Last updated: June 9, 2020
We (“EHA”) process personal data from our members, participants, grantees and other contact persons, in order to provide our services in the best way possible. Our services are ultimately aimed at completing our mission towards a cure for all blood disorders. This statement explains how and why we are processing personal data. This privacy statement relates to all our processes involving personal data.
For any questions on how we protect your personal data, you can always contact us by e-mail firstname.lastname@example.org or telephone +31703020099.
Who we are
The European Hematology Association (“EHA”) is a non-profit membership organization (association) for individuals with an active interest in the field of hematology. Our Executive Office is located at Koninginnegracht 12b, 2514 AA The Hague, the Netherlands.
Which personal data we collect
Depending on the type of services you use from us, we collect the following personal data:
Name, address, gender, phone number, e-mail address, date of birth, country of residence, profession, organization of employment, country of residence, pictures, participation details for the Congress and / or Meetings, including payment details, CV, publications, disclosures, and travel information.
Why we process personal data
We process personal data most of the time because we have a legitimate interest:
- Membership and related services. In our membership database, we record personal data such as name, address, contact details, profession, date of birth and country of residence. We do this in order to process and manage your membership and provide you with our services, and all the activities and benefits related thereto, in the best way we can. Date of birth is for example processed because we provide different types of membership depending on age (early career discount). We will also email you in relation to your membership and if you agree, will email you about our activities we believe are of interest to you.
- Registration for meetings. We need your name and contact details in order to provide you with information on the meetings. We organize meetings on different hematological topics and in different countries. Therefore, profession and country of residence are processed.
- Promotional purposes. We send promotional mailings in order to obtain new members, sponsors, registrations and faculty for Congress and meetings, partnerships with other organizations and any other relevant contact persons.
- Information about EHA. We also send mailings like EHA Newsletters and updates by email on general activities related to our mission, Annual Congress, Education, Research and Publications for which you can subscribe (opt-in). You can always change this (opt-out) for (one of the categories of) our mailings via the unsubscribe link in each of our mailings. For specific mailings, it is not possible to opt-out as we need to communicate certain information to our members and or participants.
Some of the personal data is processed based on compliance with a legal obligation (e.g. in relation with tax authorities).
Your privacy rights
You have certain rights in order to be assured of the protection and privacy of your personal data. These rights are:
- Right of access: You can ask us which personal data we are processing about you and to obtain access to these personal data. We will provide an overview of your personal data and will also provide you with specific information about the processing of your personal data, including but not limited to information re. the purposes of the processing of your personal data, to which recipients or categories of recipients your personal data have been or will be disclosed, the envisaged retention periods that apply to your personal data and if the personal data are not collected from you, any available information as regard to their source.
- Right to rectification: You can request us to modify your personal data in case you believe that your personal data are not up to date, complete or accurate.
- Right to erasure (‘right to be forgotten’): Under certain circumstances, you may ask for erasure of your personal data.
- Right to restriction: Under certain circumstances, you have the right to restrict the processing of (certain) personal data.
- Right to data portability: Under certain circumstances, you can ask us to transmit the personal data that you have provided to us and we still hold about you to you in a structured, commonly used and machine-readable format, e.g. to be able to send it to a third party.
- Right to object: Under certain circumstances, you have the right to object to any processing of personal data that EHA justifies on the legitimate interests legal processing ground. When you object to the processing of your personal data for direct marketing purposes, we will always respect this request.
- Right to withdraw your consent: If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Please note that the withdrawal of your consent does not affect the lawfulness of the processing of your personal data prior to the withdrawal of your consent.
In order to exercise your rights you can contact us via email@example.com or by post via:
2514 AA The Hague
In doing so, please indicate which processing activities or which personal data your request relates to. In order to prevent that we disclose information to the wrong person, we can ask you for additional information to verify your identity. In principle, we will inform you of whether we can comply with your request, within one month after receipt. In specific cases, for example when it concerns a complex request, this term may be extended by two months. We will inform you of such an extension within one month after receiving your request. On the basis of the applicable privacy legislation, we can refuse your request under certain circumstances. If this is the case, we will explain to you why. You can find more information about your privacy rights on the website of the Dutch Data Protection Authority.
You can always contact us via firstname.lastname@example.org if you have any other questions and/or comments about the processing of your personal data by EHA.
If you have a complaint about the processing of your personal data by EHA, we will do our utmost best to resolve it with you. If this does not lead to the desired result, you have the right to lodge a complaint with the competent supervisory authority. In the Netherlands, this is the Dutch Data Protection Authority. If you live or work in another country of the European Union, you can file a complaint with the supervisory authority in that country.
We store your personal data as long as we deem necessary for the proper fulfillment of our services, unless the data must be kept longer under a statutory regulation.
All personal data is protected by state of the art methods recommended by reputable IT Security agencies.
We make use of different service providers in order to carry out our services who need to process your personal data. We will ensure that they do this in agreement and in accordance with our instructions.
We do not transfer your personal data to countries outside the EU. In case we do so, we will ensure that your personal data is processed in line with the GDPR.
We never sell or provide personal data to third parties for commercial purposes. Personal data is only provided to affiliated third parties in order for us to execute our services.
