ESMO Privacy & Data Security Policy

Introduction

This privacy policy applies to your use of the websites (collectively referred to as the “Website”), operated by The European Society for Medical Oncology, a Swiss-based not-for-profit corporation, referred to interchangeably hereafter as “ESMO”.

The “Website” includes, without limitation, the ESMO website ( www.esmo.org) and any specific versions (e.g., oncologypro.esmo.org) or filters thereof, the Rare Cancers Europe website ( www.rarecancerseurope.org), the ESMO Press Centre, and any other online platforms used by ESMO which could require your personal data.

ESMO respects your privacy and is committed to protecting the confidentiality of your personal information. This policy explains how ESMO collects and uses Member, customer and site visitor information, and how it protects your privacy. It also explains how you can manage your own personal information held by ESMO in the ‘My ESMO’ area on the ESMO website.

This policy applies to personal information held about individuals. It does not apply to information ESMO holds about companies and other organisations. It is in addition to any specific policies concerning specific products or services. It does not supersede the ESMO terms and conditions which govern the use of the ESMO Website. ESMO reserves the right to amend this privacy policy at its sole discretion, without prior notice, at any time, with the proviso that details of the amendments are published on the ESMO Web Site. They become effective from the time of posting. ESMO is the sole owner of the Website and as such is the sole owner of any information collected through the Website.

ESMO is committed to the following standards, on a commercially reasonable basis:

  1. To collect and use only the minimum information necessary for us to deliver high quality service to users, to administer our business, and to inform you of ESMO products & services
  2. To protect the information our visitors share with us, maintaining strong standards of security and confidentiality,
  3. To require any other organisation that we retain or engage to provide support services to us to conform to our privacy standards, and
  4. To keep visitor files, if any, complete, up to date, and accurate.

Some features on the Website may require you to register as a user and to receive our authorisation before you can use those particular features. Whether you are an individual or a corporation, partnership, or other form of commercial enterprise, in order for you obtain our authorisation to use those features and to be considered a registered user, you may be required to provide us with certain information about you or your business and, if a business, any or all individuals you designate to represent that business in connection with your use of the Website (e.g. names, addresses, e-mail addresses, telephone numbers, and other Personally Identifiable Information of each individual who will use the Website). Once we have authorised you as a registered user, we may provide you with a customer identification number and you will select a unique username and password.

Generally, you will be able to change your password and any personal data you have given us. Please note that submitting information to us is not a guarantee or assurance that we will grant authorisation to you or permit you, or anyone you designate, to use any or all of the services of the Website. If for any reason you are not granted authorisation we will retain the information you submit to us only in order to communicate with you regarding your application; we may, however, request additional or follow-up information for audit purposes or as may be required by law or regulation.

If you are submitting information on behalf of others for registration purposes or otherwise, you represent that you have their permission, agreement and full authorization to provide this information to us. We reserve the right (a) to ask you to provide evidence of your authority at any time during, or even after, the submission process and (b) to contact those individuals to confirm your authority at any time. If we determine that your authority has not been properly obtained, we may immediately and without notice to you discontinue your authorised use of those features of the Website for which you have registered.

How ESMO collects personal information

ESMO is a professional association which combines a wide range of activities in the field of medical oncology, including

  • Provision of Membership Services
  • Collection and dissemination of scientific information
  • Provision of Products and Services

The sources of personal information received by ESMO are:

  • The individuals themselves
  • Third parties acting on behalf of individuals (eg. an agent or secretary arranging registration for an ESMO organised meeting or event; the submission of abstracts for events by third parties, etc)

ESMO may collect personal information in the following ways:

