ESC Privacy and Data Security Policy
The ESC complies with EC directives and is registered under the data protection laws in France, and takes all reasonable care to prevent any unauthorised access to your personal data. The ESC respects your privacy and is committed to safeguarding the confidentiality of your personal information. This policy explains how and why the ESC collects and uses the personal information of its members, customers and website visitors, and how the ESC protects your privacy. It also explains how you can manage your own personal information held in the ESC system through ‘My ESC’ on the ESC Web Site.
When disclosing your personal information to us by using ‘My ESC’ on our website or by completing and submitting paper or electronic forms to us, you consent to the collection, storage and processing of your personal information as stated in this policy.
The personal information that we collect from you shall be obtained, processed and transmitted in compliance with applicable data protection legislation – the European Directives 95/46 and 2002/58 and, as our offices are located in France, the French data protection law N°78-17 of January 6, 1978, amended in 2004 (hence a French version of this policy is available on request). "Personal Information" means information that relates to a living individual who can be identified from that information or from that information together with other information which is held by or is likely to be held by us.
This general policy is in addition to any specific policies concerning specific products or services. It may be amended at any time.
How the ESC collects personal information
The ESC is an association which combines a wide range of activities in the field of cardiology, including:
- Provision of Membership Services
- Collection and dissemination of scientific information
- Organisation of scientific congresses and events
- Provision of other products and services
This may require the handling of personal information of the individuals involved in these activities and hence the ESC collects personal information in a number of ways from a number of sources. This information may be communicated to the ESC on paper forms received through the postal services or by fax, or electronically through registration on the ESC Web Site and use of the ESC’s online services (‘My ESC’) or through other electronic forms made available through partner websites.
The sources of personal information received by the ESC are:
- The individuals themselves
- Third parties acting on behalf of individuals (eg an agent arranging registration or hotel accommodation for an ESC organised Congress)
- Affiliated Associations providing details of their Members (Note: Members of National Cardiology Societies and Councils for Cardiology Practice are also members of the ESC by virtue of their association’s affiliation to the ESC).
Where we receive personal information about individuals from sources other than the individuals themselves (eg for ESC membership or congress registrations), we will take all practical steps to contact the person concerned to advise of their rights to oppose the use of their data or to correct it.
The principle ways in which the ESC collects personal information are:
- When you register personal details when creating or updating a ‘My ESC’ account on the ESC Web Site
- When you, or an agent or other third party acting on your behalf, enter personal details on a form requesting an ESC product or service (eg when registering for an ESC organised Congress)
- When you, or someone on your behalf, submits proposals or content in connection with scientific sessions at an ESC organised Congress or meeting (eg Abstracts submission)
- When you enter personal details on a form applying to become a Fellow of the ESC, or Member of one of the ESC constituent bodies (such as ESC Associations and Working Groups)
- When you enter details on a specific application for an ESC Grant or other award.
What personal information is collected by the ESC
Mandatory Personal Information
As a general rule, the following minimum information must be provided in order for your order, request, application, etc. to be processed:
Nominative Information - Title, First Name(s), Family Name(s): Your nominative details are needed to properly identify you, to communicate with you, to provide you with the products and services you have requested and to ensure that items are properly labelled as yours (eg congress badges and scientific contributions such as abstracts and presentations, etc).
Full Postal Address: The Postal Address is needed when items will be sent to you by post (eg paper journals, congress badges …). Although this is not always needed in practice, the full postal address is always requested to save asking for it specifically when needed for a particular transaction and because it helps to correctly verify your identity (where other persons have the same or a similar name).
Additional personal information, which is mandatory for persons creating a ‘My ESC’ account on the ESC website is:
Date of Birth: Your date of birth is used to help us correctly identify you and avoid duplicate records and also, where specific fees or charges apply which depend on age, to determine eligibility for these fees.
Email address: Your email address is needed because it is used as part of the login information (to access your ‘My ESC’ personalised area on the ESC website) and is necessary in order to communicate with you. Additionally, because we only permit a particular email to be used once in our system, it reduces the possibility of duplicates. Finally, it permits “Forgot Password” to be handled in an automated secure way.
Emailing Preference: We ask you to advise us whether or not you wish to receive marketing emails from the ESC. This is so that we can respect your privacy as regards electronic communications, as required by European and French law.
Profile Information: We ask you for information about your Professional Activity, Place of Work, and Fields of Interest and Areas of Expertise to enable us to provide you with more relevant information, and to better understand the preferences of our audience so that we can give a better service generally.
