Privacy Policy

The Royal College of Emergency Medicine (RCEM) recognises the importance of protecting personal information and we are committed to safeguarding members, non-members and staff (known as “The User” in this document) privacy both on-line and off-line.   We have instituted policies and security measures intended to ensure that personal information is handled in a safe and responsible manner.  This Privacy statement is also published on the RCEM web site so that you can agree to the kind of information that is collected, handled and with whom this data is shared with.

RCEM strive to collect, use and disclose personal information in a manner consistent with UK and European law and under the General Data Protection Regulation (GDPR).  This Privacy Policy states the principles that RCEM follows and by accessing or using the RCEM site you agree to the terms of this policy.

The Royal College of Emergency Medicine
7-9 Breams Buildings
Chancery Lane
London
EC4A 1DT
rcem@rcem.ac.uk

Our nominated Data Protection Officer is Jenny Dyer, and she can be contacted at the address above, or via email at jenny.dyer@rcem.ac.uk.

When does RCEM collect information?

If you only visit our website and do not create an account, we will not gather any personal information about you, information is only collected once you create an account on the RCEM system. The collection of this information is essential to ensure that we can provide the best possible service and experience.

RCEM collects information about you for the following reasons:

If at any point you wish to stop the processing of your data, please contact the relevant member of staff at RCEM, who will cease the processing of your data promptly and without delay, within one month of your contact.

This data is primarily collected as part of a ‘contract’ with you, i.e. for us to provide a service to you as listed above.

We may use the data that you have provided to let you know of any events that may count towards your CPD. RCEM intends to rely on the lawful basis of ‘legitimate interests’ for our existing members when sending direct marketing about events that may be of interest to you. RCEM will not send direct marketing to those who are not current members without their explicit consent.

These emails may come from RCEM, or from one of three third parties that we may pass your personal data on to, as they run events that may be applicable to you and your continuing professional development:

The marketing of such events will always be related to our missions, values and objectives. The content of these events will always be professionally or socially relevant and should therefore always result in a positive benefit to you.

Please note that consent for this direct marketing can be withdrawn at any time via your account on the College website, or by contacting any member of staff.

What information is collected?

RCEM requests personal information as you create an account or for one of the purposes listed above. The type of information generally required is:

By creating an account and becoming either a member, trainee or examination candidate, or by becoming a supplier of goods and/or services to us, you agree to allow RCEM to store personal information into the software or service that resides on our servers.

Please note that you have the right to request that we remove your personal information at any time. You can do this by contacting any member of staff at the College, who will be happy to help.

CEM does not hold credit/debit card details for those who pay on-line or ring the office to make a payment off-site, this data is held securely on RCEM’s payment service provider Sagepay, and only the last 4 digits of your card number are visible for reconciliation purposes only.

We will never collect sensitive personal data about you without your explicit consent.

We will endeavour to hold accurate and up-to-date information. Some information can be amended by you and some can be amended by RCEM. If you are aware of an inaccuracy that you are unable to amend, please contact RCEM who will correct or delete it promptly and within one month of receipt.

How we use your information

This privacy notice tells you what to expect when the Royal College of Emergency Medicine (RCEM) collects personal information. It applies to information we collect about:

All decisions regarding your data, i.e. membership categories or examination requirements are made via a human interaction, there are no automatic decision making processes within RCEM, this includes profiling.

We automatically gather generic information automatically to monitor traffic patterns and site usage to help us refine and improve design and layout of our Site and the user experience. Cookies are also used within the RCEM Learning environment to enhance the user experience.

Emails and personal correspondence (regular mailings) will be stored securely on our database, as a record of that correspondence.

Any sensitive personal data collected from you is stored securely and is collected to provide generic information to the GMC on an annual basis. Account holders can choose whether to supply this information, please contact the College if you wish to remove any sensitive personal data from your record.

We do not sell, trade or rent personal details to third parties. Some data is passed to Regional and National Chairs who sit on the RCEM Council within their respective Regions and Nations. This is generally to gain assessment of their regional or national workforce for Emergency Medicine policy decisions.

Your data will never be passed to any third countries.

People who use College services

The Royal College of Emergency Medicine provides many services, some of which are run by organisations outside of the College. Personal data may be provided to these third-party organisations in order to facilitate these services.

We have contractual arrangements with suppliers who provide RCEM IT systems. We take important steps to make sure that these companies deal with your data in a secure way, they are required to sign an agreement to state that they will handle your data in accordance with the requirements of the College. This may include taking payments for services and subscriptions, administering our membership database and maintaining services such as our Eportfolio system, Continuing Professional Development (CPD) system and Revalidation data storage

We have a partnership arrangement with the British Medical Journal (BMJ) with whom we produce the Emergency Medicine Journal (EMJ). In order for the BMJ to send out the EMJ, we provide them with contact details such as your name and mailing address. This information is sent via a Secure File Transfer Protocol process and is securely disposed of as soon as the publications have been sent.