  • When you register personal details when creating or updating a ‘My ESMO’ account on ESMO Web Site
  • When you, or an agent on your behalf, enter personal details on a form (electronic or paper) requesting an ESMO product or service (eg when registering for an ESMO organised meeting or event)
  • When you, or someone on your behalf, submits proposals or content in connection with scientific sessions at an ESMO organised meeting or event (eg Abstract submission)
  • When you enter personal details on a form applying to become an ESMO member or to apply for affiliate membership through an affiliate Society
  • When you subscribe to an ESMO newsletter or other electronic communication
  • When you participate in a survey, questionnaire or competition

What personal information is collected by ESMO

Mandatory Personal Information

As a general rule, to enable ESMO to correctly identify you, to provide you with the products and services you have requested and to communicate with you, the following minimum information must be provided in order for your order, request, application, etc. to be processed:

  • Title
  • First Name(s)
  • Last Name(s)
  • Full Postal Address (work)
  • Email address
  • Gender

Optional Personal Information

Other personal information may be requested to help identification (eg date of birth, nationality by country, etc.) or to enable ESMO to understand your profile so you can be provided with better and more appropriate products and services (eg Professional Interests and Topics of Interest).

Credit Card Information

Credit Card information, along with other information related to specific transactions, is collected at the time of your order, request or application, and is used only for the purposes of that particular transaction. For your protection, the Credit Card information is not retained in ESMO system for later use for other transactions. The record of the transaction is kept for 10 years for legal and audit reasons.
ESMO takes every precaution to ensure that this information is stored in a safe location and that it cannot be accessed by unauthorised parties. For further information about security, please refer to Data Security.

Email address information

Your email address is mandatory when you use ESMO electronic services on the ESMO Web Site
Electronic communication is for most purposes ESMO’s preferred method of communication because it is generally convenient, rapid, environmentally friendly and efficient
You are required to supply your email address when you create your ‘My ESMO’ account on ESMO Web Site, which enables you to access a variety of services online.
Please note that each email address must be unique and that you are not allowed to share email addresses with another person.

Unique Email Address

For your convenience and security, your email address is unique to you in the system. (ESMO does not permit two different persons to have the same email address in the system). You are strongly recommended to use an email address which is personal to you and that is not shared with others. This is to ensure that communications which are sent to you personally are not read by others, and that others do not gain access to the information in your ‘My ESMO’ account. Furthermore, ESMO may use your email address to communicate with you about value added products linked either to your membership or your congress attendance.
Your unique email permits automated retrieval of your login details, which are sent to your personal email address.

Data from surveys and questionnaires

ESMO conducts a number of surveys or questionnaires every year whereby we collect data from volunteer respondents about a certain number of topics that are of interest to us as a society or to the practice of oncology. The respondent data remains completely anonymous, unless the respondents specifically choose to share their contact data. Upon completion of the survey or questionnaire, to ensure confidentiality, information is transmitted via Secure Socket Layer (SSL) to the survey tool platform. Data entered are stored on the survey tool server, which is accessible through a dedicated ESMO account only. When exported, data are stored on ESMO's internal server. To ensure the complete anonymity of all respondents, all data collected are kept confidential and no individual respondent’s answers will be disclosed at any time by ESMO or Rare Cancers Europe.

How ESMO uses personal information

Personal information is needed by ESMO to enable it to properly manage its member and customer files. These files are used to enable ESMO to fulfil its role in providing a wide range of services to its members, contributors and customers.
The personal information which you supply may be specifically used to:

  • Enable ESMO to provide you with the products or services you request
  • Enable ESMO to communicate with you about specific matters regarding your transaction, eg. Registration for a meeting or event, abstract submission, grading, membership...
  • Enable ESMO to send you information about ESMO activities which it believes may interest you

Listed below are some of the security procedures that ESMO uses to protect your privacy:

  • A personal username and a password is required in order for users to access their personal data
  • Uses firewalls to protect information held in our servers.
  • Closely monitors the limited number of ESMO employees who have access to your data
  • Requires all ESMO employees to abide by our Privacy Policy and be subject to disciplinary action if they violate it.
  • Backs-up our systems to protect the integrity of your data.

