We understand that your trust is our most important asset. As such, your privacy is essential for us, the European Society of Human Reproduction and Embryology(hereinafter referred to as “ESHRE®”, “we” or “us”). This privacy declaration (hereinafter referred to as “Privacy Declaration”) is applicable, inter alia, to (i) our website https://www.eshre.eu and its related weblinks and mobile apps (hereinafter referred to as the “Website and Mobile Apps”) and (ii) all relations between ESHRE® and its members, Participants of Events, Applicants for ESHRE® accreditations or certifications, Speakers, Exhibitors, Sponsors and partners.
At all times, ESHRE® strives to be in accordance with the Belgian Privacy Act of 30 July 2018 regarding the protection of natural persons in relation to the processing of personal data (including any Belgian legislation repealing the Belgian Privacy Law) and/or the General Data Protection Regulation of 27 April 2016 (‘the Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC”). This Privacy Declaration includes information about the personal data collected by ESHRE®, as well as the manner in which ESHRE® uses and processes this personal data.
When spoken about “you”, “your registration”, “your identification”, etc., this includes (i) you as an ESHRE® member, (ii) you as a Sponsor, (iii) you as a Speaker, (iv) you as an Exhibitor, (v) you as an Applicant for ESHRE® accreditation and certification (vi) when a registration for an Event is done by you as a Registrant and you will attend the Event yourself as a Participant, and (vii) when a registration for an Event is done by a Registrant for and on behalf of (a) third party/ies who will attend the Event as Participant(s), and whereby this Privacy Declaration is applicable to both the Registrant and the Attendee(s).
Visiting the Website and Mobile Apps, creating an ESHRE® membership account, registering for an Event, filling out a quiz form, registering for ESHRE® accreditation or certification, scanning of your badge at an Event, completing a booking form and exchanging business cards implies your express approval (through disclosure of your personal information or opt-in) of the Privacy Declaration and consequently how we collect, use and process your personal data.
- Types of personal data
ESHRE® can collect and process the following personal data:
✔ First name;
✔ Member number;
✔ Date of birth;
✔ E-mail address;
✔ Telephone number (mobile/landline);
✔ Billing address/home address;
✔ Business/corporate address;
✔ Educational level;
✔ Diplomas and certificates;
✔ Country of registration as surgeon;
✔ Evidence of good standing;
✔ Profession/practice area;
✔ Title (Mr., Mrs.);
✔ Special interests;
✔ Institute and department;
✔ Picture (optional);
✔ Information about your use of the Website and Mobile Apps;
✔ Information about transactions carried out via the Website (e.g.: online payment for registration) and Mobile Apps;
✔ Information about your whereabouts and interests during an Event through scanning of your badge, which is provided to you by ESHRE®.
- Methods of personal data collection
Your personal data are collected in the context of:
- Your ESHRE® membership;
- Your registration for Events as a Participant/Registrant;
- Testimonials on social media;
- Your registration as a Sponsor/Exhibitor by completing the Sponsorship Order Form or the Exhibition Booking Form;
- Your registration for ESHRE® accreditation and certification;
- Your use of the Mobile Apps;
- Scanning of your badge by ESHRE® on an Event;
- Taking part in ESHRE® examinations and/ or evaluations;
- Your application for the ESHRE® research grant and signing of the research grant agreement;
- Filling out a quiz form;
- Visiting the Website and Mobile Apps;
- Your subscripting to the newsletter (via the Website, Mobile App or not);
- The exchange of business cards;
- Your collaboration with ESHRE®.
The personal data collected by ESHRE® are therefore expressly and voluntarily provided by you.
- Use of personal data
ESHRE® may use your personal information:
✔ To execute the agreement;
✔ To address you with the correct title;
✔ To deliver member benefits (e.g. lower fees, newsletter,…);
✔ For ESHRE® membership administration;
✔ To administer the Website and Mobile Apps;
✔ To keep statistic records;
✔ To add personal data to the CRM-tool;
✔ To perform an age check;
✔ To enable your access to and use of the Website and Mobile App services;
✔ To send invoices and collect payments;
✔ To confirm ESHRE® accreditation and certification applications;
✔ To score examinations and evaluations;
✔ To award ESHRE® accreditations and certifications;
✔ To keep you updated on future Events of ESHRE®;
✔ To mention you on the Website and Mobile Apps (e.g. speakers on Events, certified surgeons);
✔ To track your whereabouts during an Event in order to measure number of attendees and level of interest for organizing future Events;
✔ To enable you to share your personal information with Exhibitors and/or Sponsors of an Event, after having received your consent (e.g. by allowing an Exhibitor/Sponsor of an Event to scan your admission badge);
✔ To share your contact information with other Attendees of the Event you registered for (e.g. through the use of Mobile Apps);
✔ To share you contact information with third parties (who may for example approach you with information on other event - not organized by ESHRE® - or for commercial reasons), after having received your consent (i.e. opt-in);
✔ To send the certificates of attendance to the correct address;
✔ Application procedure for research grants and fellowships and the performance of research grant agreements;
✔ To publish articles in the ESHRE® newsletters (name, title, function, biography and or image of the author may be mentioned);
✔Creation/activation/reactivation of an ESHRE® account.