We reserve the right to regularly review and, where necessary update this Privacy Statement and will always post the most recent version of this Privacy Statement on our website.
PRIVACY STATEMENT EHA25 Virtual
In addition to all information above, we would like to provide you with specific additional information regarding the processing of your personal data if you attend EHA’s Virtual Congress 2020. You can of course also exercise your privacy rights in line with the general information provided above in respect of the processing of your personal data for the VC 2020.
When you are presenting at the VC 2020, EHA will process the following personal data about you:
- EHA Membership Number (MNR)
- Prefix Title
- First Name
- Last Name
- Date of Birth
- Telephone Number
- Secondary / Secretary Email
- Bio sketch
- Video and audio footage
- User ID and password
- Input in chat sessions
- Contact details of the contact persons of the exhibitor.
When you are participating in the VC 2020, EHA will process the following personal data about you
- First Name
- Last Name
- Name of institute or company
- Prescriber / non-prescriber information
- E-mail address
- User ID and password
- Access code
- Age group
- Country you are based in
- Primary and secondary field of interest
- Your activities during the EHA25 Virtual (which sessions you have participated in)
- Your input in chat sessions
- The number of EBAH credits earned due to your participation in EHA25 Virtual
Purposes for processing and related legal processing ground
EHA uses the above personal data for the purposes stated below for which we have indicated the legal processing grounds under the General Data Protection Regulation 2016/679. If the processing is based on the ‘legitimate interest’ processing ground, this interest is briefly explained.
- To enable you to present, exhibit or participate in EHA25 Virtual; (necessary for the performance of the agreement with you);
- To enable you to connect with other participants, presenters and exhibitors. When you enter the virtual exhibition platform of EHA25 Virtual your name, the name of the institute or company you are working for/represent and whether or not you are a prescriber / non-prescriber, will be visible for the other participants. When you enter a virtual booth, these details will be visible for the respective exhibitor. When you use the chat functionality, your name and the name of the institute or company that you are working for/represent will be visible in the chat to all participants in the respective chat session; (necessary for the performance of the agreement with you, the legitimate interests of EHA and all persons participating in EHA25 Virtual to connect with each other);
- To personalize your experience based upon the interests provided by you when you registered for EHA25 Virtual (the legitimate interests of EHA to offer you an optimized EHA25 Virtual experience);
- In order to be able to assign the European Board for Accreditation in Hematology (EBAH) CME credits (necessary for the performance of the agreement with you, the legitimate interests of EHA to offer you the possibility to earn credits);
- For statistical/analytical purposes: collecting personal data for statistical purposes allows EHA to get insights in presenters and delegates’ interests and enables EHA to optimize our services for future activities. Furthermore, your activity on the Congress Centre (EHA25 Virtual Congress Platform)such as the sessions, virtual booths, satellite symposia, virtual exhibition, Updates-in-Hematology you viewed/visited and the time spend on the platform can be processed for analytical purposes. We may share anonymized analytical data with our sponsors which enables them amongst other things to assess the popularity of their virtual Sponsor Item(s) (such as their virtual booth, their virtual satellite symposium and additional sponsor opportunities); (the legitimate interests of EHA and its sponsors to get insights about EHA25 Virtual and more specifically, the use of the Congress Centre).
- EHA may use your personal data for EHA’s direct marketing purposes (consent and/or the legitimate interest of EHA to promote EHA and EHA’s services to you). EHA may use your e-mail address to send you third party mailings (promo mailings) if you provide us with your consent to do so. These mailings inform you about sessions, activities or booths of our sponsors and/or provide you with information about the respective company. Your e-mail addresses are not shared with the sponsors. You can withdraw your consent to receive such e-mails easily via the unsubscribe-link in every promo mailing or by contacting us.
- In order to secure EHA25 Virtual (the legitimate interest of EHA to offer a secure EHA25 Virtual congress experience (e) and the legal obligation of EHA to ensure that all personal data processed for EHA25 Virtual are adequately secured).
- To comply with our legal and statutory obligations (legal obligation).
Third parties for EHA25 Virtual
In addition to the general section about EHA’s use of third parties, we would like to inform you as follows. In light of the EHA25 Virtual, your personal data can be shared with:
- The provider of the virtual exhibition platform which hosts the virtual exhibition;
- The service providers providing the software and methodology for single sign on for the different platforms/sites used for EHA25 Virtual;
- The hosting provider of the overall virtual congress platform for EHA25 Virtual;
- The content hosting provider of the systems for virtual sessions/meetings during EHA25 Virtual (on-demand content, live sessions, Q&A’s etc.);
- The provider that produces the video’s for the different sessions which are placed in the virtual places that can be found through the virtual congress platform;
- The system providers/suppliers for the main virtual congress platform for the congress;
- The provider of the e-poster software and hosting portal;
- The party which hosts the website for the education and abstract book.
The personal data processed via the chat sessions will be retained for the period of the congress. The other personal data of delegates, exhibitors and speakers will be retained for 1 year after the congress in order to analyse them to improve our services and for promotional purposes of our activities. . Please note that the video recordings from presenters and the live sessions might be included in the EHA Campus and/or EHA Library and can become part of historical congress content.