GPDF Limited (“we” / “our” / “us” / “GPDF”) takes your privacy very seriously and is committed to protecting and respecting your privacy.
This Privacy Policy together with our Cookies Policy and any other documents referred to in them, sets out the basis on which any personal information we collect about you, or that you provide to us, and otherwise interacting with us, will be processed.
Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it.
ABOUT US
The GPDF Limited is a company limited by guarantee, incorporated in England with company number 1508388 and registered office address at c/o Penningtons Manches Cooper LLP, 125 Wood Street, London, EC2V 7AW.
We are the data controller in respect of your personal information. This means that we are responsible for deciding how we hold and use personal information about you.
Our purpose is to provide financial support to general practitioners (“GPs”) who are involved in professional medical policy work and discussions with Governments over a range of topics that effect GPs and their practices.
WHO DOES THIS POLICY APPLY TO?
This Privacy Policy applies to anyone working with or for us including, but not limited to members, officers, employees, or others representing or working for Local Medical Committees, the UK and National Conferences of Representatives of LMCs and the BMA’s General Practitioners Committees (UK and National) (“you” / “your”).
By providing your personal information you are accepting the practices described in this Privacy Policy.
DATA WE COLLECT FROM AND ABOUT YOU
We will collect the following information:
Information you give us.
You may give us information about you:
• when you enquire to use our services;
• when you complete certain forms, including to enable us to process expenses and honoraria claims for you, in person, in writing or by corresponding with us by phone, email or otherwise;
• when you sign up for, or ask us to send you, newsletters, invitations to conferences and events, training sessions and presentations or other marketing information;
• if you browse or use our website at https://www.gpdf.org.uk/; or
• if you contact or correspond with us (for example, by post, phone, e-mail, in person or otherwise) for any other reason.
The information you give us may include your:
• name;
• date of birth;
• age;
• personal address;
• address of GP practice;
• email address(es);
• phone number and mobile telephone number;
• gender;
• LMC affiliation;
• Consortium affiliation;
• LMC role, remit or office held;
• bank account details;
• directorships and other positions held; and
• expenses and details of events attended that are hosted or supported by the GPDF.
You may also provide us with information about other people such as next of kin, related parties and nominated beneficiaries of any services/benefits that we provide. Please draw those individuals’ attention to this privacy policy prior to sharing such information.
We hope you will provide us with this information. However, if you do not want to disclose your personal information to us, please be aware that without it, in some cases, we will not be able to provide you with the service you have requested.
Information we collect about you.
We may collect the following information about you:
• technical information, for example, the type of device (and its unique device identifier) you use to access our website, the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, mobile network information and platform; and
• information about your visit to our website including the full Uniform Resource Locators (“URL”) clickstream to, through and from our website (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number;
Our website also places cookies on your terminal equipment (please see our Cookies Policy for more information about this).
Information provided by third parties.
• We work closely with third parties (including, for example, the British Medical Association (“BMA”), Government bodies such as HMRC, your GP practice, sub-contractors in support, payment and delivery services, and may receive information about you from them;
• we may communicate with LMCs directly in order to process expense claims and associated information relating to attendance at events that the GPDF hosts or supports.
USES MADE OF THE INFORMATION
We will use personal information held about you in the following ways:
• to carry out our obligations arising from any terms and conditions or agreements entered into between you and us and to provide you with the information and the services that you request from us and to notify you about changes to our services;
• to provide you with the rights, benefits, and entitlements, and other conditions as applicable under the relationship between you and us;
• to administer any valid claim payments for expenses or honoraria;
• for communication purposes, including: (i) to send you invitations to events, training sessions, conferences and lectures; and (ii) to send you newsletters and other information about the GPDF and relevant updates;
• to communicate notices to you of the Annual General Meetings of the GPDF;
• to organise or assist with the organisation and administration of events (including the annual Conference of Representatives of LMCs);
• to deal with any enquiries, correspondence, concerns or complaints you have raised;
• to ensure that content from our site is presented in the most effective manner for you and for your computer;
• to comply with our legal obligations including filing of corporate returns, to comply with applicable audit rules and to respond to requests and legal demands from regulators or other authorities; and
• to support legal claims where an eligible practitioner has successfully applied for discretionary funding from the GPDF.
• to gather your views and opinions on matters related to General Practice, LMCs and GPDF and associated issues. This may be conducted by an independent market research organisation on our behalf in line with GDPR and Market Research Society code of conduct. Should this be the case please refer to their privacy policy.
