About the Organisers
Data is important to us as an organisation because it enables us to promote our events in a targeted manner to previous and future relevant delegates; to promote our events to previous and future relevant exhibitors and sponsors; to provide our contractors and suppliers with the basic information they require to run our events effectively. We do not sell data to any third parties.
Delegate and Potential Delegate Data
The majority of delegates register for our events online via our website. Some may register over the telephone or onsite at an event. Potential delegates may register an interest prior to registering as a delegate. This data is stored by our registration company and cannot be shared with any other organiser. We ask delegates for their name, job title, organisation, address, telephone and email address together with which conference sessions they wish to attend. We use this information for the following:
- To send out early registration details and a conference programme
- To send registration confirmation once registered
- To link through to our official Web App – it is optional whether you wish to use this and upload a more detailed profile which can be viewed by those who have registered to attend the event
- To send out information prior to the event that will aid their planning
- To send out final reminders by email, post and SMS
- To send out a feedback form following the event
- To send out a CPD certificate
- To send out information for next year’s event to ensure they are able to register early. If they are unable to attend, we will send for one more year’s event as we often find that delegates attend alternate years and in any event, they are keen to pass the information on to colleagues. We will not use any data beyond that.
- By registering for the event, the delegate permits us to use the information for the above purposes
- Where a delegate has stated that we are able to share their details (excluding telephone number) with exhibitors, we share this with around a third of our exhibitors, namely those who sign up early. Delegates can request that their details not be shared with exhibitors. We do not share the information with anyone else
- We ask delegates their conference session preferences to enable us to allocate conference rooms according to numbers attending. We also use the information for producing anonymous statistics (figures, no names) which we share with exhibitors, speakers and the venue. This helps us to plan the next event. Delegates will also be able to select conference sessions via our official Web App and that information will be used in the same way
- Delegates are scanned by a data scanner (Organiser Scanner) as they enter the exhibition hall. All delegates attending the conference must be scanned into the hall so that we know they are attending. This is to aid security, monitor numbers and send out CPD attendance certificates. We cannot send CPD confirmation to anyone who has not been scanned into the hall
- Some exhibitors choose to hire data scanners (Exhibitor Scanner) for the event in the form of a scanning stick or telephone app. By allowing the exhibitor to scan your badge, you are permitting them access to the data you have supplied when registering for the event. If you do not wish them to have access, please let them know and ask them not to scan your badge. Please however wear your badge at all times for security purposes otherwise you will not be permitted entry to any of the sessions. The data does not include your telephone number
Exhibitor and Potential Exhibitor Data
By signing up as an exhibitor or registering an interest in the event, you are permitting us to use the information provided to:
- Send out information about the event
- Send out confirmation and invoices once you have booked to exhibit or sponsor
- Send out the exhibitor information pack via our website (or hard copy if requested)
- Use the information you provide via the website, email or verbally to ensure the event runs successfully. This includes badge names, build up time, name board, stand specifications, electrical and furniture orders, editorial and logos for the event guide. We only pass on relevant information to our suppliers/contractors and never pass on contact details
- Your company name, stand number, website and editorial will appear in the official Web App that is accessible to all registered delegates attending the event. If you do not want all or some of this information to appear, please inform email@example.com We cannot accept responsibility for any errors that may occur
- Your company logo will also appear on the event website. If you do not want this to appear, please inform firstname.lastname@example.org We cannot accept responsibility for any errors that may occur
- Your company name and stand number will also appear on a printed sheet available to delegates unable to access the official Web App and can be collected from registration on the day
Speaker and Potential Speaker Data
Upon acceptance of a speaking slot, speakers are requested to complete and return a form which provides their contact and other details. This information will be used as follows:
- To list your session title, your name, job title and organisation in the conference programme, official Web App and on the website
- We may use your photo and logo, if provided, in the programme and any pre-event information such as the official event newsletter, Web App and social media
- To inform our audio visual provider of your technical requirements
- To inform the venue of any other relevant requirements such as dietary or ability impairments
- Following the event we will send out a speaker feedback form and will use this information in planning next year’s event
