BES may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 1st May 2018.
General Data Protection Regulation (GDPR)
The GDPR came into force in May 2018 and requires that we provide you with the following information.
The GDPR requires us to state the lawful basis for the processing activity that we perform. Membership of the BES provides an implicit contract between the member and the BES: the BES provides membership services for which the member pays a subscription. If you are booking an event, the BES is running an event and the member wishes to attend it. The personal information is required to allow the BES to provide these services.
The GDPR requires that we provide you with the identity of the ‘Data Controller’, who determines the purposes and means of processing personal data. For the BES, the data controller is the Council of the British Endodontic Society who can be contacted via the Chief Operations Officer. See the Council Officers page. To contact, use the link on the Contacts page.
The ‘Processor’ is responsible for processing personal data on behalf of a controller. For the BES this is the Chief Operations Officer. We want you to feel secure when using the website and associated services. Below we give an overview of how we do that.
What we collect and how long we store this information
BES collects information when:
- You are (or join as) a member of the society. In this case, we collect your name, qualifications, job title, your primary address, your email address, and various pieces of professional information. The information that is stored is always available for a member to alter and correct using a private member’s page on the website.
- Members can also optionally add additional information which can be displayed on the ‘Directory of Members’ and ‘Find a BES Member’ pages.
You are booking a place at an event run by the BES. In this case we collect your name, address and email address.
- You are using a contact form, where we ask for your name, email and/or phone number. This information is stored briefly while it is converted into an email message which is then sent.
- For accounting reasons, we will hold your personal information for 7 years after you cease to be a member or after the last event you attended. This also means that CPD information for events you have attended will be available for that period.
What we do with the information we gather
For members, we require the information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping
- To provide you with privileged access to certain parts of the website. For example, to allow you to maintain your membership information and see what we hold about you.
- To maintain our membership of the ESE
- To provide you with special member rates for our events. Payments for events are handled by Worldpay, and we do not store any credit/debit card information. The Worldpay forms are preloaded with the information we hold for you to prevent you having to enter it again. The BES is not responsible for information stored on the Worldpay servers.
- To provide you with full access to the International Endodontic Journal without requiring login access or accounts on the Wiley website.
- We may periodically send emails which contain news and information about the society and its events. We send a monthly emailed newsletter. You can always opt out from receiving these emails by visiting the Update your membership profile page on the website.
- From time to time, the President and/or Honorary Secretary, acting on behalf of the Council of the British Endodontic Society may agree to the supply of mailing labels to third parties within the European Economic Area who wish to circulate information pertaining to dentistry to members of the Society resident within the European Economic Area. These labels are only provided after the information to be circulated has been reviewed by the President and/or Honorary Secretary. The addresses provided are the members’ contact addresses as stored on the membership database.
- We do not sell the members’ information. We will share it only with our authorised Data Processors, who must act at all times on our instructions as the Data Controller under the General Data Protection Regulation.
If you do not wish to receive postal information from third parties, would you please notify the Chief Operations Officer as the Data Processor.
For users booking places at events, we need the information to:
- allow us to process your booking
- notify you in the case of any changes
- provide you with the ability to return after the event and obtain a CPD certificate.
We use Google Analytics to measure and improve the performance and content of the site and to determine what is or is not regularly visited.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
See our page on this topic.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.