Privacy Policy
ESOT, the European Society for Organ Transplantation, complies with the General Data Protection Regulation (GDPR) and other regulations regarding the processing of personal data and privacy. ESOT respects your privacy and is committed to safeguarding the confidentiality of your personal information. This policy explains how and why ESOT collects and uses the personal information of its members, users and website visitors, and how ESOT protects your privacy. It also explains how you can access, manage and delete your own personal information and your contact preferences (such as which information you want to receive) stored in the ESOT system through ‘My Account’ on www.esot.org.
When disclosing your personal information to us by creating an account on our website or applying for membership, we will collect, store and process your personal information as stated in this policy. The personal information that we collect from you shall be obtained, processed and transmitted in compliance with applicable data protection legislation including the GDPR and, as ESOT is situated in the Netherlands, the Dutch GDPR Implementation Act.
We may change this policy by updating this page. We advise you to check this page from time to time to ensure that you are happy with any changes (latest version: May 2018).
ESOT is responsible for the processing of your personal data. The registered name of ESOT is the European Society for Organ Transplantation having its registered seat at Westerdoksdijk 423 (1013 BX) Amsterdam, the Netherlands. ESOT is registered in the Dutch Register of Companies under Chamber of Commerce number 34329686.
ESOT is also responsible for the processing of personal data processed by or through other legal entities belonging to its group: the ESOT Office, having its registered seat at Riviera dei Mugnai, 8/24 – 35137, Padova, Italy (registered with the Italian Register of Companies under Chamber of Commerce number PD405741) and Steunstichting ESOT, having its registered seat at the Westerdoksdijk 423 (1013 BX), Amsterdam, the Netherlands. All ESOT legal entities have access to personal data processed under the responsibility of ESOT. This is necessary for the activities of the ESOT Group such as the organisation of the ESOT congresses and meetings, the administration of members and the possibility to send registered users e-mailings. Access to personal data is restricted to people for whom it is necessary to access the data. Together, all ESOT legal entities are hereinafter referred to as “ESOT”.
Processing of personal data
Personal data
ESOT collects your personal data when you create or update your account or when you apply to become a member. ESOT also collects personal data submitted to ESOT by a third party acting on your behalf, for example through a group registration.
ESOT processes information obtained from yourself on the basis of your consent or because it is necessary for the execution of an agreement or the pursuit of a legitimate interest. These legitimate interests are that that the processing of the personal data is necessary for ESOT to be able to identify members, participants of congresses and persons involved in other activities organised by ESOT.
Information obtained from a third party acting on your behalf is processed on the basis that the processing is necessary for the performance of a contract or on the basis that the processing is necessary for the purposes of the legitimate interests of ESOT.
The personal data ESOT collects are:
Nominative Information: Title, first name(s), surname(s). Your nominative details are needed to properly identify you, to communicate with you, to provide you with the products and services you have requested and to ensure that items are properly labelled as yours (e.g. congress badges and scientific contributions such as abstracts and presentations, etc.).
E-mail address: in order to be able to communicate with you directly electronically, ESOT needs your e-mail address. You are therefore required to supply your e-mail address when you create your account on the website, which enables you to access a variety of services online. Finally, it permits “Forgot Password” to be handled in an automated secure way.
Date of birth, gender, nationality and country: your date of birth is used to help us correctly identify you and avoid duplicate records. Your date of birth, nationality and country are used where specific rules or fees or charges apply which depend on age and/or nationality/country, to determine eligibility for these activities and fees.
Full postal work and/or private address, telephone number: your postal address is needed when items will be sent to you by post and because it helps to correctly verify your identity (where other persons have the same or a similar name). Your telephone number is needed to contact you if necessary, for example if there is a change in the schedule of a congress you are attending. This information is optional; you can choose whether or not to provide the information.
Professional details: data regarding your current position, education, work experience and publications are used to determine whether you are eligible for membership and to enable us to provide you with more relevant information and to understand the preferences of our community. This information is optional; you can choose whether or not to provide the information.
In some cases, we ask you for additional information if this is needed for the services provided by ESOT. For example, ESOT processes payment information provided by you (such as your credit card number) if such information is necessary to pay your membership fee, registration for a congress or other activity.
When registering for a congress, we also ask you for some more general background information to better organise the activity. This information is optional; you can choose whether or not to provide the information.
When you apply for an internship or job, we may ask you for a copy of your Curriculum Vitae, your passport/identity card or other customary information normally requested during an application process. We do not process national identification numbers so please black these out before submitting a passport/identity card.
Finally, we collect data through submissions of scientific abstracts. These are usually limited to the full name(s) and institution of the author(s).
