Privacy Policy
-
Introduction
- This privacy notice (Privacy Notice) sets out the ways in which we, The British Editorial Society of Bone & Joint Surgery (we, us, our), collect and use your personal information when you visit our websites: https://boneandjoint.org.uk/, www.orthomedia.org.uk, https://orthopublish.org.uk/home and www.orthosearch.org.uk/Home (the “Sites”).
- Please read the following information carefully to understand our practices regarding your personal information and how it will be treated, and your rights in respect of your personal information.
- The Sites are not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 18. If you are under the age of 18, please do not access our Sites at any time or in any manner. We will take appropriate steps to delete the personal information of persons under the age of 18.
-
About Us
- The British Editorial Society of Bone & Joint Surgery is the data controller in respect of your personal information.
- We are a company registered in England under company number 522061, with our registered address at 22 Buckingham Street, London WC2N 6ET, UK.
- You can contact us as follows: FAO: Richard Hollingsworth, Managing Director at The British Editorial Society of Bone & Joint Surgery, 22 Buckingham Street, London WC2N 6ET or by email to data@boneandjoint.org.uk.
-
Information we may collect about you
-
Information that you provide to us.
-
We will collect any information that you provide to us when you:
- make an enquiry, provide feedback or make a complaint over the phone, by email or our Sites;
- sign up to our marketing list;
- submit, edit or review manuscripts to us by post, email or via our Sites;
- interact with our content such as commenting or reposting video conferences or podcasts;
- enter into a contract with us to publish your article;
- submit an application to a job vacancy;
- subscribe to our journals from our Sites, by post, by email, by fax, by telephone or from our stand at a conference;
- create an account on our Sites;
- provide your details when you meet us or fill out a form and send back to our office at a conference or event;
- attend an event or virtual conference we host;
- take part in a survey we conduct.
-
The information you provide to us will include (depending on the circumstances and service used):
- Identity and contact data: title, names, addresses, email addresses and phone numbers;
- Account profile data: if you’re registering for an account you may also provide a username, password, email, orthopaedic specialty, job title, organisation, job function, telephone, postal address, ORCID ID and additional information about your academic and work history, references and any other such similar information as may be required;
- Financial data: If you are using the Sites to purchase products or services, or filling out a form received in the post, from your association or at a conference, you will also provide payment details, which may include billing addresses, postal address, credit/debit card details and bank account details;
- Employment and background data: If you are submitting a job application, you may also provide additional information about your academic and work history, projects and research that you are involved in, references and any other such similar information that you may provide us;
- Survey data: from time to time we might ask if you would be willing to participate in our surveys; if you agree, we will also collect any information that you provide as part of that survey.
-
We will collect any information that you provide to us when you:
-
Information we collect about you.
- Information contained in correspondence. We will collect any information contained in any correspondence between us. For example, if you contact us using a query button on our Sites or by email or telephone, we will keep a record of that correspondence;
- Information transmitted on the Sites. We will collect information that you upload or post to your Sites account and/or any correspondence or interactions that you may have with other Sites account holders;
- Sites usage data. We will collect information about your interactions with the Sites, including information such as login data, IP address, page views, searches, requests, orders, pre-approvals, confirmations, agreements between you and other Sites users and other actions on the Sites;
- Events/Conference data: We may capture images of you when we take photographs of or film an overview of an event, or if we record video conferences or virtual events. Your image may be included in an image or video of the audience at an event you attend or your image may be specifically captured if you are a speaker at an event. We will endeavour to let you know, for example by notices at the event or where applicable contacting you for a release, if we will be photographing, filming or recording. If you do not wish for your image to be used by us, you can let us know by using the contact details at the top of this Privacy Notice;
- Technical data. We will also collect certain information about how you use our website and the device that you use to access our website, even where you have not created an account or logged in. This might include your geographical location, device information (such as your hardware model, mobile network information, unique device identifiers), the data transmitted by your browser (such as your IP address, date and type of the request, content of the request regarding the specific site, time zone settings, access status/HTTP status code, volume of data transmitted, browser type and version, language settings, time zone settings referral source, length of visit to the website, date and time of the request, operating system and interface), number of page views, the search queries you make on the website, publication metrics, and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies or similar technologies. For more information on cookies please read the section headed Cookies below.
