 5.1.2) who need to use it in the course of their work.
7.2 We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. We maintain a suppression list of email addresses of individuals who no longer wish to be contacted by us. So that we can comply with their wishes we must store this information permanently.
7.3 For further information or a copy of our data retention policy please contact us via the details set out at the top of this Privacy Policy.
8. HELP KEEP YOUR INFORMATION SAFE
8.1 You can also play a part in keeping your information safe by:
8.1.1 keeping your login and password confidential and avoiding sharing these details with others;
8.1.2 making sure you log out of our Platforms each time you have finished using them. This is particularly important when using a shared computer;
8.1.3 letting us know if you know or suspect that your account has been compromised, or if someone has accessed your account without your permission;
8.1.4 keeping your devices protected by using the latest version of your operating system and maintaining any necessary anti-virus software;
8.1.5 being vigilant to any fraudulent emails that may appear to be from us.
9. INTERNATIONAL TRANSFERS OF YOUR INFORMATION
9.1 SDRM is an organization based in France but with operations across the EEA and the USA.
9.2 We also engage third parties and affiliates around the world to assist us in providing our Platforms, Events and other services to you.
9.3 In circumstances where your information may be processed outside of France or European Economic Area (EEA) or USA by third parties who are acting as our data processors, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:
(a) We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries;
(b) Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, European Commission: Model contracts for the transfer of personal data to third countries; and
(c) Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
9.4 Please contact us using the contact details at the top of this Privacy Policy if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
10. YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU
10.1 You have certain rights in respect of the information that we hold about you, including:
10.1.1 the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Policy;
10.1.2 the right to ask us not to process your personal data for marketing purposes;
10.1.3 the right to request access to the information that we hold about you;
10.1.4 the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
10.1.5 the right to withdraw your consent for our use of your information in reliance of your consent (refer to section 4 above to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Policy;
10.1.6 the right to object to our using your information on the basis of our legitimate interests (refer to section 4 above to see when we are relying on our legitimate interests) (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
10.1.7 the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly used, machine readable format, in certain circumstances;
10.1.8 in certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you;
10.2 How to exercise your rights
10.2.1 You may exercise your rights above by contacting us using the details at the top of this Privacy Policy, or in the case of preventing processing for marketing activities also by checking certain boxes on forms that we use to collect your data to tell us whether you do or do not want to be involved in marketing or by updating your marketing preferences via your Account with us.
10.2.2 Please note that we may need to retain certain information for our own record-keeping and research purposes. We may also need to send you service-related communications relating to your Account even when you have requested not to receive marketing communications.
10.3 What we need from you to process your requests
10.3.1 We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
11. SHARING DATA DIRECTLY WITH THIRD PARTIES
11.1 You might end up providing personal information directly to third parties as a consequence of your interactions with our Platforms and other services offered by us. For example, you may attend an Event hosted by us where you communicate personal information directly with other attendees or exhibitors. We are not responsible for how such third parties use personal data provided by you.
11.2 Please be responsible with personal information of others when using our Platforms and the services available on it. We are not responsible for your misuse of personal information, or for the direct relationship between you and others when it takes place outside of the Platforms or our services.
12. THIRD-PARTY LINKS
12.1 The Platforms may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Platforms, we encourage you to read the privacy notice of every website you visit.
13. CHANGES TO THIS PRIVACY POLICY
13.1 We may make changes to this Privacy Policy from time to time. We will post any changes to our site, or notify you of any material changes by issuing a post on home page on the SDRM website.
13.2 It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your profile Account information or contacting us via the contact details at the top of this Privacy Policy.
This Privacy Policy was updated on 25 May 2018.