MARKETING
If, from time to time, we wish to send you information by email about events, training sessions, conferences, lectures and relevant updates, then we will only do so if you have confirmed to us that you wish to receive such communications.
We will ask whether you would like us to send you this information when you become a member of the GPDF.
If you change your mind and do not want us to use your personal information in this way, please contact us by sending an email to doo@gpdf.org.uk.
We will not provide your personal information to any other third party businesses for marketing purposes.
DISCLOSURE OF YOUR PERSONAL DATA
We do not sell, rent or trade your personal information.
We may give access to your personal information, and allow its processing in order to support us in the performance of the activities listed above under “Uses made of the information
You acknowledge that we may share your personal information, and allow its processing, within a strictly defined scope and purpose to the following categories of selected third parties:
• our third-party service providers, agents and subcontractors for the performance of any arrangement we enter into with them. This includes amongst others: the BMA of BMA House, Tavistock Square, London WC1H 9JP, our payment services providers, auditors and other advisers.
We may also disclose your personal information to third parties:
• in the event that we sell, buy or in other way transfer any business or assets, in which case we may disclose your personal information to the prospective seller, buyer or acquirer of such business or assets;
• if our company or substantially all of its assets are acquired by a third party, in which case personal information held by it about its customers will be one of the transferred assets; and
• if we are under a duty to disclose or share your personal information in order to comply with any legal obligation or in order to enforce or apply our policies and/or terms of use and/or other applicable agreements or to protect our rights, property, or safety of our members, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
WHERE WE STORE YOUR PERSONAL DATA
We will only process and store your personal information in the EEA.
SECURITY
All information you provide to us is stored securely. We will use technical and organisational measures to protect your personal information against loss and to safeguard against access by unauthorised persons.
RETAINING PERSONAL DATA
We will retain the personal information we receive or collect about you for the period reasonably required for us to use it in accordance with this Privacy Policy or in accordance with our legal rights and obligations. We may need to retain some of your personal information for 6 years after you stop using our services, for legal reasons, for example, in case you make a complaint. Non-personal information can be stored indefinitely.
Unless we inform you otherwise (or you request that we erase your personal information), we will retain your personal information on record for as long as you continue to use our services and thereafter only for as long as we are legally required to do so including in connection with legal proceedings.
YOUR RIGHTS
You have the following rights with regard to your personal information:
• Marketing. Further to the section headed “Marketing”, you have the right to ask us not to process your personal information for marketing purposes.
• Access. You have the right to obtain confirmation as to whether or not your personal information is being processed, and, if it is, request access to that personal information. We will need you to prove your identity before we release any personal information to you.
• Rectification or erasure. You have the right to request that we rectify or delete any personal information that we hold about you (unless we have the legal right to retain it).
• Restriction. You also have the right to restrict us from processing your personal information if the data is inaccurate, the processing is unlawful or we no longer need your personal information for the purposes of the processing.
• Change of preferences. You can change your data processing preferences at any time using the details provided below or clicking the relevant link in any communication you receive.
• Complaints. Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to doo@gpdf.org.uk. If for any reason you are not happy with the way that we have handled your personal information, please contact us at doo@gpdf.org.uk. If you are still not happy, you have the right to make a complaint to the UK Information Commissioner’s Office.
• Data portability. In some circumstances, you have the right to request a copy of the personal information we hold about you, in a structured, electronic format, and to transmit such data to another organisation.
• Retention. We do retain personal information to comply with law, prevent fraud, resolve disputes, assist with any investigations, and take other actions otherwise permitted by law.
Please note that if you ask us to stop processing your personal information in a certain way or erase your personal information, and this type of processing or data is needed for us to provide you with certain services, you may not be able to use those services as you did before. This does not include your right to object to direct marketing, which can be exercised at any time without restriction.
If you would like to exercise any of the rights mentioned above, please contact us by emailing us at doo@gpdf.org.uk.
You can always change your mind about our processing of your personal information. If you change your mind you can contact us by email at doo@gpdf.org.uk, or if you no longer wish to receive communications and invitations from us, you can unsubscribe by using the unsubscribe link at the bottom of those marketing messages. If you choose to unsubscribe, we will cease to send you such communications and invitations.
CHANGES TO OUR PRIVACY POLICY
Any changes we may make to our Privacy Policy in the future will be posted on our website. They will be effective as of the publication date.