Email privacy

ESMO respects the privacy of personal email addresses and complies with the current legislation on email communication (according to the Swiss Data Protection Act and the Tele Service Data Protection Act). ESMO will not send you  you unsolicited email messages and will not contact you on behalf of third parties without your consent. Your email details will not be passed on to any other individual or organisation without your explicit permission, although in the case of conference/meeting registration special conditions may apply – see Registration Terms and Conditions.

Without your specific ‘Opt In’ to receive e-campaigns from ESMO you may receive emails concerning:

  • Products and services similar to those you have already received from ESMO
  • If you are an ESMO Member, you will receive email newsletters as part of your membership benefits – you may opt out from these newsletters at any time
  • Transactional messages linked to the following (non-exhaustive) list of transactions: your registration for an event, submission of abstracts, application for grants or fellowships, membership dues, etc.

You can manage the extent to which ESMO communicates with you by using the e-News section in your ‘My ESMO’ homepage. Here you are asked to indicate whether or not you wish to receive ESMO generated emails.
If you decide that you do wish to receive email communications from ESMO you can select which categories of news interest you. All mailings sent to you offer the possibility to unsubscribe.
If you indicate that you do not wish to receive ESMO generated emails you will only receive emails directly related to the transactions you have with ESMO (eg confirmation of registration, membership renewal, etc.) and other necessary individual communications.

How long personal information is kept

Personal information supplied during a transaction with ESMO: As a general rule, personal information is kept for 10 years as from the moment of transacting with ESMO.
This limit does not apply to ESMO Committee members, whose personal information is kept for indefinitely.

Disclosure of information and marketing

ESMO complies with Swiss and EC directives (Switzerland and the Swiss data protection legislation are both recognized to be compliant with EC Directive 95/46/EC) and takes all reasonable care to prevent any unauthorised access to your personal data. ESMO staff and contractors have a responsibility to keep your information confidential.
ESMO may supply your information to its contractors to perform specific services (such as to the publishers to deliver ESMO journals, etc.). Otherwise, ESMO does not disclose personal information to any other person or organisation without your consent.
If you are a delegate at an ESMO organised Congress or meeting, and you visit exhibiting company stands, presenting your badge may enable them to retrieve the following personal data: first name(s), last name(s), address, telephone, fax, email, and professional activity information. For more information about this, please visit the ESMO Event Terms and Conditions page.

‘My ESMO’ – Managing your contact with ESMO

Access to Personalised Services

You do not need to register to access most of ESMO Web Site, but you do have to register to use personal services online and access certain web content.

The details you provide ESMO may be combined with information from other ESMO records to:

  • provide you with online services like Abstract Submission, Registration for Congresses, etc.
  • save you having to keep giving the same information for different ESMO services
  • allow you to access specific web content reserved for ‘My ESMO’ users
  • help you to get more out of ESMO by keeping you up to date about ESMO activities, scientific developments, and products and services by email

Accessing your personal information

You may at any time manage your personal information held by ESMO by accessing the ‘My ESMO’ area. If you are an ESMO Member, or have used ESMO products and services in the last three years, a record will already exist for you which you can potentially access by logging in online through:

  • use of your existing login details (username and password)
  • the ‘Retrieve your Login’ feature which, if your email address is recognised, will automatically send details of your username and a newly generated password (for your protection) to the email address given

Please note that ESMO does not permit more than one ‘My ESMO’ account per person to ensure accuracy in communication. So, if an account already exists for you in the ESMO system, your new account will be matched to it, within a reasonable timeframe, but longer during or after ESMO organised conference/meeting periods for technical reasons.

If you do happen to create a second account, then you should be aware that ESMO will merge your  membership and other information regarding products and services used between your accounts, and your contact details held by ESMO will be replaced by the new ones you entered.

