IFAPP ACADEMY PRIVACY STATEMENT
We are committed to the protection of personal data and have adopted a policy to protect information about individuals. This policy describes the information we collect, how we use that information, how that information may be disclosed, the security of that information, how you can access and correct any such information and other relevant details concerning your privacy in a way that is consistent with our obligations and your rights under the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”).
1. Who we are
The International Federation of Associations of Pharmaceutical Physicians and Pharmaceutical Medicine (IFAPP) Academy is a non-profit organization, founded September 2016, based in the USA affiliated with IFAPP and is responsible to run its educational activities.
IFAPP Academy Inc.
10 Grand Central
155 East 44th Street, 6th Floor
New York, NY 10017
Our website address is: https://ifappacademy.org.
Email address: firstname.lastname@example.org
Board of Officers:
Lewis A. Miller
Ana B. Salgado
3. What is personal data?
Personal data is defined by the GDPR as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
4. What personal data we collect and why we collect it
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personal identifiable information may include but is not limited to your name (“Personal Information”).
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Online development course
When individuals want to enter our online development course, an application must be completed. Personal data we collect via this application include your name, surname, email address, address, employer, address of your employer, your job title, native language, copy of your resume and a 500 word essay on why you want to attend the course, the skills you want to acquire from it, and how it relates to your career plans.
The processing of these data is necessary for the provision of our online development course and for the evaluation of your application. The legal basis for this processing is Art. 6(1)(a) and 6(1)(b) GDPR.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms and registration on our site
You may provide personal information to us to receive information about becoming a student of the IFAPP Academy, newsletters, activities, and events organized by the Academy, to be contacted for messages such as surveys, member service notices and other service-related notices, or to become involved in initiatives organized or recommended by us. This personal information may include details such as your name, age, gender, contact information, education, professional information, topics you are interested in or require more information about, and other personal information. The choice of how much information you provide to us is yours. We seek this information either to process your request for information and provide that information to you, to improve the quality of our communication to you.
If you make use of our website to register for certain services or events you will be asked to provide personal data. The information inserted in the respective application form will be transmitted to IFAPP Academy. This information is necessary to provide you with the respective service or answer to your query.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”).
This information may include Internet protocol (IP) addresses, browser type and version, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data, number of visits, websites from which you accessed our site (Referrer), and websites that are accessed by your system via our site.
The processing of this data is necessary for the provision and the security of our website. The legal basis for this processing is Art. 6(1)(f) GDPR. We do not link these data to certain individuals. After the processing for the mentioned purposes, the data will be deleted.
The data of log files will be stored separately from your other personal data.
Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic, webpage use, and to provide other services relating to our website.
In using Google Analytics our website employs the extension “Analytics Dashboard for WP”. In doing so, your IP address is anonymized and tracking for users sending Do Not Track headers are excluded. Google uses this information to analyze your use of our site, to compile reports for us on internet activity and to provide other services relating to our website.
You may opt-out of Google Analytics cookies altogether by visiting this link: https://tools.google.com/dlpage/gaoptout?hl=en
Facebook conversion pixels
We use the “Custom Audience pixel” of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) on our website. With its help, we can keep track of what users do after they see or click on a Facebook advertisement. This enables us to monitor the effectiveness of Facebook ads for purposes of statistics and market research. Data collected in this way is anonymous to us, which means we cannot see the personal data of individual users. However, this data is saved and processed by Facebook. Facebook can connect this data with your Facebook account and use it for its own advertising purposes, in accordance with Facebook’s Data Policy which can be found at https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and outside of Facebook. A cookie can also be saved on your device for these purposes.
Please click here if you would like to withdraw your consent https://www.facebook.com/settings/?tab=ads#_=_
The LinkedIn Insight Tag creates a unique LinkedIn browser cookie on a visitor’s browser and enables the collection of the following data for that cookie: metadata such as IP address, timestamp, and page events (like page views). For more information see: https://www.linkedin.com/help/linkedin/answer/65521.
Google Tag Manager (GTM)
We display personal testimonials of satisfied individuals on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. The legal basis for this processing is Art. 6(1)(a) GDPR. If you wish to update or delete your testimonial, you can contact us at email@example.com.
5. Who we share your data with
Use of processor(s)
IFAPP Academy is free to rely on data processors. A processor is the natural or legal person who processes your personal data upon request and on behalf of us, the controller. The processor is required to ensure the security and confidentiality of the personal data. The processor will always act on the instructions of the controller. We rely on processors for marketing purposes, communication purposes, operational purposes, analytical purposes and for the maintenance and hosting of our website.
With a view to the optimal protection of your personal data, we have made the necessary contractual arrangements with our processors to ensure that they apply the highest privacy standards. In any event, data processors shall be required to ensure the security and confidentiality of the personal data.
Transfer of personal data to third parties
IFAPP Academy will not share any of your personal data with any third parties for any purposes, subject to some important exceptions.
In some limited circumstances, IFAPP Academy may be legally required to share certain personal data, which might include yours, if IFAPP Academy is involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority. IFAPP Academy might also share your name and email address with King’s College London when you are an Academy graduate, for example, to create your Academic Certificate.
6. How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website, apply for admission into one of the offered programs and/or services we offer, we also store the personal information they provide in their user profile and application. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
7. What rights you have over your data
Under the GDPR, you have the following rights, which we will always work to uphold:
- The right to access the personal data we hold about you. Part 10 will tell you how to do this.
- The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 11 to find out more.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have. Please contact us using the details in Part 11 to find out more.
- The right to restrict (i.e. prevent) the processing of your personal data.
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
- Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 11.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the competent supervisory authority.
8. How and where do you store or transfer my personal data
IFAPP Academy is located in the United States and uses processor(s) in the US and offers services to data subjects in the European Union. This means the GDPR applies to our processing of personal data. IFAPP Academy guarantees that it will store, transfer and process your personal data according to the GDPR or equivalent standards by law.
We take reasonable steps to ensure the security of all information we collect from risks such as loss or unauthorized access, destruction, use, modification or disclosure of data. For example, your personal information is maintained in a secure environment which can be accessed only by authorized personnel.
The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
9. How can I control my personal data
In addition to your rights under the GDPR, set out in Part 7, when you submit personal data via our website, you may be given options to restrict our use of your personal data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes, including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails or at the point of providing your details.
10. How can I access my personal data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 11.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 15 working days and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
11. How do I exercise my rights?
If you wish to exercise your rights, you must send a written request and proof of identity by registered mail to our Corporate Headquarters: IFAPP Academy Inc., 708 3rd Ave., New York, NY 10017, United States or by email to Admin@IFAPPAcademy.org. We will respond as soon as possible, and no later than 1 month after receipt of the request.