Publication date: August 2018
MORE ABOUT THE PERSONAL DATA WE COLLECT AND WHY
1. To administer the GPDF’s activities and to carry out our obligations arising from any terms or agreements entered into between you and us and to provide you with the information and services that you request from us, including to administer any valid payment claims for expenses or honoraria;
a. what information do we collect?
• name;
• date of birth;
• age;
• personal address
• address of GP practice;
• email address(es);
• phone number and mobile telephone number;
• gender;
• attendance records from the BMA; and
• LMC affiliation;
• bank account details;
• directorships and other positions held; and
• expenses and details of events attended that are hosted or supported by the GPDF.
b. what is the legal basis for collecting this information?
• we process your information with your consent;
• we process your information when we need to do this to fulfil a
contract with you;
• we process your information where we are required to do this by law (for example, where it is necessary to retain it in connection with potential litigation); or
• we process your information when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. For example, we have a legitimate interest in delivering the requested services and information relating to changes to the services.
c. what is the source of this information?
• you provide this information to us (either directly or via your LMC) when you when you complete certain forms, including to enable us to process expenses and honoraria claims, in person, in writing or by corresponding with us by phone, email or otherwise.
2. To provide you with the rights, benefits, and entitlements, and other conditions as applicable under the contractual relationship between you and us.
a. what information do we collect?
• name;
• date of birth;
• age;
• personal address
• address of GP practice;
• email address;
• phone number and mobile telephone number;
• gender;
• attendance records from the BMA; and
• bank account details.
b. what is the legal basis for collecting this information?
• we process your information when we need to do this to fulfil a contract with you to provide you with our services.
c. what is the source of this information?
• you provide this information to us when you when you complete certain forms, including to enable us to process expenses and honoraria claims, in person, in writing or by corresponding with us by phone, email or otherwise.
3. For communication purposes, including: (i) to send you invitations to events, training sessions, conferences and lectures; and (ii) to send you newsletters and other information about the GPDF and relevant updates.
a. what information do we collect?
• name; and
• email address(es).
b. what is the legal basis for collecting this information?
• we process your information when it is in our legitimate interests to do this when these interests are not overridden by your data protection rights and the law entitles us to do this.
c. what is the source of this information?
• you provide this information to us when you complete certain forms, including to enable us to process expenses and honoraria claims, in person, in writing or by corresponding with us by phone, email or otherwise.
4. To comply with our obligations under regulations applicable to our cooperation with you, such as to communicate notices of Annual General Meetings of the GPDF.
a. what information do we collect?
• name; and
• email address(es).
b. what is the legal basis for collecting this information?
• we process your information where we are required to do this by law.
c. what is the source of this information?
• when you complete certain forms in person, in writing or by corresponding with us by phone, email or otherwise.
MORE INFORMATION ABOUT YOUR CHOICES IN RESPECT OF OUR USE OF YOUR PERSONAL DATA
You have the right to access, rectify, block, complete and delete your personal information, and to restrict its use. You also have the right to request further information about the processing of your personal information.
In certain circumstances, you also have the right to object to the processing of your personal information by us.
You can exercise the above rights by contacting us using the details provided above at any time. All requests will be dealt with at the earliest opportunity and any delay will be kept to a minimum.
There are exceptions to these rights; for example, access may be refused if it would reveal personal information about another person or if we are prevented from disclosing such information by law.
You also have the right to make a complaint to the Information Commissioner’s Office or to seek a remedy through the courts if you believe that your rights have been breached.
When we ask you to supply us with information we will make it clear whether the information we are asking for must be supplied so that we can provide the services to you, or whether the supply of any information we ask for is optional.
MORE INFORMATION ABOUT OUR RETENTION OF YOUR PERSONAL DATA
We will keep hold of your personal information for as long as you would like us to provide you with our services or longer if required to keep in connection with legal proceedings.
MORE INFORMATION ABOUT WITH WHOM WE SHARE YOUR PERSONAL DATA
Like many businesses, we share information with other companies to perform certain business-related functions, such as accountancy firms, customer support services providers and other service providers. The companies we contract with and share your information with are set out in the section headed “Disclosure of your Personal Data”. When we do, we may share with them information that they require to perform their specific functions. Suppliers to us that have access to your personal information are required to keep the data confidential, maintain appropriate security and are not permitted to use the data for any purpose other than to carry out the services they are performing for us.