You are here:

Privacy Policy

Published on

Updated:

1. Who we are

The International Union Against Tuberculosis and Lung Disease (The Union) is an international non-governmental organisation, registered as a charity in France as an “Association Loi 1901”, meaning that our work is not-for-profit and carried out for the public good. The Union’s registered office is 2 Rue Jean Lantier, 75001 Paris, France. Our legal representative is Dr Guy Marks, Interim Executive Director of The Union.

The Union has offices around the world, located in the European Union (EU) and countries outside of the EU. A full list of Union offices can be found on www.theunion.org, or provided by The Union upon request.

The Union is referred to in this privacy policy as "The Union", "we", or "us"

In accordance with the European General Data Protection Regulation (EU Regulation 2016/679), this Privacy Policy describes how we, as the ‘Data Controller’, use your personal data in order to provide you with a service or fulfil a contract with you. The Privacy Policy applies to personal data we collect and store about you when you interact with us (for example when you use our websites such as www.theunion.org).

By accepting this policy, you expressly consent to The Union processing your personal data. You can change your mind at any time by contacting us at privacy@theunion.org.

Changes to this privacy policy

Any updates to the Privacy Policy will be posted on The Union’s websites.

2. What personal data do we collect?

We collect personal data from you in a variety of ways, detailed here.

2.1. Data you choose to share with us

  • Personal details

Name, mailing address, email address, telephone number, date of birth, and gender.

  • Professional information

Organisation/employer/educational institution, curriculum vitae (resumé), qualifications, references.

  • Your preferences, interests and location

We may keep a record of what you have told us about how you like to be contacted (e.g. by emails only) and what you would like to receive (e.g. information about our conferences, courses or publications). Sometimes we collect information about topics that interest you (e.g. tuberculosis or tobacco control), and your location, so we can contact you about topics that are relevant to you. 

  • Your affiliations

We may also collect and record (process) any other relevant information you share with us about yourself, including your affiliations with related organisations or your employer. Particularly for employment and membership services, we record any relevant affiliations you may have.

  • Payment information

We may collect your bank account details and other payment information when you make a donation or pay for a service. We may also collect details about your taxpayer status when claiming Gift Aid/ charitable tax exemption.

2.2. Data we collect automatically

When you use our websites, we collect your personal data using “cookies”.  You can find more details in our Cookie Policy (section 7 below). 

2.3. Data we collect from third parties and partners

When we receive personal data from another company or partner, we will ensure that your personal data was collected legally.

2.4. If you are under 16

If you are aged under 16, you must get your parent/guardian’s permission before you provide any personal data to us.

3. How do we use your personal data?

The Union uses the personal data we collect for a number of purposes, including but not limited to:

  • deliver and give information on the products and services you have requested to receive;
  • administer your donation or support your fundraising, including processing Gift Aid/ charitable tax exemption;
  • make and manage payments;
  • manage our relationship and communicate with you;
  • respond to requests, complaints or queries;
  • verify your membership;
  • manage our courses, events and conferences;
  • conduct surveys, analysis and market research;
  • send you correspondence and communicate with you;
  • communicate with regulators, legislators and partners;
  • administer our websites and to troubleshoot and run data analysis;
  • generate reports on our work, services and events;
  • monitor website use for visitor location, website traffic and personal data;
  • process your application for a job;
  • ensure we fulfil your employment contract;
  • meet our legal obligations, for instance to perform contracts between you and us, or our obligations to regulators, government and/or law enforcement bodies;
  • establish, defend or enforce legal claims.

3.1. How we will contact you:

We may use your personal data to send you information about the work of The Union, and about our products and services, such as our conferences, journals, membership and courses. This might be by email, telephone, or post, but only with your express consent.

You can change your marketing preferences at any time by clicking on the “unsubscribe” link in the footer of our emails, or by writing to us, emailing us or phoning us.  All details can be found in section 10 (How may I contact The Union about its privacy policy?).

To enable us to personalise our communications in line with your interests, we may use some profiling in order to make a service more suitable, effective, and beneficial to you. This profiling is in line with the data we say that we collect from you, as laid out in section 2 of this policy (What personal data do we collect?).

