Terms and conditions of the PVRI
Membership Terms and Conditions
This agreement is made between the Pulmonary Vascular Research Institute (“PVRI”) whose registered address is at 33 St George’s Place, Canterbury, Kent, CT1 1UT, United Kingdom, with registered company number 5780068 and registered charity number 1127115 and the PVRI member named in the registration form (“You”, “Your”) for the provision of membership to the PVRI and to dictate the handling of Personal Data shared as benefit of our membership network.
As a member of the PVRI, You have access to the PVRI membership network directory. This is a database containing the Personal Data of other PVRI members who have opted to share their information across the network.
The purpose for which all members share their data is so that all members are able to discover and communicate with other members who share the PVRI’s aims and goals of reducing the global burden of pulmonary vascular disease within the next two decades through global collaboration striving for excellence in clinical care, research and education in PVD; in order that together, we might achieve those goals (the “PVRI Purpose”).
In order to achieve compliance with the Data Protection Legislation being implemented in the European Union, the PVRI has implemented Terms of Data Sharing (below) across its entire network (whether You are an EU citizen/resident, or not).
- Membership is open to anyone with an active research and / or educational interest in pulmonary vascular disease and related fields. As soon as you have entered your details and completed payment, you will have immediate access to:
- All of our digital learning content
- The PVRI membership network directory
- Collated PC Journal Articles
- PVRI Digital Clinic
- Discounted rates for our events
- Opportunity to engage with Task Forces and associated activities
- Free registration to PVRI ‘Get-together’ events
Terms of Data Sharing
- The Personal Data being shared under this agreement includes:
- Identity Data;
- Contact Data; and
- Profile Data.
- Whenever you acquire Personal Data from the PVRI membership network directory, you MUST notify the individual whose Personal Data you have acquired before or at the time that you first use it for the PVRI Purpose, or, at the latest, within thirty (30) days of acquiring it.
- In notifying the individual whose Personal Data you have acquired, You must clearly:
- identify Yourself and Your organisation (where you have acquired the Personal Data as part of your profession);
- describe where You have acquired the Personal Data (i.e. the PVRI membership network directory);
- explain Your intentions for using their Personal Data;
- highlight the fact that their Personal Data might be retained by You after the termination of their membership with the PVRI, should You extend Your use of Personal Data beyond the PVRI Purpose (see clause 5);
- notify the individual has a right to refuse You permission to use their Personal Data for any purpose (including but not limited to the PVRI Purpose), as well as their other rights arising under Data Protection Legislation – see the PVRI Privacy Notice for information about individual rights arising under Data Protection Legislation.
- If you reside outside of the EEA, or are dealing with the Personal Data of individuals located outside of the EEA, in addition to Your obligations arising under, and highlighted within, these terms and conditions, You must observe any local laws, regulations and practices relating to data privacy as applicable (“Local Laws”). The PVRI is not able to provide any legal advice regarding Data Protection Legislation or any other equivalent overseas laws. If you have any further questions around your data, please email firstname.lastname@example.org
5. By acquiring the Personal Data of a PVRI member, you become a Data Controller of that Personal Data, with regard to Data Protection Legislation. This means that Personal Data has been shared with you with consent of a PVRI member (the Data Subject) for its use in respect of the PVRI Purpose only. You are able to determine any additional purposes for which you wish to use the Personal Data. Your ability to make such decisions is governed by Data Protection Legislation and Local Laws, as applicable. The PVRI recommends that you take legal advice before using Personal Data for any reason other than the PVRI Purpose.
6. As a condition of membership, the PVRI requires that all members using Personal Data acquired from the PVRI membership network directory observe good practice in developing and maintaining professional relationships across the network. As such, members are expressly prohibited from using Personal Data in any of the following ways:
- to send explicit, offensive, slanderous or libellous material; and
- to send excessive levels of correspondence that could be construed as spam or harassment
7. All members who acquire Personal Data from the PVRI membership network directory are required:
- not to disclose or allow access to the Personal Data You have acquired, including by storing it on a system not controlled by you (for example, a hosted or cloud-based solution), without appropriate legal assurances and safeguards in place;
- to ensure that You have in place appropriate technical and organisational measures, open to review and approval by the PVRI, to protect against unauthorised or unlawful processing of Personal Data, and against any other loss, destruction or damage;
- to notify the PVRI without undue delay as soon as You become aware of any breaches of Data Protection Legislation and/or Local Laws;
- to inform the PVRI of any subject access requests You receive in relation to PVRI member data you have acquired, and not to respond to such requests before consulting the PVRI;
- to assist the PVRI, at Your cost, in responding to subject access requests or investigating data security issues, making breach notifications, performing impact assessments or complying with consultations or audits from regulatory authorities;
- to delete or return any shared Personal Data at the written direction of the PVRI, or on the termination of Your membership, unless You have acquired Your own bases for use as described in clause 5, or as required otherwise by law; and
- maintain complete and accurate records of all Personal Data that You hold and make such records available for inspection by the PVRI or the relevant regulatory authority.
- If the PVRI becomes aware of, or has reason to believe that You are using Personal Data in any of the ways noted in clause 6, in breach of the provision in clause 7, or in any other way that contravenes the obligations imposed on a Data Controller by Data Protection Legislation or applicable Local Law, Your membership will be revoked without refund. Additionally, where appropriate, the PVRI might report illegitimate activity to the relevant regulatory authority, and/or comply with any investigation by such a body.
- If You are located outside of the EEA, your acquisition of Personal Data from the PVRI membership network directory is also subject to the ‘Standard contractual clauses for the transfer of personal data from the EEA to third countries (controller to controller transfers)’ SET II, attached below and requiring signature before accessing the PVRI membership network directory.
- In agreeing to these terms and conditions and acquiring Personal Data from the PVRI membership network directory, You hereby indemnify the PVRI against all liabilities, costs, expenses, damages and losses (including, but not limited to any direct, indirect or inconsequential losses, loss of profit, loss of reputation and all interest, penalties and legal costs and all other reasonable professional costs and expenses incurred by You) arising out of, or in connection with, the breach of Data Protection Legislation by You to maximum extent permitted by law.
These Terms and Conditions are governed by the laws of England and Wales and subject to the Courts of England, other than for UK residents, who may request a hearing within their local jurisdiction.
Data Protection Legislation means all applicable laws and regulations relating to the processing of Personal Data and privacy including the Data Protection Act 1998, the General Data Protection Regulation 2016/679 (“GDPR”), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any statutory instrument, order, rule or regulation made thereunder, as from time to time amended, extended, re-enacted or consolidated.
The terms “Personal Data”, “Special Categories of Personal Data”, “Data Controller”, “Data Processor”, “Data Subject”, “Data Protection Officer” and “process” (in the context of usage of Personal Data) shall have the meanings given to them in the Data Protection Legislation.
Identity Data includes Personal Data such as names, usernames or similar; marital status; title; date of birth; sex and gender.
Contact Data includes Personal Data such as addresses; email addresses and telephone numbers.
Profile Data such as interests; preferences; feedback and responses to surveys, blogs and messages.
All other terms are defined in brackets the first time that they are used.