Effective Date: 5th November 2024
At CosmeticSurgeryInsurance.org (”we,” “us,” or “our”), we are committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and disclose your personal information when you visit our website, https://www.cosmeticsurgeryinsurance.org (the “Website”). It also explains your rights under the General Data Protection Regulation (GDPR) and how you can exercise them.
1. Data Controller Information
• Business Name: CosmeticSurgeryInsurance.org
• Address: Future Business Centres, King’s Hedges Road, Cambridge, CB4 2HY, United Kingdom
• Email: service@cosmeticsurgeryinsurance.org
2. Information We Collect
a. Personal Data You Provide to Us
We may collect and process the following personal data that you voluntarily provide:
• Contact Information: Name, email address, postal address, telephone number.
• Communication Data: Information you provide when you correspond with us by email, through our Website, or by other means.
• Subscription Data: Information you provide when subscribing to our newsletters, campaigns, or updates.
• Survey Responses: Data collected from your participation in surveys or feedback.
b. Information Collected Automatically
When you visit our Website, we may automatically collect:
• Technical Data: IP address, browser type and version, time zone setting, operating system, and platform.
• Usage Data: Information about how you use our Website, such as pages viewed, links clicked, and the date and time of your visits.
• Cookies and Similar Technologies: Data collected through cookies, web beacons, and other tracking technologies. (See Section 10 for more details.)
3. Legal Basis for Processing Personal Data
We process your personal data based on the following legal grounds under the GDPR:
• Consent (Article 6(1)(a) GDPR): Where you have provided explicit consent for specific purposes.
• Legitimate Interests (Article 6(1)(f) GDPR): Processing is necessary for our legitimate interests in championing and improving global safety standards in cosmetic surgery, provided it does not override your rights and freedoms.
• Compliance with Legal Obligations (Article 6(1)(c) GDPR): Processing is necessary to comply with our legal and regulatory obligations.
4. How We Use Your Information
We use your personal data for the following purposes:
• To Communicate with You: Responding to your inquiries, providing information about our campaigns and lobbying efforts, and sending newsletters or updates with your consent.
• To Improve Our Services: Analyzing usage data to enhance our Website’s functionality, user experience, and content relevance.
• To Promote Safety Standards: Using data to support our mission in advocating for standardized safety regulations across borders.
• To Comply with Legal Obligations: Fulfilling our legal duties, such as record-keeping and reporting requirements.
5. Disclosure of Your Information
We may share your personal data with:
a. Third-Party Service Providers
We may disclose your information to trusted third parties who assist us in operating our Website and conducting our business, such as:
• IT and Hosting Providers
• Email Communication Services
• Analytics and Search Engine Providers
These third parties are contractually obligated to keep your information confidential and use it only for the purposes for which we disclose it to them.
b. Legal Obligations
We may disclose your personal data:
• To Comply with Legal Processes: If required by law, court order, or governmental regulation.
• To Protect Rights and Safety: To enforce our terms and conditions or protect our rights, privacy, safety, or property, and/or that of others.
c. Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred to the acquiring entity.
d. International Data Transfers
Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, such as:
• Standard Contractual Clauses: Approved by the European Commission to provide adequate data protection.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
• Encryption: Secure transmission of data using SSL/TLS technology.
• Access Controls: Restricted access to personal data to authorized personnel only.
• Regular Security Assessments: Ongoing evaluation of our security practices to address new threats.
Despite our efforts, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including:
• Legal and Regulatory Requirements: Compliance with legal obligations and resolution of disputes.
• Business Needs: Maintenance of records for auditing, analysis, and improving our services.
Retention Periods:
• Contact Information: Retained for as long as we have an ongoing relationship or as required by law.
• Usage Data: Retained for analytical purposes for up to 26 months.
8. Your Rights Under GDPR
You have the following rights concerning your personal data:
a. Right to Access (Article 15 GDPR)
You may request confirmation of whether we process your personal data and access to that data.
b. Right to Rectification (Article 16 GDPR)
You may request correction of inaccurate or incomplete personal data.
c. Right to Erasure (Article 17 GDPR)
You may request deletion of your personal data under certain conditions, such as when it’s no longer necessary for the purposes collected.
d. Right to Restrict Processing (Article 18 GDPR)
You may request that we limit the processing of your personal data in specific circumstances.
e. Right to Data Portability (Article 20 GDPR)
You may request to receive your personal data in a structured, commonly used, and machine-readable format and have it transmitted to another controller.
f. Right to Object (Article 21 GDPR)
You may object to processing your personal data based on legitimate interests or for direct marketing purposes.
g. Rights Related to Automated Decision-Making (Article 22 GDPR)
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects concerning you.
9. Exercising Your Rights
To exercise any of your rights, please contact us using the details below:
• Email: service@cosmeticsurgeryinsurance.org
• Postal Address:
CosmeticSurgeryInsurance.org
Future Business Centres
King’s Hedges Road
Cambridge, CB4 2HY
United Kingdom
Verification Process:
We may need to request specific information to verify your identity before fulfilling your request to protect your privacy and security.
Response Time:
We aim to respond to all legitimate requests within one month. This period may be extended by two further months if necessary, considering the complexity and number of requests.
10. Cookies and Similar Technologies
a. What Are Cookies?
Cookies are small text files stored on your device when you visit our Website. They help us enhance your user experience by remembering your preferences and visits.
b. Types of Cookies We Use
• Essential Cookies: Necessary for the Website to function correctly.
• Performance Cookies: Collect anonymous data on how visitors use our Website.
• Functionality Cookies: Remember your preferences to personalize content.
• Targeting/Advertising Cookies: Track browsing habits to deliver relevant advertisements (if applicable).
c. Managing Cookies
You can control and delete cookies through your browser settings. However, disabling cookies may affect the functionality and your experience on our Website.
For more information on managing cookies, visit www.allaboutcookies.org.
11. Third-Party Links
Our Website may contain links to websites operated by third parties. We have no control over their content or privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.
12. Children’s Privacy
Our Website is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us immediately, and we will take steps to delete it.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.
Notification of Changes:
• Material Changes: We will notify you by email (if you have provided it) or by posting a notice on our Website prior to the change becoming effective.
• Review Period: We encourage you to review this Privacy Policy periodically for any updates.
14. Complaints
If you have concerns about our handling of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
• Website: https://ico.org.uk/
• Telephone: +44 303 123 1113
• Address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
United Kingdom
15. Contact Us
If you have any questions, comments, or requests regarding this Privacy Policy or our processing of your personal data, please contact us at:
• Email: service@cosmeticsurgeryinsurance.org
• Postal Address:
CosmeticSurgeryInsurance.org
Future Business Centres
King’s Hedges Road
Cambridge, CB4 2HY
United Kingdom
By using our Website, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and disclosure of your personal data as described herein.