General Data Protection Regulation (GDPR) Compliance Statement

The Patient Safety Movement Foundation (PSMF)
General Data Protection Regulation (GDPR) Compliance Statement

Effective Date: May 25, 2018 

Contact Information

The Patient Safety Movement Foundation (PSMF)
Attn: Privacy Officer
52 Discovery
Irvine, California 92618
info@patientsafetymovement.org 

The Types of Personal Data That We Collect

The Patient Safety Movement Foundation (PSMF) collects personal data from data subjects who visit our public and customer-facing web and mobile sites (“EEA Website Visitors”), those who attend our industry events (“EEA Event Attendees”), and individual representatives of our corporate customers, suppliers and business partners (“EEA Business Contacts”), and temporary staff.

From EEA Website Visitors and EEA Event Attendees, PSMF may collect the following types of personal data:

  • Personal information provided when a registration account is created, which may include first and last name, email address, username and password.
  • Personal information provided when a Visitor requests information or registers for an industry event or social function, whether on our Site or an affiliated one, including postal address, telephone number, and payment information.
  • Personal information related to donations using a credit card.
  • Personal Information a Visitor provides in public forums on our Site and Applications such as quotes, comments, photographs, videos, or other digital media
  • Personal Information sent either one-to-one or within a limited group using our message, chat, post or similar functionality, where we are permitted by law to collect this information
  • Personal Information provided to us when a Visitor uses our Site, such as social networking sites, or links his/her profile on a third-party site or platform with the registration account
  • Location information when a Visitor visits our Site or affiliated sites, including location information either provided by a mobile device or associated with the IP address.
  • Usage, viewing and technical data, including the device identifier or IP address, when a Visitor visits our Site or affiliated sites, or open emails we send; internet service provider; pages visited; country of origin; and files downloaded.

From EEA Business Contacts, PSMF may collect the following types of personal data:

  • Phone number, email address, and ship to/bill to addresses
  • Financial and billing information;
  • Company information;
  • Activities, interactions, preferences, transactional information, and other computer and connection information (such as IP address) relating to use of our websites and our services;
  • Log files, information collected by cookies and similar technologies about the pages viewed, links clicked and other actions taken when accessing our websites;
  • Security authorization and authentication information;
  • Usage data; and
  • Other personal data provided by the EEA Business Contact.

From temporary staff, PSMF may collect the following types of personal data:

  • Name;
  • Phone number;
  • Home and e-mail addresses;
  • Driver’s license or passport;
  • Social security number;
  • Marital status;
  • Family member information;
  • Financial information;
  • Professional career/employment information; and
  • Healthcare information.

Purposes for the Processing of Personal Data; Legal Basis

PSMF processes the personal data of EU data subjects for the purposes of:

  • Completing registration for industry events;
  • Processing donations;
  • Preventing fraud;
  • Complying with requests from regulatory and law enforcement authorities;
  • Providing information about our organization;
  • Personalizing visitors’ experience on our websites
  • Communicating with corporate business partners about business matters;
  • Conducting related tasks for legitimate business purposes;
  • Aggregating data;
  • Administration of information and network security;
  • HR administration and internal PSMF communications;
  • Meeting legal or regulatory requirements and PSMF’s internal policies;
  • Management of travel, lodging, and related expenses; and
  • Other purposes disclosed at the time of collection.

The contract between PSMF and the attendee of an industry event forms the basis for the processing of personal data.  For all other Visitors to the PSMF website, the basis is consent.  For all other data subjects, such processing has been determined to be in the legitimate interest of PSMF and the respective data subject in order to promote a charitable, employment or business relationship, as applicable.

Recipients of Personal Data

PSMF may share personal data we collect from EU data subjects with the following types of third parties and for the following purposes:

  • Third parties with whom PSFM is organizing and/or co-sponsoring industry events;
  • Masimo, Inc. and its affiliates;
  • Payment card processors. All credit card transactions are managed by an external service with its own secure site and privacy statement, which is accessible from the service’s online donation page; and
  • Third party service providers contracted to provide services on our behalf.

Transfer of Personal Data to a Third Country

Personal data collected by PSMF may be stored or processed in the United States or in any other country where PSMF or its affiliates, subsidiaries, or third party service providers maintain facilities.  EU data subjects who provide personal data to PSMF consent to the processing and transfer of that data to the United States and around the world.

PSMF may also execute agreements with third parties for the transfer of personal data outside of the EU using European Commission-approved Standard Contract Clauses.

Retention Period

Personal data is retained by PSMF no longer than necessary to execute its obligations under applicable contracts with event attendees or business partners.

Access to, Modification and Deletion of Personal Information

For questions about the collection personal data by PSMF, or to exercise the right to access, correct, update, or delete such data or object, for legitimate purposes, to the processing of personal data, as provided under applicable law, please contact PSMF:

The Patient Safety Movement Foundation (PSMF)
Attn: Privacy Officer
52 Discovery
Irvine, California 92618
info@patientsafetymovement.org

Please help us to keep your data accurate by informing us of any personal information change promptly.

There may be cases where restrictions on the amount of information that can be disclosed to data subjects under applicable law (for example, if that would necessarily involve disclosing information about another person).  PSMF is permitted to withhold some types of personal data in certain circumstances, subject to applicable local law requirements.  If there is a dispute, please contact the PSMF privacy officer at the above address.  In addition, data subjects have the right to lodge a complaint with a supervisory authority.

Right to Withdraw Consent

Data subjects whose processing is based upon consent may withdraw that consent at any time; however, PSMF will not be able to provide or continue to provide services or marketing communications to the data subject.  Data subjects who are PSMF event attendees provide personal data as part of the contractual relationship; failure to provide such data will result in PSMF not being able to provide or continue to provide communications about the event or the attendee account, materials from past industry events, or marketing communications. 

Changes to This Statement

We may update this Compliance Statement to reflect changes to our information practices. If we make any changes to this Compliance Statement, we will notify data subjects by means of a notice on this Site as well as the applicable date.  We encourage Website Visitors, Business Contacts, and others to periodically review this page for the latest information on our privacy practices.