-
In certain circumstances, we will receive information about you from third parties. For example,
- Fraud detection agencies. Where permitted or required by law, we may receive information about you, including demographic data or fraud detection information from third party service providers and/or partners;
- Social media plugins. We currently use social media plugins from the following service providers who are based both inside and outside the EU: Facebook, Google+, X (formerly Twitter), LinkedIn. By providing your social media account details you are authorising that third-party provider to share with us certain information about you;
- Confirmation of publication history. We may use third party providers to verify information provided by you in connection with any manuscript you submit to us for publication. For example, we will use third-party databases or websites to confirm your publication history;
- Service providers. We may collect personal information from our Sites developer, IT support provider, payment services providers, manuscript submission system, email marketing systems, survey providers and sales agents;
- Referrals. We will receive information about you from third parties if they are referring you to us for publication. For example, if you are the co-author of a manuscript, your co-author will be required to provide us with information about you;
- Employers and referees. If you are a job applicant we may contact your recruiters, current and former employers and/or referees to provide information about you and your application;
- Referring organisations. We receive information about you from third parties that are referring you to us. For example, if you are the co-author or institutional contact of an author submitting a manuscript, the submitting author will be required to provide us with information about you. If you are the referring party, you warrant that you have obtained the necessary consent to share this information with us;
- Publicly available sources. We currently use publicly available sources such as Companies House, for instance to carry out identity and compliance checks;
- Association agreements. We receive information (name, email, postal address) about you if you are a member of an orthopaedic association that provides our subscription journals as a membership benefit, or in some cases, if one of our journals is an official journal of your orthopaedic association;
- ORCID ID. If you are an author, you may be required to provide your ORCID ID. By providing your ORCID ID you are authorising that third-party provider to share with us certain information about you.
- We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Information we receive from third parties
-
Information that you provide to us.
-
We will use your information for the purposes listed below either on the basis of:
-
- performance of your contract with us and the provision of our services to you;
- your consent (where we request it);
- where we need to comply with a legal or regulatory obligation; or
- our legitimate interests (see Paragraph 5.2 below).
-
-
We may use your information for the following purposes:
-
- To provide access to our Sites: to provide you with access to our Sites in a manner convenient and optimal and with personalised content relevant to you including sharing your information with our Sites’ hosts and developers (on the basis of our legitimate interest to ensure our Sites are presented in an effective and optimal manner);
- To register your account/ create a profile: if you create an account or profile on our Sites, we will process the details provided in your registration to facilitate your account set up (on the basis of performing our contract with you);
- To enable you to use the manuscript submission service: to enable (as applicable) the receipt, review, editing, production and publication of articles in our journals, via the manuscript submission service (on the basis of performing our contract with you);
- To provide editorial and production services: to enable (as applicable) the receipt, review, editing, production and publication of your manuscript (or other contribution) including sharing your information with our editorial and production service providers, third-party manuscript readers (on the basis of performing our contract with you);
- To administer your publishing contract: to enable (as applicable) us to administer your publishing contract, including payment of royalties and sharing your information with our royalty system software provider and payment service provider (on the basis of performing our contract with you);
- Recruitment: to process any job applications you submit to us, whether directly or via an agent or recruiter including sharing this with our third-party recruitment agency (on the basis of our legitimate interest to recruit new employees or contractors);
- Relationship management: to manage our relationship with you, which will include notifying you about changes to our terms of use or privacy policy, changes or new information about a service we provide to your such as journal subscription(s) asking you to leave a review or take a survey (on the basis of performing our contract with you, to comply with our legal obligations and on the basis of our legitimate interests to keep our records updated and study how our Sites and services are used);
- Marketing: to keep in contact with you about our news, events, new Sites features or services or new products that we believe may interest you, provided that we have the requisite permission to do so, and sharing your information with our marketing services providers (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so);
- Advertising: to deliver relevant Sites content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (on the basis of our legitimate interests in studying how our Sites/services are used, to develop them, to grow our business and to inform our marketing strategy);
- Analytics: To use data analytics to improve our Sites, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our Sites and services, to keep our Sites updated and relevant, to develop our business and to inform our marketing strategy);
- User and customer support: to provide customer service and support (on the basis of our contract with you or on the basis of our legitimate interests to provide you with customer service), deal with enquiries or complaints about the Sites and share your information with our Sites developer, IT support provider, payment services provider and subscriptions system provider as necessary to provide customer support (on the basis of our legitimate interest in providing the correct products and services to our Sites users and to comply with our legal obligations);
- Research: to carry out aggregated and anonymised research about general engagement with our Sites (on the basis of our legitimate interest in providing the right kinds of products and services to our Sites users);
- Fraud and unlawful activity detection: to protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including without limitation plagiarism and identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
- Compliance with policies, procedures and laws: to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).