4. What is our legal basis for processing your personal data?

The Union processes your personal data for the following reasons:

  • To provide you with a service that you have requested. For example, you have asked to receive our email newsletter.
  • To fulfil the obligations of a contract with you. For example, you have signed up as a member of The Union and we send you information about your membership.
  • To send you all relevant information in view of you being a "Member";
  • To comply with a legal obligation. For example, we will email members about The Union’s Annual General Meeting to ensure we meet our legal obligations for that meeting.
  • Where there is a legitimate reason to contact you, whilst ensuring this is not likely to be too intrusive.

5. Whom do we share your personal data with?

The Union may share (transfer) your personal data internally between our offices and departments and with organisations, subcontractors and partners located both in and outside the EU.

We work to ensure that these recipients follow this policy and provide protection, confidentiality and security for your personal data.

The Union will not sell or share your personal data with any third party, and you will not receive marketing from any other companies or organisations as a result of giving us your details, unless you expressly give permission. In addition, we will not sell any information about your web browsing activity.

5.1. Union offices and departments

The Union may share your personal data internally between its offices, which are based both in the EU and in countries outside of the EU. Where we share data outside the EU, we follow the processes described in section 5.4 ‘Sharing your data outside the EU’).

Your personal data may also be shared between internal departments of The Union in order to provide you with a service or comply with legal requirements related to contracts of employment. These internal departments include, the Office of Executive Director, human resources, accounting and finance, IT, membership, training and education department and communications.

5.2. Partners and other Third Parties

We may share your personal data with third parties who provide services to The Union or who act on our behalf. This includes subcontractors and partners for the events, conferences, training courses, IT and other suppliers, research agencies, payment processors, social security services, financial institutions, shipping companies and donation services.

We do not authorise these companies to use or disclose your personal data except for the purpose of providing the service we request of them, unless such disclosure is imposed by law or to fulfil our contractual commitments. 

5.3. Other circumstances where we will disclose your personal data

We will disclose your personal data to local and foreign regulators, governments, law enforcement authorities, advisors, courts, tribunals and arbitrators when we have a legal obligation to do so or when we believe our compliance with the request to be fair, reasonable and lawful. For example, to detect, prevent or investigate security breaches, fraud or other crimes.

We will also disclose your personal data to establish, exercise or defend legal claims, for example: (i) to enforce our Terms and Conditions; (ii) to ensure the safety and security of our users, consumers and third parties; and (iii) to protect our rights and property and the rights and property of our website visitors and third parties. 

5.4. Sharing your data outside the EU

When The Union shares your personal data with a subcontractor, partner or third party that is based outside of the EU, we ensure they process your data in a secure way, following the same practices as organisations based within the EU. We do this in three ways:

i. Where the non-EU country has been recognised by the European Commission as providing an adequate level of protection for personal data, The Union can be confident that the data protection laws in place will provide adequate protection.

ii. Where the organisation is subject to the EU-US Privacy Shield, which provides a framework for the exchange of personal data between a member of the European Union and a company based in the United States. Find out more.

iii. If the recipients of your personal data are located in non-EU countries that have not been the subject of an adequacy decision or do not adhere to the Privacy Shield, The Union will ensure that your personal data is given a level of protection, confidentiality and security that is on par with that permitted by the General Data Protection Regulations.

More information can be found on the official website of the European Commission.

6. What are your data protection rights?

Some services The Union provides are dependent upon our ability to process your data. You are under no obligation to provide us with your personal data.  However, if you wish to benefit from a service, sign a contract with The Union, or use our websites, there is some information that you will need to provide. If you do not submit such information or let us access it, this may prevent us from being able to provide you with products and services, or otherwise interact with you. We will tell where such information is required before we collect it.

You have the following rights in relation to your personal data:

  • Access: The right to request access to and have a copy of your personal data and to find out how your data is being used and how we obtained your personal data;
  • Modification: You can ask us to update or change the data we have about you;
  • Rectification:  You can have any inaccuracies in your personal data corrected. This includes the completion, updating or deletion of personal data that is inaccurate or which is out of date;
  • Erasure (“right to be forgotten”):  You can ask us to delete all your personal data in certain circumstances (e.g. if the data is no longer necessary for the purposes for which it was collected);
  • Objection: You can object to us processing your personal data in certain circumstances;
  • Objection to marketing:  Please see section 3 (How do we use your personal data?) for information about how to opt-out of direct marketing communications;
  • Portability: You can ask us to transfer your personal data electronically to you or another organisation in certain circumstances;
  • Restriction: You can ask us, subject to some verifications, to restrict the processing of your personal data if you think, inter alia, your personal data is not accurate or no longer needs to be processed by us for some specific purposes;
  • Withdrawal of consent: Where we rely on your consent to process your personal data, you can withdraw consent at any time;
  • Specify the use of your personal data upon your death: When The Union becomes aware of the death of a person, their personal data will be deleted.

