Privacy policy

This privacy policy explains how and why we collect your personal data, how we use it and how we keep it secure. We may change this policy so we recommend you check this page occasionally to make sure you are aware of any changes.

Any questions about this policy and our privacy practices should be sent by email to enquiries@resus.org.uk.

Who are we?

We collect information when you:

  • are added to a course faculty or candidate list 
  • register on the RCUK support portal
  • become a member
  • subscribe to our newsletter 
  • purchase from our shop 
  • register a subscription to e- lifesaver
  • register to access the ReSPECT learning app
  • are added to the ReSPECT implementation network 
  • register to apply for a research and development grant 
  • register as a course centre administrator
  • register for an RCUK event
  • register to access the Adult Resuscitation e-learning portal
  • are added to the Generic Instructor Course Virtual Learning Environment
  • register to access Immediate Life Support learning materials
  • contract with us or correspond with us 
  • use our website

Your personal data may be provided to us by someone other than you, with whom you and we are both connected (e.g. someone with whom you and we are both collaborating, or your employer if we are doing business with them and they need us to liaise with you, or, if you are a candidate using our learning management system your details might be provided to us by the course centre administrator when they create an account for you), or may be gathered by us in our market research, or provided to us by third party market researchers, if you have a public profile at an organisation with whom we collaborate or wish to collaborate.

What type of information do we collect from you?

The personal information we collect may include your name, address, role, email address, other contact details, or, if you are a user of our Learning Management System, information regarding your completion of courses and qualification. Personal information which is on your profile page of the Learning Management System can be amended at any time by you.

We may collect data about your use of our website, which we obtain through our analytics tracking systems. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.

Where you correspond with us, we may have records of that correspondence. If we have a collaborative or business relationship with you or your employer, we may have your organisational contact details and any documents related to that relationship (such as contracts or transaction details).

How do we use your information?

We are required to identify both our purposes of processing and the “lawful basis” of processing (the “lawful basis” being one of the bases set out in Article 6 of the General Data Protection Regulation or GDPR).

Purpose/activity Type of data Legal basis for processing
To deliver our apps, content and learning material, to verify course completion or certification in response to third party enquiries Information that is provided in the LMS or otherwise when registering to access or use our apps, content or materials, or records of completion of courses or certification

(a) Performance of a contract with you

(b) Our legitimate interests (i.e. the delivery of our apps, content and materials in furthering our charitable purposes).

To correspond with you and to address any queries you may raise through our website or otherwise correspond in connection with any actual or potential business relationship we may have with you Contact information, including information that you provide by filling in forms on our site or otherwise by contacting us, and copies of your correspondence with us

(a) Performance of a contract with you
(b) Our legitimate interests (to address our users’ concerns and queries, to properly administer our business and communications, to conduct marketing, and to develop our relationships with interested parties)

To carry out our obligations arising from any contracts entered into between you and us

Contact information, including information that you provide by filling in forms on our site or otherwise by contacting us, and copies of your correspondence with us.

Documents featuring personal data, such as POs, proposals, contracts and the like

Performance of a contract with you
To use data analytics to improve the website and ensure that content from the website is presented in the most effective manner for you and for your computer Information relating to your visits to the website including IP address and traffic data Our legitimate interests (to keep the website updated and relevant, to develop our business, for network security)
To provide you with information regarding our products or services, news or updates that you request from us or which we feel may interest you Information that you provide by filling in forms on our website, or by contacting us, or information which we receive from third parties, and copies of your correspondence with us. This information may include your name, address, and email address

(a) Our legitimate interests (to develop our products/services and grow our audience); or

(b) Your consent, where required by law

Record-keeping and hosting, back-up and restoration of our systems Any personal data Our legitimate interests (ensuring the resilience of our IT systems and the integrity and recoverability of our data)
Bringing and defending legal claims Any personal data Our legitimate interests (being able to conduct and defend legal claims to preserve our rights and those of others)
Legal compliance (e.g. maintaining tax records) Any personal data Necessary to comply with a legal obligation

 

Who has access to your information?

The processing of personal information may require sharing the information with our employees, contractors and professional advisers, or within our group.

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

Third Party Service Providers working on our behalf: We may pass your information to our third party service providers, subcontractors and other associated organisations for the purposes of completing tasks and providing services. When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.

