Who we are

We are an incorporated association called Structural Heart Disease Australia (SHDA). Our website address is: https://shda.org.au. We focus on providing educational resources in valvular and structural cardiac diseases.  This includes hosting a number of symposiums each year that focus on a particular sub-topics of structural cardiac disease.

 

What personal data we collect and why

Newsletters

We offer visitors the option to subscribe to an online newsletter, sent periodically via email, with links to content on our website and other information relevant to our users, for example details on upcoming structural heart disease meetings. When visitors use the form on our website to join the newsletter, we collect their name an email address. These are needed to send and personalise the emails.

Comments

When visitors leave comments on our website we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Contact forms

When you use the contact form on the website, this generates an email which is sent to [email protected]. This email contains the data you entered into the name, email, and message boxes. This data is used to understand your request and reply to you. Access to this data is restricted to only a few individuals that are directly involved in managing responses.

Cookies

A cookie is a small text file that our website may place on your computer as a tool to remember your preferences. Cookies are an industry standard and most major websites use them. You can view our detailed Cookie Policy here, which includes a full list of all cookies set by our website.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Our website may also contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. When you go to other websites from here, we advise you to be aware and read their privacy policy.

Analytics

Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

By using this website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy and for the purposes set out above. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google.

Our website also uses interfaces with social media sites such as Facebook, Twitter, YouTube and others. If you choose to “like” or “share” information from this website through these services, you should review the privacy policy of that service. If you are a member of a social media site, the interfaces may allow the social media site to connect your visits to this site with other Personal Information.

Website Security

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect our website from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 14 days.

 

Who we share your data with

We use a number of third-party services to perform certain functions on the website.

The online newsletter is administered using a service called Mailchimp. When visitors complete the newsletter sign-up form on our website, the data they enter including name and email address is sent to the Mailchimp service. For more details, please see Mailchimp’s privacy policy.

Registration and ticketing for SHDA symposiums are managed through a service called Eventbrite. When a visitor clicks on a registration link on our website they are directed to the Eventbrite website to enter the required details and complete payment if required. No data is transmitted between directly between the two websites. For more details, please see Eventbrite’s privacy policy.

Our website is scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

 

How long we retain your data

If you join the newsletter, your name and email address are kept in the Mailchimp service indefinitely. This is so that you continue to receive the newsletter.

If you leave a comment on this website, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For SHDA members who have an account on this website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Security logs are retained for 14 days.

 

What rights you have over your data

If you signed up for the newsletter, you are able to unsubscribe at any time by clicking the ‘Unsubscribe’ link in any newsletter email. When you unsubscribe from the newsletter this information is removed from the Mailchimp according to their privacy policy.

If you have an account on this website, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

 

Where we send your data

Data on this website is hosted on a web server located in North America that is administered by WPEngine. They have certified compliance with the EU–US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. More information about this framework is available here.

The Mailchimp service (used for administering the online newsletter) uses web servers located in the United States. They have also certified compliance with the EU–US Privacy Shield Framework and the Swiss-US Privacy Shield Framework.

The Eventbrite service (used for event registration and ticketing) uses web servers located in the United States. They have certified compliance with the EU–US Privacy Shield Framework.

This website is part of a network of websites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.

Visitor comments may also be checked through an automated spam detection service.

 

Additional information

How we protect your data

We protect visitor data with the following website features:

  • Access to website data is strictly limited to the minimum number of individuals within SHDA.
  • We use SSL/HTTPS throughout all of our website. This encrypts user communications with the web server so that personal information is never captured by third parties without authorisation.
  • Our web server has a number of security measures in place, including disk write protection and scanning for malicious or vulnerable code (more information from WPEngine available here).

What data breach procedures we have in place

If for any reason there is a data breach, we will promptly alert you of such a breach and block all activity to the site until the breach is secured. Once we have alerted you of such a breach, you may request to have any data removed from our site.

What third parties we receive data from

We do not receive any data from third parties.

What automated decision making and/or profiling we do with user data

We do not use any automated decision making service, or profile users according to their data.

Industry regulatory disclosure requirements

We receive funding and educational grants from related industries. These are needed in order to provide our educational content free of charge on our website, and also to host our regular symposiums. These companies are listed here. These industries in no way dictate the content or messages on our website.

 

Contact us

If you have any questions about our privacy policy or would like access to your data you can contact us using our website form. Alternatively you can email us at [email protected].

 

This policy was updated on 02/07/2018.