Privacy Policy

Last updated: 27th May 2026

The Organising Committee of the 33rd Multinational Military Medical Exchange is committed to protecting your personal data and respecting your privacy. This notice explains how we collect, use, store and share information when you interact with us — in particular when you register for the conference, submit an abstract, or otherwise correspond with us.

This notice is issued under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

The data controller is the Organising Committee of the 33rd Multinational Military Medical Exchange [insert registered/contact address].

The Organising Committee has not appointed its own Data Protection Officer. Where any participating entity has a DPO with oversight of processing for this conference, their contact details will be made available on request.

For any questions about this notice or about how we handle your personal data, please contact: [contact email to be confirmed].

2. What we collect

When you register for a conference, submit material, or otherwise correspond with us, we may collect:

  • Identification details: title, name, professional credentials

  • Contact details: email address, postal address (where required), telephone number

  • Professional information: job title, organisation, rank or service (where applicable)

  • Conference-specific information: dietary requirements, accessibility requirements, attendance choices (e.g. workshop, gala dinner, sessions selected)

  • Payment information: handled by our payment processor — we do not store card details

  • Submitted content: abstracts, presentations, posters, and any supporting material submitted for review, display or publication

  • Correspondence between you and us

We collect this information directly from you, through the registration page on our website, through forms we send you, or through email correspondence.

Providing this data is a contractual requirement. Without it, we cannot process your registration, admit you to the conference, or fulfil related services such as catering and accessibility provision. Optional fields (for example, marketing preferences) are clearly identified and have no consequence for your attendance if left blank.

3. Why we collect it (lawful basis)

We process your personal data under the following lawful bases:

  • Performance of a contract (UK GDPR Article 6(1)(b)) — to administer your registration, deliver the conference, and provide associated services.

  • Legitimate interests (Article 6(1)(f)) — to run the academic programme, communicate updates about the event, and process abstracts and presentations for scientific content.

  • Consent (Article 6(1)(a)) — for optional uses such as recording presentations, including your image in event publicity, or contacting you about future events. You may withdraw consent at any time.

  • Legal obligation (Article 6(1)(c)) — to comply with applicable financial, tax, and record-keeping laws.

Where dietary, accessibility or health information is provided, we process this special category data under Article 9(2)(a) (explicit consent) for the purpose of meeting your stated requirements during the event.

4. How we use your information

We use your personal data to:

  • Process your registration and confirm attendance

  • Communicate with you about the conference (logistics, programme updates, joining instructions)

  • Manage abstract submissions, review, acceptance, and presentation

  • Cater for dietary, accessibility, and other stated needs

  • Issue certificates of attendance or CPD documentation

  • Maintain records for finance, audit, and accountability

  • With your separate consent: record presentations, photograph the event, and contact you about future activities

5. Who we share it with

We share personal data only where necessary to deliver the conference. Recipients may include:

  • The conference venue — for catering, accessibility and security

  • Our payment processor — for processing registration fees

  • Squarespace — our website host and registration platform

  • Google Workspace — our email and document platform

  • Partner organisations named in the programme (for example, journal partners receiving accepted abstracts for publication consideration) where this is integral to the conference offer

  • Speakers and chairs receiving delegate lists for context, where this is part of the academic programme

We will not sell, rent or trade your personal data.

International transfers. Some of our service providers (notably Squarespace and Google Workspace) are headquartered in the United States and may process data on infrastructure outside the UK. Where this happens, transfers are made under the UK Extension to the EU–US Data Privacy Framework, or under the UK International Data Transfer Agreement (IDTA) / UK Addendum to the Standard Contractual Clauses, as appropriate to the provider.

6. How long we keep it

We retain personal data only for as long as is necessary for the purposes for which it was collected:

  • Registration and attendance records: up to 2 years after the conference

  • Financial records (invoices, receipts): 6 years, as required by HMRC

  • Abstract submissions and accepted presentations: retained indefinitely for academic record purposes

  • Marketing contact details (where consent given): until you withdraw consent or after 3 years of inactivity, whichever is sooner

After these periods, data is securely deleted or anonymised.

7. How we keep it secure

We apply appropriate technical and organisational measures to protect your data, including access controls, encrypted transmission, and the use of reputable hosted services. While no transmission over the internet can be guaranteed fully secure, we take all reasonable steps to safeguard the information you provide.

8. Automated decision-making and profiling

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects. All decisions affecting your registration, abstract acceptance, or participation are made by named members of the Organising Committee or its scientific review panel.

9. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you

  • Rectification of inaccurate or incomplete data

  • Erasure of your data, where applicable

  • Restriction of, or objection to, our processing

  • Data portability

  • Withdraw consent where processing is based on consent

  • Lodge a complaint with the Information Commissioner's Office (ICO

To exercise any of these rights, please contact [contact email to be confirmed]. We will respond within one calendar month.

If you are not satisfied with our response, you may complain to the Information Commissioner's Office:

Information Commissioner's Office Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF Tel: 0303 123 1113 www.ico.org.uk

10. Cookies and analytics

Our website (admst.org) uses cookies provided by Squarespace to operate the site, remember your preferences, and gather aggregated analytics. For full detail, see the cookie banner on our site or Squarespace's cookie policy.

11. Changes to this notice

We may update this notice from time to time. The "Last updated" date at the top will reflect the most recent revision. Material changes will be communicated via our website or by email where appropriate.

12. Contact

For any questions about this notice or how we handle your personal data:

[contact email to be confirmed]