About the Royal College of Physicians of Edinburgh

The Royal College of Physicians of Edinburgh (the College) helps qualified doctors to pursue their careers in specialist (internal) medicine through medical examinations, education and training. We also provide resources and information to support and facilitate professional development for physicians throughout their careers. Our building, located in Edinburgh, is a popular venue for conferences, meetings, exams, training, weddings and other celebratory events.

Data Privacy

We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

The data we collect

We may collect the following information in the course of your use of this website

  • anonymised site usage data including demographic information such as location, preferences and interests
  • contact information including email address through completion of our contact form
  • order and deliver information using the memento ordering site section
  • application data required for Student & Foundation, Associate or Collegiate membership from those using our on-line membership application forms
  • any other information you supply to us through entering them into the site

We use this information to assist with making improvement so our website and a range of College services, so provide assistance where requested and to fulfil membership applications.

 

Additional information for Fellows & Members

Our lawful basis for obtaining and using your data

Article 6 of the EU GDPR Regulations concerns the “Lawfulness of Processing” and the following three definitions provide the College’s legal bases for processing data in relation to the College:

6(1) (b) – Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract

 

When you apply and renew your membership you are entering into a membership servicing contract with us. In order to perform this contract we need to process and store your data. For example, we may need to contact you by email or telephone to verify your information or if there are problems with your payment.

 

6(1) (f) – Necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject

 

For the duration of your membership, the Royal College of Physicians of Edinburgh has a genuine and legitimate reason to take forward the College’s objectives of ensuring that patients receive the highest standards of care by providing members with lifelong education and training opportunities for their continued professional development. In doing this we will collect and process additional personal information for purposes that are required for these legitimate interests, and also in the interest of improving the membership services we provide. We will only do this if there is no overriding prejudice to you by using your personal information in this way. 

 

6(1) (a) – Consent of the data subject

Any other personal data we collect based on consent will only be used for the stated purpose and not be shared with third parties except where we have specified this may happen.

 

 

The data we collect

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

The information we ask for is used to maintain a record of you as a member, and in some cases also as an office bearer, and to maintain up-to-date contact information.

The information we will process includes:

  • Contact details – home and professional
  • Exam results with related communications and correspondence
  • Continuous Professional Development records
  • Fellowship proposal information
  • Place of work, role, specialty and interest
  • Communication preferences
  • Subscription fee payment requests

You may also be asked to provide equal opportunities information, so we can promote equality and diversity. This is not mandatory information – if you don’t provide it, it will not affect your status with the College. This information will not be made available to anyone outside of the College in a way which can identify you. Any information you do provide will be used only to produce and monitor equal opportunities statistics.

 

What we do with your data

We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this, we use data that we have stored about you, such as your specialty and interest, the events you have registered for in the recent past, as well as any preferences you may have told us about, to personalise the communications you receive and the on-line services you use. 

We use our legitimate organisational interest as the legal basis for promotional communications by post and email. In the case of postal mailings, you may object to receiving these at any time using the contact details at the end of this policy. In the case of email, we will give you an opportunity to opt out of receiving College promotions and newsletters or to choose which you would like to receive through setting your College email communication preferences. You can alternatively use the contact details at the end of this policy to request changes to the way we stay in touch by email. 

We may also contact you about our work by telephone however we will always get explicit consent from you before doing this. Please bear in mind that this does not apply to telephone calls that we may need to make to you related to your membership subscription, to respond to your requests for assistance or where we are having difficulty contacting you by email. 

In additional to promotional communications, we also process personal information in the following ways that are within our legitimate organisational interests:

  • We may analyse data we hold about you to ensure that the content and timing of communications we send you are as relevant to you as possible. 
  • In order to improve our website we may analyse information about how you use it and the content and ads that you interact with. You may also see promotions from us on social media that are tailored to your interests. 
  • For the purposes of ensuring membership records are up to date we may check details on databases used by the Federation of Royal Colleges of Physicians in the UK, the GMC etc.
  • We may analyse data we hold about you in order to identify and prevent fraud. 