Other Personal Information
Other information may be requested which is necessary or relevant for specific activities. The ESC carries out such a wide variety of activities that it is not practical to provide an exhaustive list, but here are some examples:
Mandatory information for specific purposes
- Credit Card information is required for anyone wishing to make payment by this method.
- Curriculum vitae, list of publications and other evidence of scientific achievement is requested to support applications for Fellowship of the ESC, Membership of certain ESC Associations and Working Groups and ESC Grants and Research Fellowships.
- Affiliation information (to an organisation) is required for all persons wishing to submit an Abstract.
- Professional status (together with proof) is requested for all persons requesting certain fees (eg specific registration fees for congresses and events)
- Detailed Financial and Position of Influence information is requested for persons required to complete ESC Declarations of Interest. (ie persons holding ESC office or representing the ESC)
- Other information is also collected in an automated manner when you use the ESC website about your computer and about your visits to and use of the ESC websites
- Telephone and Fax information - to enable us to contact you rapidly in case of need
- Subscriptions to eNews and email notifications enable you to request to receive regular ESC newsletters and email alerts on selected cardiology topics
How the ESC uses personal information
Personal information is needed by the ESC to enable it to properly manage its member and customer files. These files are used to enable the ESC to fulfill its role in providing a wide range of services to its members, contributors and customers.
The personal information which you supply may also be specifically used to:
- process an application for Fellowship or Membership to an ESC Association, Working Group or Councils.
- process an application for an ESC grant, training fellowship or other award.
- process a registration for an ESC congress, meeting, course and other event (both at a physical location or online). Congress badges, online access to courses, etc and certificates of attendance also require the nominative information supplied.
- handle attendance at a social event at an ESC congresse, meeting or other event.
- process registration(s) or hotel request(s) for another person(s) if you are acting on behalf of a third party or parties.
- handle scientific programme activities in connection with ESC congresses and meetings. These include: abstract submission and grading process, speaker and chairperson management, handling of agreement forms, preparation of the scientific programme, presentation management onsite, publication of the scientific content on the ESC website.
- process a subscription to an ESC journal (whether delivered to you in paper form or accessed online) and to handle your online access to its contents.
- handle specific processes for ESC leadership and volunteers representing the ESC, including hotel accommodation, expense claims and Declarations of Interest.
- manage access to and use of ESCeL (the ESC eLearning platform).
- manage access to restricted content on the ESC website (certain resources are only available to members of specific ESC Associations).
- enable individual communications with you about specific matters - eg sending confirmations, receipts, requesting further information to solve queries, responding to ESC Helpdesk Requests, etc and sending emails to you with information about ESC activities which we believe will be of interest to you (subject to your prior consent to receive ESC generated emails).
- send electronic newsletters and notifications (alerts) to you (where you have subscribed to receive them).
How long personal information is kept
Personal information is only kept for a reasonable period of time, dependent upon the nature of the information and its intended use, but subject to a maximum of four years after your last use of an ESC product or service.
Exceptionally, nominative information (only) is kept indefinitely for persons:
- who have had leadership positions in the ESC (ESC and ESC Constituent Bodies’ Board and Committee listings)
- who have submitted, and had accepted, or contributed to scientific content for congresses, events, journals, guidelines, etc. (The nominative information is kept to reference it and to be used with published material, and to be accessed when those materials are researched or viewed).)
If you are an ESC Member, your information will be kept in the ESC system while you continue to be a Member, even if you do not use ESC products or services during that time (also subject to a maximum of four years), unless you request us not to keep it, in which case your membership of the ESC will cease).
Electronic communication is for most purposes the ESC’s preferred method of communication because it is generally convenient, rapid, effective and efficient. In order to be able to communicate with you directly electronically, the ESC needs your email address. You are therefore required to supply your email address when you create your ‘My ESC’ account on the ESC Web Site, which enables you to access a variety of services online.
Unique Email Address
For your convenience and security, your email address is unique to you in the system. (The ESC does not permit two different persons to have the same email address in the system). You are strongly recommended to use an email address which is personal to you and that is not shared with others. This is to ensure that communications which are sent to you personally are not read by others, and that others do not gain access to the information in your ‘My ESC’ account. Additionally, the unique email permits handling of “Forgot Password”, enabling you to reset your password in an automated and secure way using your personal email address.
The ESC respects the privacy of personal email addresses and complies with the current European legislation on email communication. The objective is not to send you unwanted messages, and your email details will not be passed on to any other individual or organisation without your permission.
Without your specific ‘Opt In’ to receive emailings from the ESC you may receive emails concerning:
- Products and services similar to those you have already received from the ESC
- If you are a Member of an ESC Association or Working Group (whose benefits to Members include email newsletters, etc), activities or scientific information specifically concerning the Association or Working Group of which you are a Member
You can manage the extent to which the ESC communicates with you by using the e-News section in your ‘My ESC’ homepage. Here you are asked to indicate whether or not you wish to receive ESC generated emails.
