British Science Festival Privacy Information
British Science Festival is managed by the British Science Association (BSA). We take the security of your personal data and the safeguarding of your privacy seriously. The data that we collect, process and use is treated in accordance with this Privacy Information, the General Data Protection Regulation, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003. We aim to be clear how we collect and use your data and not to do anything with it that you would not reasonably expect.
British Science Festival may use your data for reasons including:
Lawful basis for processing the data
- Consent and legitimate interests
- So thatparticipants can be provided with event information.
- Some attendees are invited due to their professional position, and the data has been obtained because they would reasonably expect it through an online search.
- So that previous Festival attendees can remain a user on the booking site
- Name, Email address, accessibility requirements
How we collect the data
- Through an online search, only where the subject would reasonably expect this.
- Five years for most data. And five years since last accessed the website.
Shared with a Third Party?
- Some data may be shared with a festival partner, such as the university we work with. This will only be data for select events where the attendees are being invited due to their professional position, and the data has been obtained because they would reasonably expect it through an online search.
To keep your personal data secure, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We store your data in a secure cloud-based service which requires ‘two step authentication’ to prevent unauthorised access.
We restrict access to your personal data to only those employees and contractors who need to know that information. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information.
Transfer of your personal information outside the European Economic Area
The British Science Festival website is hosted in London, United Kingdom, by the nature of the Internet it is possible that the personal information you provide to the BSA may be transferred to countries outside the European Economic Area (EEA). For example, some of our suppliers including Stripe and Mailchimp may run their operations outside the European Economic Area (EEA). We will take steps to try to ensure that they provide an adequate level of protection in accordance with the GDPR. By submitting your personal information to us you agree to this transfer, storing or processing at a location outside the EEA (including in the United States).
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
For further information, visit www.aboutcookies.org or www.allaboutcookies.org. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
Links to third party websites
The BSA is not responsible for the privacy notices and practices of other websites even if accessed using links from our website. We recommend that you read their privacy policies and have linked to them in this privacy information where we can.
The BSA tries to meet the highest standards when collecting and using personal information and we take any complaints we receive about this very seriously.
You can make a complaint if you think our collection or use of information is inaccurate, unfair or misleading.
We also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of BSA’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
This Policy was last updated on 5/6/2018
On receipt of evidence of your identity, we can provide:
- confirmation that your data is being processed;
- access to your personal data; and
- any other supplementary information
In some cases, what will be provided may be limited if in sharing the data we would also be providing data on another individual. In these cases, we may have to ask for consent to contact the other individual for consent, edit out some of the data relating to the individual, or not share a portion of the data. If this is the case, we will communicate this with you as soon as possible and explain the reasoning behind this.
Information will be provided within one month of receipt. However, we may extend the period of compliance by a further two months where requests are complex or numerous. If this is the case, we will inform the you within one month of the receipt of the request and explain why the extension is necessary.
We will verify the identity of the person making the request, using ‘reasonable means’. If the request is made electronically, we will provide the information in a commonly used secure electronic format.
If you have any queries or concerns, please contact our Data Protection Lead:
Director of Strategy & Operations
165 Queens Gate, London, SW7 5HD
T: +44 (0)20 7019 4924