Any credit/debit card data user to pay for your subscription is not stored on our website but is processed securely through the WorldPay Payment Gateway. If you use credit or debit card to make a payment in person by telephone or by postal mail, we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).

When we share your data

Your membership data will not be shared with any external third party other than:

  • Where the College has your express consent to do so,
  • Where the College has a legal obligation,
  • Where there is a Royal College intercollegiate data sharing agreement approved by Council
  • We may share your data with our own service providers who process data on our behalf and on our instructions, such as with providers of print services or postal mailing services. In these cases we make every effort to ensure that these third parties comply strictly with our instructions and with relevant data protection laws.

How long we keep your data

We store your personal information for the duration of your membership. We will retain your data in entirety for a period after your subscription ends and a subset of this data thereafter.

We will keep any records relating to financial transactions for a period of seven years.

How you can access your data

To make an informal request for any personal information we may hold you should in touch with our Membership team at the contact details provided below.

Additionally Fellows & Members can find out which personal information we hold by making a ‘subject access request’ under the GDPR. Where we hold information about you we will provide:

  • A description of what we hold.
  • An overview of why we are holding it.
  • Details of who it could be disclosed to.
  • A copy of the information in a suitable format within 30 days.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

 

Additional information relevant to applicants for membership, MTI or employment with the College

Our lawful basis for obtaining and using your data

Article 6 of the EU GDPR Regulations concerns the “Lawfulness of Processing” and the following three definitions provide the College’s legal bases for processing data in relation to the College:

6(1) (b) – Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract

 

When you submit your application to us you are entering into a servicing contract with us. In order to perform this contract we need to process and store your data. For example, we may need to contact you by email or telephone to verify your information or if there are problems with your payment.

 

6(1) (a) – Consent of the data subject

Any other personal data we collect based on consent will only be used for the stated purpose and not be shared with third parties except where we have specified this may happen.

 

The data we collect

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

The information we ask for is used for the application process and to updatd contact information where you are already a member or client in some other capacity. The information we will process includes:

  • Contact details – home and professional
  • Other details to support your:
    • membership application
    • MTI application
    • job application

You may also be asked to provide equal opportunities information, so we can promote equality and diversity. This is not mandatory information – if you don’t provide it, it will not affect your application with the College. This information will not be made available to anyone outside of the College in a way which can identify you. Any information you do provide will be used only to produce and monitor equal opportunities statistics.

What we do with your data

Your data will be used for the purposes of processing your application and any additional information about the use of your data will be given with the application form. If you agreed to receiving promotional communications from us it will be used for these purposes.

Any credit/debit card data user to pay for your application is not stored on our website but is processed securely through the WorldPay Payment Gateway. If you use credit or debit card to make a payment in person by telephone or by postal mail, we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).

When we share your data

Your application data will not be shared with any external third party other than:

  • Where the College has your express consent to do so,
  • Where the College has a legal obligation,
  • Where there is a Royal College intercollegiate data sharing agreement approved by Council
  • We may be required to share your data with our own service providers who process data on our behalf and on our instructions, such as with providers of print services or postal mailing services. In these cases we make every effort to ensure that these third parties comply strictly with our instructions and with relevant data protection laws.

How long we keep your data

We store your personal information for the duration of the application process. Succesful applicant data will be transferred to the relevant internal system. We will retain applications for unsuccessful applicants for a period that allows for re-submission of applications

We will keep any records relating to financial transactions for a period of seven years.

How you can access your data

To make an informal request for any personal information we may hold you should in touch with our Membership team at the contact details provided below.

Additionally Fellows & Members can find out which personal information we hold by making a ‘subject access request’ under the GDPR. Where we hold information about you we will provide:

  • A description of what we hold.
  • An overview of why we are holding it.
  • Details of who it could be disclosed to.
  • A copy of the information in a suitable format within 30 days.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

 

Security

We continue to implement appropriate measures to ensure your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect and hold online.