Processing takes place on the following legal grounds, as the case may be:
✔ You have given consent to the processing of your personal data for one or more specific purposes;
✔ Processing is necessary for the performance of the agreement with ESHRE® or in order to take steps at your request prior to entering into an agreement;
✔ Processing is necessary for compliance with a legal obligation to which ESHRE® is subject;
✔ Processing is necessary in order to protect your vital interests or of another natural person;
✔ Processing is necessary for the performance of a task carried out in the public interest;
✔ Processing is necessary for the purpose of the legitimate interests pursued by ESHRE® or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require protections of personal data (in particular when you are a child).
- Disclosure of personal data to third parties
ESHRE® shall not disclose your personal data to third parties, unless it is necessary in the context of providing ESHRE® services and optimising them (including but not limited to database management, maintenance works and sub-contractors). In this respect, your personal data may be disclosed to software providers, cloud partners, payment partners and business partners such as accommodation partners, venue partners, related non-profit organizations, diploma validation organizations and inspectors-assessors. If it is necessary that ESHRE® discloses your personal data to third parties in this context, the third party in question is required to use your personal data in accordance with the provisions of this Privacy Declaration.
Notwithstanding the foregoing, it is however possible that ESHRE® discloses your personal data to the competent authorities (i) if ESHRE® is obliged to do so under the law or under legal or future legal proceedings and (ii) to safeguard and defend our rights.
In all other cases, ESHRE® will not sell, hire out or pass on your personal data to third parties, except when it (i) has obtained your permission to this end and (ii) has completed a data processing agreement with the third party in question, which contains the necessary guarantees regarding confidentiality and privacy compliance of your personal data.
- Storage of personal data
Unless a longer storage period is required or justified (i) by law or (ii) through compliance with another legal obligation, ESHRE® will store your personal data for the period necessary to achieve and fulfil the purpose in question, as specified in this Privacy Declaration under ‘use of personal data’.
- Your privacy rights
If you wish to invoke your privacy rights, as defined below, please contact email@example.com or complete the form for exercising your privacy right and deliver it to ESHRE® by e-mail or post:
✔ Right of access to personal data which ESHRE® possibly has concerning you;
✔ Right to rectification, completion or update of your personal data;
✔ Right to delete your personal data (‘right to be forgotten’);
✔ Right to limit the processing of your personal data;
✔ Right to transferability of your personal data;
✔ Right to object to/oppose the processing of your personal data.
In principle, you can exercise these rights free of charge via the above-mentioned form. In addition, you can always, via your personal account, update, modify and/or verify your personal data which you were required to submit when creating your ESHRE® account.
If you no longer wish to receive newsletters or information about our services, you can unsubscribe at any time by clicking the “unsubscribe” button underneath each of the ESHRE® e-mails.
- Securing your data
ESHRE® undertakes to take reasonable, physical, technological and organisational precautions in order to avoid (i) unauthorised access to your personal information, and (ii) loss, abuse or alteration of your personal data.
ESHRE® shall store all the personal data which it has collected, through a combination of SaaS cloud applications and an IaaS remote and secured server infrastructure. Back-ups are made on a daily basis and are stored on before mentioned combination of SaaS cloud applications and an IaaS remote and secured server. .
Notwithstanding the ESHRE® security policy, the checks it carries out and the actions it proposes in this context, an infallible level of security cannot be guaranteed. Since no method of transmission or forwarding over the internet, or any method of electronic storage is 100% secure. ESHRE® is, in this context, not in a position to guarantee absolute security.
Finally, the security of your account will also partly depend on the confidentiality of your password in obtaining access to your account. ESHRE® will never ask for your password, meaning that you will never be required to communicate it personally.
- Cross-border processing of personal data
Any transfer of personal data outside the European Economic Area (EAA) to a recipient whose domicile or registered office is in a country which does not fall under the adequacy decision enacted by the European Commission, shall be governed by the provisions of a data transfer agreement, which shall contain (i) the standard contractual clauses, as referred to in the ‘European Commission decision of 5 February 2010 (Decision 2010/97/EC)’, or (II) any other mechanism pursuant to privacy legislation, or any other regulations pertaining to the procession of personal data.
- Update Privacy Declaration
ESHRE® may update this Privacy Declaration by posting a new version on the Website and Mobile Apps. As such, it is strongly recommended to regularly consult the Website and Mobile Apps and more specifically the page explaining the Privacy Declaration, to make sure that you are aware of any changes.
- Other websites
The ESHRE® Website may contains links to other websites. In no event, ESHRE® is responsible for the privacy policies or practices of any third party.
If you have any complaints about the way ESHRE® collects, uses and/or processes your personal data, you can lodge a complaint with the Privacy Commission.
- Contact ESHRE®
If you have any questions about this Privacy Declaration or the manner in which ESHRE® collects, uses or processes your personal data, please write:
✔ By e-mail to firstname.lastname@example.org; or
✔ By post to IVZW ESHRE, Meerstraat 60, 1852 Grimbergen (Belgium).
In case you are not satisfied with the way ESHRE® handled your question and/or remark or have any complaints about the way ESHRE® collects, uses and/or processes your personal data, note that you have the right to lodge a complaint with the Data Protection Authority.