- We also send out a speaker expenses form, where expenses have been agreed. We use this information for making payments only. Where you provide your bank details on this, the form will be held in a safe place and professionally destroyed afterwards
- We also give you the opportunity to supply speaker slides which may be made available to delegates following the event. These can only be accessed by attending delegates only and are pass-worded. They cannot be copied or used by any third parties, including delegates. It is up to speakers if they choose to put any contact details on their slides
- We do not share any speaker contact details with any third parties whatsoever
- We may be filming session highlights and be making these available to delegates following the event who have selected this option. These will be available from our pass-worded You Tube account following the event. Please inform email@example.com if you do not want to be filmed. Delegates are not permitted to film any sessions
- We may also use film footage for promoting future events
Data Supplied to Contractors for the Purpose of Running Events
We supply limited data to our contractors as follows:
- Our officially appointed registration company – they build and manage our registration site, register all delegates before and after the event. They send out confirmations and emails to registered delegates to enable them to plan their event effectively and to ensure they bring with the correct information on the day. They produce and distribute delegate badges onsite and prior to the event. Their key staff are responsible for ensuring this data is protected before, during and after the event. They employ temporary staff to produce the badges – these staff will be able to see the delegate name, job title and organisation on the registration system for the purpose of printing badges. They are supervised at all times. An exhibitor may choose to purchase a data scanner direct from the registration company.
- We do not pass detailed data to the venue. The only information they receive will be the exhibitor name and stand number. This is used for the purposes of marking out the exhibition hall. We do not share any delegate data with the venue. An exhibitor may choose to purchase items directly from the venue such as food, internet access, waste, water and gas. This information is not shared with us.
- We have one official stand contractor. They are responsible for building the stands and supplying furniture and electrics. The only information they receive is the exhibitor name, stand number and furniture and electrical requirements. An exhibitor may choose to purchase other items from the contractor directly. This information is not shared with us. We do not share any delegate contact data with the stand contractor.
- We have one official supplier of audio visual equipment. They are responsible for hiring out any audio visual equipment. We do not share any of our information with them regarding exhibitors or delegates.
- We have one official hotel booking agency. Exhibitors and delegates may choose to use this service to book hotels near the venue. We may from time to time ask for a list of names booked in to a specific hotel in the event of needing to arrange transport from that hotel to the venue or to be able to see which hotels are most popular with delegates and exhibitors. We would never be provided with any information other than name and organisation.
Upon appointment, employees are asked to provide their address, contact details, next of kin, date of birth, national insurance number and bank details. These are safely stored on a pass-worded PC and safely filed out of the office. This information is not shared with any third parties with the exception of:
- Our payroll company and accountants for the purpose of calculating monthly salaries and making payments
- Our pension provider and child care voucher provider for the purposes of making appropriate payments. Access to these are password protected with one person responsible for managing all payments.
We maintain several office systems that are operated within our office:
- Contact Management Database used for storing details of existing and potential exhibitors and sponsors. This contains contact name, job title, organisation, address, email and telephone where available together with a log of other relevant information including stands booked, areas of interest, calls for action. We never share this information with third parties. Access is password protected and we regularly call contacts to update information and remove details if no longer relevant for our events. People can ask for their details to be removed.
- Accounts system used for raising sales invoices (exhibitors and delegates) and logging purchase invoices. This system contains name, organisation, address, email, telephone and amounts paid or owed. We use online banking to make payments and this system will hold up to date bank details of suppliers in order to make payments. We never share this information with third parties and access is protected by three levels of passwords with one controller.
- Exhibitor Database used for logging details of current and previous exhibitors. This contains contact name, job title, organisation, address, email and telephone together with information relevant to ensuring the smooth running of our events such as stand number, size, electrical and furniture requirements, build up times and badge names. All of this information is supplied directly by the exhibitor either by information on the stand booking form, email or via our website. Only relevant details are shared with stand contractors to enable them to build stands at the event. We do not share contact details with third parties.