Controlling our use of your personal information

You have a choice about whether or not you wish to receive information from us.  If you are a current Fellow & Member, client or customer our communications to you will be to support your use of the range of College services that are relevant to your relationship with us. If we have your permission we may promote other College services that may be of interest. If you do not want to receive this type of promotional communication from us then you can select your choices by ticking the relevant boxes on those forms on which we collect your information.

You may choose to restrict our use of your personal information for promotionalcommunications in the following ways:

  • whenever you are asked to fill in a form on the website you will be asked to indicate whether you do or do not want your personal information used for direct marketing purposes
  • if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time:
    • write to us at Membership, Royal College of Physicians of Edinburgh, 9 Queen Street, Edinburgh EH2 1JQ
    • email us at webmaster@rcpe.ac.uk
    • members can update their preferences within the secure membership area
    • if you receive marketing emails from us you will always be able to unsubscribe using the link at the bottom of the email

We will not distribute your personal information to third parties unless we have your permission or are required by law to do so.

You may get further assistance with our use of your data by contacting our Data Protection Officer. You can also request details of personal information which we hold about you under your rights within GDPR by requesting this from our Data Protection Officer. To do this write to:

Data Protection Officer, Royal College of Physicians of Edinburgh, 9 Queen Street, Edinburgh EH2 1JQ.

or email dpo@rcpe.ac.uk .

For information on your individual rights in relation to the General Data Protection Regulation (GDPR) please see: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Cookies & Links to Other Websites

This website uses cookies to monitor browsing preferences We do not provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.

How we use cookies

A cookie is a small file which asks permission to be placed into the memory or storage area of the device you are using when browsing a website. The cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual allowing modern websites to provide a more personalised experience.

We use cookies for these purposes and use logged site usage data for anonymised statistical website usage analysis purposes.

Overall, cookies help us provide you with a better website. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

We user the following cookies


RCPE Site cookies

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Name

Purpose

Expires

has_js

Registers whether or not the user has activated JavaScript in the browser.

Session

Twitter cookies

Cookies set by twitter to discover how people are using their services and to make them work better.

https://help.twitter.com/en/rules-and-policies/twitter-cookies

Name

Purpose

Expires

lang

Remembers the user's selected language version of a website

Session

i/jot

Pixel, a small amount of code placed by twitter to track interaction with web content.

Session

i/jot/syndication

Pixel, a small amount of code placed by twitter to track interaction with web content.

Session

r/collect

Pixel, a small amount of code placed by twitter to track interaction with web content.

Session

Google Analytics cookies

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

https://policies.google.com/technologies/cookies

Name

Purpose

Expires

__utm.gif

Google Analytics Tracking Code that logs details about the visitor's browser and computer.

Session

__utma

Collects data on the number of times a user has visited the website as well as dates for the first and most recent visit. Used by Google Analytics.

2 years

__utmb

Registers a timestamp with the exact time of when the user accessed the website. Used by Google Analytics to calculate the duration of a website visit.

Session

__utmc

Registers a timestamp with the exact time of when the user leaves the website. Used by Google Analytics to calculate the duration of a website visit.

Session

__utmt

Used to throttle the speed of requests to the server.

Session

__utmz

Collects data on w h ere the user came from, what search engine was Used, what link was clicked and what search term was Used. Used by Google Analytics.

6 months

SiteImprove cookies

Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

https://siteimprove.com/en/privacy/cookie-notice/

Name

Purpose

Expires

heat.aspx

Used to determine where a user clicks on the screen.

Session

nmstat

Used to determine if the user has visited the website previously.

999 days

siteimproveses

Used to register the order of pages that the user has visited on the website.

Session

 

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

 

This privacy notice was last updated May 2018.