- Where we refer to using your information on the basis of our legitimate interests, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you.
- Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details in the Your Rights section below.
-
-
Who we might share your information with
- We may share your personal information within our group of companies (i.e. our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006).
- We may share your personal information with our suppliers, business partners, collaborators and service providers, where they are helping us to market and advertise our services as well as providing our services to you.
-
In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties that we work with such as:
- Users of the Sites: Other users who you transact and communicate with via the Sites;
- Partners and collaborators: such as the Australian Orthopaedic Association, The British Orthopaedic Association (UK), the Canadian Orthopaedic Association (Canada), the New Zealand Orthopaedic Association (New Zealand), the European Orthopaedic Research Society (Germany), the European Federation of National Associations of Orthopaedics and Traumatology, EFORT (Switzerland), the American Association of Orthopaedic Surgeons (USA);
- Our service providers: service providers we work with to deliver our business and services;
- Regulators and governmental bodies: HM Revenue & Customs, regulators, governmental bodies and other authorities in the United Kingdom, who require reporting of processing activities in certain circumstances;
- Marketing parties: any selected third party that you consent to our sharing your information with for marketing purposes;
- Prospective sellers and buyers of our business: any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets; and
- Other third parties (including professional advisers): any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) based in the United Kingdom and the rest of the world where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
- We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.
-
Cookies
- We use cookies to ensure that you get the most out of our Sites. Cookies are small amounts of information in the form of text files which we store on the device you use to access our Sites. Cookies allow us to monitor your use of the software and simplify your use of the Sites. For example, a temporary cookie is also used to keep track of your session. Without that temporary cookie you would not be able to purchase articles via our Sites.
- If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the Help section of your internet browser (or alternatively visit http://www.aboutcookies.org.uk). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the Sites.
-
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.
-
The names of the cookies used on our Sites and the purposes for which these cookies are used are set out in the table below:
Cookie Name; Classification Purpose Duration BJP.Portal.ManualRequired; Functionality Remembers that we are unable to recognise you from your IP address / referrer 1 Hour BJP.Portal; Necessary Keeps you logged in 2 Years BJP.Portal.RefreshToken; Necessary Keeps you logged in 2 Years BJP.Currency; Functionality Currency preference when viewing purchase options 1 Year BJP.Portal.SuppressImplicitAuth; Functionality Remembers that the user does not want to be recognised from the IP address / referrer 30 Days .AspNetCore.Antiforgery User security feature, prevents “cross-site request forgery” attacks Session Stripe_mid Fraud prevention - See Stripe’s cookie settings under Fraud prevention: https://stripe.com/gb/cookie-settings See Stripe policy _stripe_sid Fraud prevention - See Stripe’s cookie settings under Fraud prevention: https://stripe.com/gb/cookie-settings See Stripe policy fcsid ID for FoxyCart basket - For information about fcsid see: https://nutmegandbinky.com/privacy-policy or look at the cookies section of Foxy’s priovacy policy at: https://www.foxy.io/privacy-policy See Foxy policy IDE Google ads – to provide ad delivery or retracking see: https://business.safety.google/adscookies/ See Google policy To be confirmed Seamless Access – remembers a user’s institution for logging in purposes: https://seamlessaccess.org/about/trust/ See Seamless Access policy JSESSIONID; Functionality Supports functionality related to the current user's session (such as authentication status, access to licenses and access to profile). Session MAID; Targeting Used to target more relevant content and services to the user. 1 Year PLUID; Targeting Used to target more relevant content and services to the user. 1 Year MobileUI; Functionality This cookie is set upon arrival to the Sites using a mobile device. It is used to record the visitor's preference for using the mobile-optimized version of the Sites. Session I2KBRCK; Functionality Indicates whether the browser supports cookies. 1 Year AUTO_SIGNIN; Strictly Necessary Keep the current user logged on between sessions. 30 Days SERVER; Analytical Performance optimisation & currently also used to collect information on how site is used by user. Session __utma; Analytical Google Analytics: Used to distinguish users and sessions. 2 Years __utmb; Analytical Google Analytics: Used to determine new sessions/visits. 30 Minutes __utmz; Analytical Google Analytics: Stores the traffic source or campaign that explains how the user reached the site. 6 Months ARRAffinity; Necessary
ARRAffinitySameSite; NecessaryUsed by a website load balancer to ensure that a user continues to communicate with the same server in the server farm. They do not track personal information. Session ASP.NET_SessionId; Necessary Tracks a user’s session ensuring state deliverable information. This cookie is used to track anonymous site analytics such as page hits, watch times, and more. This cookie is anonymous. Session _cadmoreMediaLibrary; Necessary Identifies the logged in user to maintain login state while navigating the site. For example, this is used to provide authorization, access to user created play lists, favourites, and others. This cookie contains a randomized key element and no PII and is not used for analytics. Session _ga (and variants); Analytical Google Analytics: used for statistics to store and count page views. 2 Years - Our Sites may contain content and links to other sites that are operated by third parties that may also operate cookies. We don’t control these third-party sites or cookies and this Privacy Notice does not apply to them. The third-party service providers that generate these cookies, such as Google and Facebook, may use their own cookies to target advertising to you on other websites, based on your visit to our Sites.