Managing your personal information

You have the absolute right to access, amend, and oppose the use of your personal data. By accessing the ‘My ESMO’ area, you have direct control over the information in your personal profile. You can access and change this information at any time from your ‘My ESMO’ homepage. Once logged in to your ‘My ESMO’ account, you can easily view and update your personal details, email address and password. Usernames are unique and cannot be updated.
Additionally, you may choose whether or not you wish to be kept informed by email of ESMO activities, products and services by using the e-News section. ESMO also asks you to provide optional information about your professional activities and interests in order to understand your needs better, and improve the services it offers to you and to the oncology community in general.

  1. Your Rights to Opt-out, Opt-in, or Limit Specific Uses and Disclosures of your personal data
  2. When you register, you may be asked whether you want to receive special announcements and future newsletters by email. If you check “yes” but change your mind at any time in the future and no longer wish to receive our newsletter and other special announcements by email you will be able to Opt-Out of these services by: (a) going to your profile page within the applicable ESMO service; (b) following the directions included at the bottom of any newsletter issue; and/or (c)  contacting us (please select 'Membership'), and we will take you off the applicable list. You may also Opt-In to receive communications from us at the point of registration or by similarly following the instructions above.
    In most cases, the tools that collect and store personal data allow you to correct, update or review that information (and any preferences) by logging-in to the specific service and making the desired changes to your registration information. In most cases you may also withdraw your registration by contacting us (please select 'Membership'). If you withdraw your account registration from the Website your personal data may not be deleted from our records and we may use that data for internal purposes.

Right of access to your ESMO information

If you would like to know exactly what personal information ESMO holds about you, you are entitled to obtain it. If it transpires that the information is inaccurate, or you wish to oppose its use in future, ESMO will make the necessary amendments and confirm that these have been made. Please contact ESMO in either of the following ways:

  • By contacting us by email (please select 'Membership').
  • By writing to:

European Society for Medical Oncology
via L. Taddei 4
6962 Viganello-Lugano
Switzerland
Tel: +41 (0)91 973 19 00
Fax: +41 (0)91 973 19 02

Data security

To protect your information, ESMO uses an industry standard security protocol called Secure Sockets Layer (SSL) to encrypt the transmission of sensitive information between you and our website.

SSL is used, for example, when you login or when you make a credit card payment. To know if transmissions are encrypted, look for the lock on your web browser or check that the URL starts with https://.
Despite ESMO’s efforts to protect your personal data, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of information over the Internet will be intercepted. ESMO is not responsible or liable for any loss or damage of any sort arising from or relating to any breach of our security or interception of your transmissions (see Terms of Use).

Use of Cookies

Cookies are pieces of information that a website transfers to your computer’s hard disk for record keeping purposes. They are small text files that a website can use to recognise repeat users and facilitate their ongoing access to, and use of, the site. They do not pose a threat to your system or files.
The use of cookies is an industry standard, and many websites use them to provide useful features. Cookies in and of themselves do not personally identify users. Most browsers are set initially to accept cookies. You can set your computer to reject cookies. However, if you do choose to disable cookies, you will not be able to enjoy the full range of online services available through the ‘My ESMO’ area.

Use of web analytics

As a website gathers individual pieces of Non-Personal Information from its users, it may combine similar data from many or all the users of the website into one big “batch”. This sort of statistical information is called aggregate data because it reflects the habits and characteristics of a large group of anonymous people. Websites may use aggregate data or share it with business partners so that the information and services they provide best meet the needs of the users. Aggregate data also helps advertisers and sponsors on the Web know how effectively they are reaching and meeting the needs of their target audience.

Click Stream Information. A record of all the pages you have visited during your visit to a particular website or the services you accessed from the site or from an email. Click Stream Information is associated with your browser and not with you personally. It records the archives of your browser.

Conclusion

If you have any further questions about the ESMO Privacy and Security Policy or its implementation, or if at any time you believe that ESMO has not adhered to the principles stated in this Policy, please contact us by email (select 'Membership').

 

Last update: 27 June 2013