We share also membership information with the Emergency Medicine Trainees’ Association (EMTA), European Society for Emergency Medicine (EUSEM) and Forum for Associate Specialist and Staff Grade Doctors in Emergency Medicine (FASSGEM) to encourage appropriate development opportunities for our Members. It is a requirement of those using our systems to record Audit information that no patient identifiable data is entered in these by the users.

Access to Personal Information

A lot of your personal information can be accessible via My Account on the RCEM website, but there are some data that is not visible via your account. If you would like access to this information, then you can request it via a ‘Subject Access Request’ under the General Data Protection Regulation (GDPR)(2018).

This request can be made free of charge, and may be made verbally (over the telephone) or in writing (either by email or in letter form), and RCEM may contact you to gain more information about your request before the information is provided.

If we do hold information about you we will:

If you would like to make a request in writing, please contact the Data Protection Officer; Jenny Dyer at jenny.dyer@rcem.ac.uk, or send a letter to Jenny Dyer, Data Protection Officer, 7-9 Breams Buildings, Chancery Lane, London, EC4A 1DT. Please try to include as much information as possible to help us with your request.

If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting any member of staff.

How long is my information kept for?

Under GDPR (2018) your information will be kept “in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed” (GDPR, Article 5, 2018)

Any information related to your membership of the college, including trainee data, will be maintained while you are a member, and will be kept for 7 years after your membership lapses.

Access to the eportfolio system will be changed to read-only once your membership has lapsed, and trainee-type roles and associated data will be removed from user accounts if they do not contain a current/future post or at least one historic post that has ended within the last 7 years. Where a user account has no trainee type roles and has not been logged into for 7 years it will be deleted.

Individuals who have access to the RCEMLearning platform have full access while they are members. Once your membership lapses, this access is withdrawn, your record remains on the system, but you do not have access unless your subscriptions are paid, and your access is reinstated.

Individuals who have access to the L2S2 system for audit entry have access indefinitely, as it is not related to their membership status. Past audit data is also accessible via the L2S2 system, data is not removed from the system, as it may need to be accessed at any point.

Any data surrounding qualifications gained through RCEM will be kept on our systems indefinitely, as this information may be used to verify qualifications with the GMC and other organisations at any time.

Cardholder Information

Cardholder information is not stored on any RCEM system or on the premises as per our PCI compliance. On-line payment data is protected and is not forwarded to any third parties.

Security Measures

Security measures are in place to secure personal information include encryption technology and firewalls as well as restrictions regarding the storage of sensitive information.

Your RCEM website account is password protected, and you can log on using your username and password to edit any personal information held on your account. If you do not know your username or password, please use the ‘Forgot my password’ function, or contact the Membership department at membership@rcem.ac.uk

Staff access to the customer relationship management (CRM) system is also password protected and is not accessible by members of the public.

Job applicants, current and former College employees

When individuals apply to work at College, we will only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference we will not do so without informing them beforehand.

Personal information about unsuccessful candidates will be held for six months after the recruitment exercise has been completed, it will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.

Once a person has taken up employment with RCEM, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with College has ended, we will retain the file in accordance with the requirements of our retention schedule and then delete it.

Cookies on our website

This site, like many other sites, uses small files called cookies to help customize your experience. Find out more about cookies and how you can control them

Quick description of cookies

‘Cookies’ are small text files that are stored by the browser (e.g. Internet Explorer, Firefox, Chrome or Safari) or by a mobile phone (e.g. Android or iPhone) on your computer or mobile device. They allow websites to store such things as user preferences. You can think of cookies as providing a “memory” for the website, enabling it to recognize a user and respond appropriately.

Cookies and their use

There are different types of cookies based on their use:

Turning off cookies

Most browsers and phones have a way to stop accepting classes of cookies, or to stop it accepting cookies from a particular website. For example, using cookies is needed in order to use our shopping cart, so you would not be able to buy things through our web site if you turned off our cookies.

Help in turning off cookies can be found in your browser or mobile phone help files

If you are concerned about third party cookies generated by advertisers from Europe, you can turn some of these off by going to the Your Online Choices site.

Disclosure of personal information

In many circumstances we will not disclose personal data without consent. However if we are involved in the investigation of a complaint, for example, we may need to share personal information with regulatory organisations and with other relevant bodies, for example suppliers, deaneries, and others for the purposes of training, assessment, e-Portfolio, research and other College purposes.

Links to other websites

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

Concerns or complaints

If you have any concerns or complaints about RCEM’s Data Protection and Privacy processes, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) or another supervisory authority.

You can contact the ICO via their website at www.ico.org.uk

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 24th May 2018

If you still have questions, please contact us.