- Speaker Database used for logging details of current and previous speakers. This contains contact name, job title, organisation, address, email and telephone together with information relevant to ensuring the smooth running of our events such as session title, time of talk, audio visual requirements and special ie. dietary requirements. We share audio visual requirements with our audio visual provider (but not contact details) and dietary requirements with the venue so that they can ensure appropriate provision. We do not pass on any contact details to third parties.
- Payment System We are currently using Stripe as a pay portal. Access to this is passworded and accessible only by one employee plus the financial controller for purposes of monitoring payments received and producing financial reports. Details are not stored and we are governed by the protection and regulations set out by Stripe.
We also employ a software maintenance company who has access to our network and PCs in order to support, maintain and protect our systems. This is regularly reviewed.
- Our websites – we maintain two event websites – healthwellbeingwork.co.uk and www.primarycarehealth.co.uk These are updated and maintained by an external website designer. In addition to disseminating information about our events, they contain links to a ‘behind the scenes’ system to allow people to register an interest in the event and to download information, newsletters and blogs. Our website contains cookies. When you visit one of our websites, we collect standard internet log information for statistical purposes. To improve our service we collect anonymous web statistics using a programme called Google Analytics. They store several cookies on users’ computers or mobiles devices to tell us how many people have visited each web page, how they got there, and where they navigated to from there. The data collected is completely anonymous and does not store any personal details. You have the opportunity to set your computer to accept all cookies, to notify you when a cookie is issued, or not to receive cookies at any time. The way in which you do this depends upon the web browser which you use. We do not associate information gathered from our sites with personally identifying information from any source. When we collect personal information, for example via an online form, we will explain what we intend to do with it. Our websites may contain links to various third party websites. We are not responsible for the content or privacy practices of any external websites that are linked from our sites.
- We maintain Twitter, LinkedIn and Facebook accounts which organisations and individuals can follow. We use these for disseminating exciting news about our events and from time to time provide links to enable followers to register an interest in attending our events. We do not share this register of interest with third parties.
- We use Hubspot and Mailchimp for storing data for marketing purposes. This data is never shared with a third party. Recipients of any mailing have the choice to opt out at any time
- We use Survey Systems following events to encourage feedback from delegates, exhibitors and speakers. Feedback is used to plan future events, ensuring that content is relevant to attendees. We do not share personal details with any third party but may share general comments with the venue and suppliers if it enables them and us to improve future events. Examples may be better signposting, comments regarding food provision etc. If an exhibitor says that we can use a quote on our promotional literature for future events, we may use this in an exhibition brochure.
Privacy Within the Office and at Events
We maintain a clear desk policy. This means that personal data is always filed appropriately and not left for others to view. Systems that hold data are password protected and passwords are regularly changed. All of our systems are cloud-based. Employees are clear on who has access to what data, what it can be used for and how it should be protected and are not permitted to save data to their personal computers or to remove it from the premises. Any print outs of data no longer required will be shredded.
Request for Sight of Personal Data
If you would like to see what personal data we hold for you or your company, please put this request in writing to: Operations Manager, Sterling Events Ltd, 62 Hope Street, Liverpool L1 9BZ, UK. Please state clearly your name, your job title, your company name and what data you require. We will provide this within 40 days of receipt of the request. We reserve the right to charge for such data search up to a maximum of £10 per request to cover costs of staff time, postage and packaging.
What We Will Do in the Event of a Breach
We will endeavour to notify everyone within 72 hours of the breach although if this takes place over a weekend and we are not made aware of it immediately, this may not always be possible.
Disclosing Data for Legal Purposes
In certain circumstances, the Data Protection Act allows personal data to be disclosed to law enforcement agencies without the consent of the data subject. Under these circumstances, we will disclose requested data but only following due diligence to ensure such request is legitimate.
Policy last updated: July 2022
Written and reviewed by: Event Director, Primary Care and Public Health