Version 1 | 21.10.2024

Introduction:
The Polish Medical Association in Great Britain (PMA) is committed to protecting the privacy and
security of your personal data. This policy outlines how we collect, store, and use your personal
information in accordance with the General Data Protection Regulation (GDPR) and other
applicable laws.

  1. Data Controller: The PMA is the data controller responsible for your personal data, which
    means we determine the purposes and ways your personal data is processed.
  2. Personal Data We Collect: We collect the following personal information from our
    members:
  • Name
  • Email address
  • Mobile phone number
  • Date of birth
  • Alma mater and year of graduation
  • GMC/GDC/GPhC number
  • Medical specialty
  • Current place of work
  • Area of interest / expertise
  • Profile photo
    You may also choose to be listed in the PMA Members’ Directory, which will be accessible to
    other members of the association.
  1. Purpose of Data Collection: We collect and process your personal data for the following
    purposes:
  • Maintaining membership records
  • Communication of PMA-related activities, including events, newsletters, and relevant
    updates
  • Enabling networking and collaboration via the Members’ Directory (if consent is
    provided)
  1. Legal Basis for Processing: We process your personal data under the following lawful bases:
  • Consent: We will obtain your explicit consent for specific uses of your data, such as
    inclusion in the Members’ Directory and receiving newsletters or event updates.
  • Contract: We process personal data as part of fulfilling membership obligations.
  • Legitimate Interests: We may process data for the internal organisation of the PMA and
    ensuring our members receive relevant professional information.
  1. Data Sharing: Your personal data will be shared with other PMA members if you opt to be
    included in the Members’ Directory. We will not share your personal data with third parties
    unless required by law or to protect the association’s legitimate interests.
  1. Data Security: We implement appropriate security measures, including encryption and
    access controls, to protect your data on our platform.
  1. Data Retention: We retain your data for the duration of your active membership. If your
    membership becomes inactive (i.e., you have not paid the annual membership fee), we will
    continue to store your data in our database to facilitate reactivation of your membership unless
    you request to be completely removed. Inactive members will still have the right to request
    deletion of their data at any time. Upon receiving such a request, we will delete your data unless
    we are legally required to retain it for a specified period.
  1. Your Rights: As a data subject, you have the following rights under GDPR:
  • Right to Access: Request access to your data.
  • Right to Rectification: Request correction of any inaccurate data.
  • Right to Erasure: Request deletion of your data (the “right to be forgotten”).
  • Right to Restrict Processing: Limit the ways we process your data.
  • Right to Data Portability: Request a copy of your data in a structured, machine-
    readable format.
  • Right to Withdraw Consent: Withdraw your consent at any time, especially regarding
    inclusion in the Members’ Directory or receiving newsletters.

9. Contact Information: If you have any concerns or wish to exercise your rights, pleasecontact us at info@polishmedicalassociation.net