If you are a user of The Learning Management System: Our Learning Management System is not used solely for learning management, but also as a network of healthcare professionals. Any public profile information associated with your account may be visible to other users of the LMS or to healthcare bodies with access to the LMS (and we recommend for that reason you use professional rather than personal contact details). In addition, we use information from our LMS to verify candidates’ course attendance or qualification to third parties who have been authorised to request this information (such as employment agencies, or NHS Trusts), in which case we would confirm whether the candidate has undertaken the training in question, whether they hold a valid RCUK certificate and the dates on which they attended courses or obtained certificates. 

We may disclose your personal information if we are under a duty to disclose or share it in order to comply with any legal obligation, or in order to enforce or apply any terms or agreements we may have in place with you.

International transfers of your personal data

Some of the third parties to whom we may transfer your personal data, discussed above, may be located outside the EEA or may transfer your personal data to their own service providers located outside the EEA. If so, then we will ensure that transfers by our appointed data processors will only be made lawfully (e.g. to countries in respect of which the European Commission has made an "adequacy decision”, or with appropriate safeguards such as the use of standard clauses approved by the European Commission or the use of the EU-US Privacy Shield). You may contact us if you would like further information about these safeguards.

Access to your information and correction, and your other rights

You have rights under data protection law – they are complex, and subject to exemptions, and you can read guidance from the Information Commissioner’s Office at www.ico.gov.uk for a fuller explanation of your rights. In summary:

  • the right to access: you have the right to confirmation as to whether or not we process your personal data and, where we do, to access to the personal data, together with certain additional information;
  • the right to rectification: you have the right to have any inaccurate or incomplete personal data about you rectified or completed;
  • the right to erasure: in some circumstances you have the right to the erasure of your personal data (for example, if the personal data are no longer needed for the purposes for which they were processed or if the processing is for direct marketing purposes);
  • the right to restrict processing: you have the right to restrict the processing of your personal data to limit its use. Where processing has been restricted, we may continue to store your personal data and will observe the restrictions on processing except to the extent permitted by law;
  • the right to object to processing: you have the right to object to our processing of your personal data on the basis of legitimate interests (discussed above) or for direct marketing purposes and if you do so we will stop processing your personal data except to the extent permitted by law. For example, if you have given your consent to receive marketing communications, but have changed your mind, you have the ability to opt out from receiving such communications going forward by contacting us using the details provided below or by clicking the relevant link in any communications you receive.
  • the right to complain to a supervisory authority: if you consider that our processing of your personal data is unlawful, you have a legal right to lodge a complaint with the ICO.

If you would like to request a copy of some or all of your personal information or otherwise exercise your rights please contact us.

You can also write to us at:

Resuscitation Council UK 

5th Floor

Tavistock House North 

Tavistock Square 

London

WC1H 9HR

You are able to view and update your personal information which we hold in our Learning Management System at any time by logging on to your profile page on the Learning Management System.

Verification, updating or an amendment of personal data will take place within 30 days of receipt of your request. If you subsequently make a data protection instruction to RCUK which contradicts a previous instruction (or instructions), then RCUK will follow your most recent instruction.

Security

When you give us personal information, we take steps to ensure that it is treated securely. We use industry standard encryption for your transactions with us. It encrypts all of your personal information, including credit card number, name, and address, so that it cannot be read as the information travels over the Internet.

Credit Card information is not held by RCUK at any time, all payment information is handled by an accredited payment provider.

Retention

We will retain the information we receive and collect about you for a period which is reasonably required for us to use it in accordance with this Policy or in accordance with our legal rights and obligations.

Use of cookies

Resuscitation Council UK websites use cookies. A cookie is a small piece of data that is stored on your computer’s hard drive by a website. They collect statistical data about your browsing actions and patterns. Cookies do not typically contain any information that personally identifies a user (except for IP addresses in some cases).

See the cookies we use on this website.

Links to other websites

RCUK websites may contain links to other websites run by other organisations. RCUK is not responsible for the privacy guidance on third party websites even if you access these using links from our website. RCUK recommends that you read the privacy guidance on other websites before registering any personal data.

Updated 19 June 2020