Use
The data is collected and stored only for the execution of our services, giving access to the service through the use of an account, to enable a proper functioning and management of the website and platform, to enable adequate member registration and administration, to enable the organisation of a congress and other activities, to conduct surveys, the distribution of our journal and the circulation of scientific information.
The e-mail address submitted when signing up for an account will be used by ESOT for the purpose of sending newsletters and other information, if you gave your consent to receive such e-mails. ESOT respects the privacy of personal e-mail addresses and complies with the current European legislation on e-mail communication. The objective is not to send you unwanted messages, and your e-mail details will not be passed on to any other individual or organisation without your permission.
You can manage the extent to which ESOT communicates with you in your ‘My Account’ dashboard. Here you can indicate whether or not you wish to receive general communications from ESOT. You can also choose which newsletter you want to subscribe to.
You can unsubscribe from any of the e-mail correspondence at any time by using the unsubscribe link in all communications sent by ESOT or by going to your “My Account” dashboard, where you can choose to unsubscribe from certain or all categories of newsletters.
Storage
Personal information is only kept for a reasonable period of time, dependent upon the nature of the information and its intended use.
If you have an ESOT account, your information will be kept in the ESOT system while you continue to have an account, even if you do not use the ESOT website or services during that time, unless you delete your account. ESOT performs “cleaning” exercises from time to time to delete unused accounts. However, since it is difficult to establish when an account is not used, it is not guaranteed that your account will be deleted after a certain period of time.
If you delete your account, your account data is immediately deleted and we no longer have access to your data. If you want to keep your data, we therefore advise you to make a copy before deleting your account.
In all cases, accounts receivable and payable records and invoices containing personal data are kept for the Dutch statutory retention period of seven years.
Information is kept indefinitely for persons who have submitted, and had accepted, or contributed to scientific content for congresses, events, journals, guidelines, etc. The information is kept for scientific purposes only: to reference it and to be used with published material, and to be accessed when those materials are researched or viewed.
Processors/third parties
All ESOT Legal Entities have access to the database with personal data.
Personal data is only shared with processors and/or third parties if this is necessary to carry out services. We share personal data with:
Our congress management service providers and other partners such as hotels in order to be able to organise the congresses and other activities;
ESOT committee members to review applications for ESOT activities, abstracts, symposia proposals etc;
Our IT providers in order to be able to store and access the data;
Our website hosting providers, in order to host and manage our website;
Our app provider, in order for them to reach out to people who have registered for an event, to offer to download the event app;
The publisher of our journals, in order for them to be able to send our members a copy of the online journal;
Our abstract management provider, in order to handle abstracts and registration/accommodation/faculty data for our congress;
Our payment provider, in order to carry out a payment for a congress, membership or other activity or service.
If we share your personal information with a processor, we make sure the processor complies with the GDPR by signing processing agreements.
Security
All personal data is stored on a secure server, and appropriate technical and organisational measures are implemented to ensure an appropriate level of security.
Your rights
In accordance with the GDPR, you have the right to request access to and rectification or erasure of your personal data and/or restriction of processing of your data and/or to object to the processing of your data on the basis of article 6 (1)(f) GDPR, as well as the right to data portability. See articles 15-20 GDPR for more information.
You can have access to your data by going to your ‘My Account’ dashboard. Here, you can also adjust or delete your personal data. If you need help adjusting or deleting your personal data, or if you want to request a restriction of processing of your data, object to the processing of your data or if you want to receive your data in a structured, commonly used and machine-readable format, you can also contact the ESOT Office by e-mail (askme@esot.org). If necessary we can then also make changes to your data on your behalf.
If you feel ESOT is violating your rights, please contact ESOT (askme@esot.org). You also have the right to file a complaint with the Dutch Data Protection Authority (contact information can be found on https://autoriteitpersoonsgegevens.nl/en/contact-dutch-dpa/contact-us).
Cookies
ESOT uses cookies on its website. A cookie is a small file that is being stored on your computer or mobile device through your browser. Cookies in and of themselves do not personally identify users, although they do identify a computer. The information stored in cookie can be read by our servers on your next visit. ESOT uses two types of cookies:
Functional cookies
ESOT uses functional cookies. Functional cookies are used to store your preferences and your login information. They make the use of our website easier.
Analytic Cookies
ESOT also uses Google Analytics and Yandex Metrica. These are ‘analytics’ services that collect statistics regarding the use of the website and platform. Analytics cookies are placed through the ESOT website. Through both services, all data is anonymised. The anonymised information is passed to Google/Yandex Metrica and stored on servers in USA/Europe. The collected data will not be made available to third parties, except if Google/Yandex Metrica or ESOT are legally obligated to do so.
More information about Google Analytics and can be found here. You can turn off analytics cookies via this link.