You have the right to complain to the relevant supervisory authority or court. For example, the Commission Nationale Informatique et Libertés (CNIL) in France, or the Information Commissioner’s Office (“ICO”) in United Kingdom.

If you would like to exercise any of the above rights, please email or write to us using the details outlined in section 9 (How may I contact The Union about its privacy policy?). We will do our best to respond to you as quickly as possible.

Legal redress for breach of the use of your personal data may be brought before the appropriate courts in countries where The Union has an office, or in your country of residence.

7. How do we ensure your personal data is safe?

The Union works hard to ensure our physical and technical systems are secure. We take careful precautions to protect all personal data on our database, including using encryption and monitoring access to our secure networks and systems.

We also take care to ensure we have secure systems for processing your payment information, such as your credit card or debit card details.

Despite our best efforts to protect your personal data electronically, we cannot guarantee the security of information sent over the internet. The Union cannot accept liability for information that is illegally intercepted or changed after it has been sent.

8. How long is your personal data retained?

Whenever we collect or process your personal data, we will only keep information about you for as long as we need to fulfil the purposes for which we are processing your personal data.

Your personal data is retained for the duration of your relationship with The Union. Beyond that, we will only keep your data if permitted by the data protection laws of the country where your personal data is processed.

At the end of that retention period, your data will either be deleted or anonymised.

9. The Union’s cookie policy

The Union uses cookies to record information when you use our websites, including about the browser you are using, your IP address, the length of your visits to the websites, the pages you have viewed, the date and time of your visit.

5.1 What is a cookie?

Cookies are small text files which are downloaded to and stored on your device when you visit a website. They are widely used by website owners and let websites recognise your device, so that the sites can work more effectively. They also gather information about how you use the site. On its own, a cookie cannot be used to identify you.

5.2 What cookies do we use and why?

We use cookies to distinguish you from other users of our websites. This helps us to provide you with a good experience when you come to our websites and allows us to improve the user experience on our websites.

The Union uses the following types of cookies:

  • Necessary Cookies: These enable core functionality such as page navigation and access to secure areas. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.
  • Analytical Cookies: These allow The Union to measure and track the visitors to our websites, to see how people use our websites. This helps us to improve our websites and make sure people can finding the information they are looking for. We also track which websites people arrive from, so that we can understand how people find The Union’s websites.
  • Functionality Cookies: These cookies allow a website to remember choices you have made in the past, like what language you prefer, what region you would like weather reports for, or what your user name and password are so you can automatically log in.
  • Third Party Cookies: We use some third party services or software on our website. If you go to a page on our website that contains this embedded content, you may be sent cookies from these websites, for example YouTube videos, Google, Addthis.com, Facebook and Twitter. We do not control the setting of these cookies. You should check the third party website for more information about their cookies and how to manage them.

5.3 ​​Controlling the use of cookies

Most internet browsers automatically accept cookies unless you change your browser settings. If you wish to restrict, block or delete the cookies which are set by any websites, you can generally do this through your browser settings. These settings are usually found in the 'options' or 'preferences' menu of your internet browser. You can find help for specific browsers here: Internet Explorer; Safari; Chrome; Firefox; Opera.

Unless you have adjusted your internet browser settings to block cookies, our site will set cookies.

If you accept cookies on The Union’s websites, The Union will retain them while you are using the website, or for the legally allowed time and provided that retaining these cookies is strictly necessary.

In any case, The Union does not save sensitive personal data in the cookies it uses, or information that allows you to be directly identified such as your address, your password, your credit or debit card data, etc.

10. How may I contact The Union about its privacy policy?

For general enquiries on your personal data rights, you can contact us by email privacy@theunion.org or by post:

The International Union Against Tuberculosis and Lung Disease, (The Union), I.T. Department, 2 Rue Jean Lantier, 75001 Paris, France.