If you decide that you do wish to receive email communications from the ESC you can select which categories of news interest you. All mailings sent to you offer the possibility to unsubscribe.
If you indicate that you do not wish to receive ESC generated emails you will only receive emails directly related to the transactions you have with the ESC (eg confirmations of registrations, etc.) and other necessary individual communications.
Disclosure of information and Marketing
The ESC does not sell, trade, or rent your personal information to others. The ESC may supply your information to its contractors to perform specific services (such as to the publishers to deliver ESC journals). Otherwise, the ESC does not disclose personal information to any other person or organisation without your consent. In this context, your personal data may be disclosed to the following external partners of the ESC in the circumstances described below:
- Congress exhibitors who scan your congress badge: If you accept to have your badge scanned when visiting an exhibiting company stand, or by a hostess at an Industry Sponsor session, your badge will enable them to retrieve the following personal data: nominative (title, first name(s), last name(s)), address (postal address and email), telephone, fax and profile information (professional activity, place of work and fields of interest).
- Agencies handling ESC managed hotel bookings: Nominative information is provided to local agencies where the ESC handles hotel bookings for a particular congress or event. (The large majority of hotel bookings are now made directly through the local agency website).
- Groups representatives and Agencies handling your congress or event registration: Where your registration is handled by someone other than yourself, your confirmations, badges or vouchers may be sent to this third party. These contain nominative details about you.
- Travel agency handling flight and hotel bookings on behalf of ESC Leadership and volunteers engaged in ESC business: Appropriate personal information is transferred to the travel agency handling these bookings
- ESC Leadership assessing ESC Fellowship and Membership applications: An application to become an ESC Fellow or a Member of certain ESC bodies (eg ESC Working Groups) requires the submission of a CV, publication list and, sometimes, other elements to support the application. This information, together with nominative information concerning the applicant, is assessed by a leading cardiologist or committee of cardiologists, prior to acceptance or refusal of the application.
- ESC Leadership assessing applications for ESC Grants, Training Fellowships or other awards: An application for an ESC Grant or other award requires the submission of appropriate career and other information to support the application. This information is made available to the committee of cardiologists responsible for assessing the applications and making the awards.
Right of access to your ESC information
You have the absolute right to access, amend, and oppose the use of, your personal data.
When you visit ‘My ESC’ you have direct control over the information in your personal profile. You can access and change this information at any time from your ‘My ESC’ homepage.
If you want to know exactly what personal information the ESC holds on you, you can obtain it. If it transpires that the information is inaccurate, or you wish to oppose its use in future, the ESC will make the necessary amendments and confirm that these have been made. Please contact the ESC in writing (accompanied by proof of identity) at:
European Society of Cardiology - Data Privacy
2035 route des Colles
06903 Sophia Antipolis Cedex
To protect your information, the ESC uses an industry standard security protocol called Secure Sockets Layer (SSL) to encrypt the transmission of sensitive information between you and our website.
SSL is used, for example, when you login or when you make a credit card payment. To know if transmissions are encrypted, look for the lock on your web browser or check that the URL starts with https://.
Cookies are pieces of information that a website transfers to your computer’s hard disk for record keeping purposes. They are small text files that a website can use to recognise repeat users and facilitate their ongoing access to, and use of, the site. They do not pose a threat to your system or files.
‘My ESC’ – Managing your contact with the ESC
Access to Personalised Services
You do not need to register to access most of the ESC Web Site, but you do have to register to use personal services online and access certain web content.
The details you supply the ESC may be combined with information from other ESC records to:
- provide you with online services like Abstract Submission, Registration for Congresses, etc.
- save you having to keep giving the same information for different ESC services
- allow you to access specific web content reserved for ‘My ESC’ users
- help you to get more out of the ESC by keeping you up to date about ESC activities, scientific developments, and products and services by email. (Note: This is an ‘Opt-In’ service only – for more information, please go to the section Email Addresses)
- Access to your personal information
‘My ESC’ enables you to manage your personal information held by the ESC. If you are a Member of the ESC, or have used ESC products and services, a record will already exist for you which you can potentially access by logging in online through:
- use of your existing login details (email and password), if you have already used the ESC online services (‘My ESC’) previously.
- the ‘Retrieve your Login’ feature which, if your email address is recognised, will send an email to the address given which will guide you through a process to set a password for yourself.
- Use of a special alternative login functionality available for limited periods