Privacy Policy

Global Evidence Summit 2024 Privacy Policy

Last updated March 2024.

The Cochrane Collaboration (company number 03044323 and charity number 1045921) ("Cochrane", "we", "us") are committed to protecting the privacy and security of those whose personal data we process. We acknowledge the need to protect personal data that is collected by or disclosed to us and to manage it in accordance with the Data Protection Act 2018 and UK GDPR (“Data Protection Laws").

Please read this policy carefully to understand how we collect and use (“process”) your personal data in connection with the Global Evidence Summit 2024 event (“GES 2024”).
We will review this privacy notice regularly to comply with our legal obligations. We will notify you of any important changes, but please check back for updates at any time.

When do we collect your personal data and what personal data do we collect?

We will collect the minimum personal data required to achieve the relevant purpose. In most cases the personal data that we process will be provided by you. We will collect and process personal data in connection with GES 2024 in the following circumstances:

• When you register to attend GES 2024, or someone submits a registration on your behalf (e.g. your employer) – we will collect contact information, invoicing details, basic demographic data, passport information (if you require a visa invitation letter) and your specific requirements in order to provide the respective services for you. Photos may be added by those who wish to complete their delegate’s profile and who wish their profile to be visible in the conference application for other attendees. 
• When you complete an abstract submission form, we will collect the name, email address, organisational affiliation, and country of each author.
• When you completed a workshop submission form, we will collect the name, email address, organisational affiliation, and country of each author.When you submit a stipend application, we will collect the name, email address, organisational affiliation, city, and country of each stipend applicant.
• When you contact us for any other reason connected to GES 2024 - we will retain such personal data as is necessary to enable us to respond to and/or deal with your communication.
• When you contact us to exercise any of your rights under Data Protection Laws – we will retain such personal data as is necessary to enable us to respond or deal with your request to exercise your rights.

The accuracy of your information is very important to us, so please keep us informed if your personal data changes during your relationship with us. 

Special category data

Data Protection Laws recognise that certain ‘special categories’ of data are more sensitive. These include information relating to health, race, ethnic origin and political or religious beliefs. We only ask for special category personal data if there is a specific need for this. We will use it only for the purpose for which it was provided and only ever with your explicit consent.

How do we use your personal data?

We use your personal data to provide the information or services you request in connection with GES 2024. This includes creating name badges for delegates, reviewing abstract and workshop submissions, sending confirmation emails (including invoices) as well as abstract and workshop notification emails and creating personalised joining instructions and delegate’s profile. You may choose to make your delegate’s profile visible in the conference application for other attendees to view. 

We can also use your personal data for administrative purposes related to GES 2024, and to let you know about updates related to GES 2024. 

We may use photographs and recordings from GES 2024 for promotional purposes. If you do not want any photographs or recordings of you to be used in this way, please email contact@globalevidencesummit.org.

We will only use your personal data for the purposes for which it was obtained and when the law allows. 

Do we share your personal data?

Unless we have a lawful basis for doing so, we will not share your personal data with or sell your personal data to any third party for marketing purposes and you will not receive offers from other companies or organisations as a result of giving your details to us. 

We may share your personal data with the parties set out below for the purposes set out in the section “How do we use your personal data?”:

• TFI Lodestar Ltd, a company based in the United Kingdom which has been appointed as a professional conference organiser for GES 2024.
• AIM Group Prague s.r.o. (“AIM”), a company based in the Czech Republic which has been appointed as a professional conference organiser for GES 2024.
• Robert Goláň, a company based in the Czech Republic, which hosts the GES 2024 website. 
• Centium Software, a company based in Australia, which provides and hosts the EventsAir events management platform for GES 2024. In order to register to attend GES 2024 or complete an abstract or workshop submission form, you will be required to create an EventsAir account and complete the relevant form(s) from within your account. Please note that any personal data collected in Events Air will also be subject to the Events Air privacy notice. 
• Individuals who sit on the Abstract and Workshop Sub-Committee of the GES 2024 Scientific Committee, for the purposes of evaluating abstract and workshop submissions.
• JBI, Guidelines International Network and The Campbell Collaboration, the Organising Partners for GES 2024, for the purposes of sharing photographs and recordings from GES 2024.
• Third party organisers of social events, for the purposes of making a social event booking on you behalf.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party processors to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

How do we protect your personal data?

We implement appropriate physical, electronic and managerial measures to ensure that we keep your data secure. 

We put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Office of a breach where we are legally required to do so.

Transfers of data outside of the UK

We may transfer your personal information to third party data processors who are based outside the UK to the jurisdictions listed in the section above, “Do we share your personal data?”

We will only transfer your information (i) if there is an adequacy decision for the specific country to which the data is transferred, or (ii) pursuant to specific contracts approved for use with such transfers.

How long do we keep your personal data?

We will retain your personal data as long as is necessary to provide the services which you have requested, or where we have another legitimate and lawful reason to do so. We may need to retain some information to comply with our legal obligations such as financial and accounting records.

What are your rights in relation to your personal data?

You can:

• Ask us to correct your personal data if information is inaccurate, out of date or incomplete. [If you have created an EventsAir account, you can also manage the personal data held there from within your account.]
• Ask us to provide a copy of the data we hold about you.
• Withdraw your consent at any time, if we have asked for your consent to process certain data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
• Ask us to delete the data we hold about you. If we need to continue holding this information, we will explain our reasons for this and how the data will be stored.
• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
  • If you want us to establish the data's accuracy.
  • Where our use of the data is unlawful but you do not want us to erase it.
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
  • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

To exercise any of these rights or if you have any questions about our privacy notice please contact support@cochrane.org.

You can also address queries to:

Data Protection Lead
Cochrane
11-13 Cavendish Square
London
W1G 0AN

Telephone: +44 207 183 7503

While we hope to be able to resolve any concerns you have about the way that we are processing your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been processed in a way that does not comply with the GDPR or have any wider concerns about our compliance with data protection law. You can do so by calling the ICO helpline on +44 303 123 1113 or via their website. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.