- The British Editorial Society of Bone & Joint Surgery may utilize the advertising program, Google Ads, as well as re-marketing and re-targeting tracking cookies, provided by Google Inc. (Google), to help us deliver advertisements and special promotions. When you click on one of our ads, Google a remarketing cookie is installed. This cookie helps us to show our ads on Google advertisement networks. Remarketing cookies expire after 30 days and are not used to obtain personal information.
- Our Sites uses Google Analytics, a service provided by Google, Inc. (Google) to help us understand how visitors use the site. The information generated by the cookie will be stored by Google and will be used for the purpose of evaluating your use of our Sites and compiling reports on Sites activity. The information is anonymous and only used for statistical purposes, and it helps us to develop a better user experience.
- You can see how these platforms are using cookies and how to disable them here: https://policies.google.com/privacy
-
How we look after your information and how long we keep it for
-
We operate a policy of privacy by design by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
- ensuring the physical security of our offices, warehouses or other sites;
- ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption;
- maintaining a data protection policy for, and delivering data protection training to, our employees;
- limiting access to your personal information to those in our company who need to use it in the course of their work.
-
We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do so for purposes of academic, literary expression and research purposes. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,
- we archive our email and paper correspondence regularly and destroy information older than 6 years. If in any circumstance correspondence needs to be kept after 6 years, it will be stored securely at The British Editorial Society of Bone & Joint Surgery;
- we retain information relating to orders, refunds and customer queries for the current and previous year securely at The British Editorial Society of Bone & Joint Surgery. They are then permanently destroyed 2 years after. Payment information is destroyed immediately;
- we destroy unpublished manuscripts and related correspondence after 10 years however we may permanently keep a log recording brief details of these in the event of a legal claim or for Copyright purposes;
- we maintain a suppression list of email addresses of individuals who no longer wish to be contacted by us. So that we can comply with their wishes we must store this information permanently.
-
We operate a policy of privacy by design by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
-
International transfers of your information
- Our company is located in the UK.
- Many of our external third-party service providers are based outside the UK and/or European Economic Area (EEA) so their processing of your personal information will involve a transfer of information outside the UK and/or EEA to countries which may have less strict data protection laws.
-
Whenever we transfer your personal information to countries that are outside of the UK/EEA, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely and in accordance with this Privacy Notice by using at least one of the following transfer solutions:
- we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal data by the Information Commissioner’s office or the European Commission;
- we rely on approved contractual data transfer mechanisms (such as the EU “Standard Contractual Clauses”) to ensure your information is subject to adequate safeguards in the recipient country.
- If you are located in the UK/EEA, you may contact us for further details of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances. Please contact us using the contact details at the top of this Privacy Notice if you would like further information.
-
Your rights
-
You have certain rights in respect of the information that we hold about you, including:
- the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Notice;
- the right to ask us not to process your personal data for marketing purposes;
- the right to request access to the information that we hold about you;
- the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
- the right to withdraw your consent for our use of your information in reliance of your consent (refer to Paragraph 4 to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Notice;
- the right to object to our using your information on the basis of our legitimate interests (refer to Paragraph 4 above to see when we are relying on our legitimate interests) (or those of a third party) and there is something about your particular situation which makes you want to object to our processing on this ground;
- the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances;
- in certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you;
- the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/) as well as a right to lodge a complaint with the relevant authority in your country of work or residence; and
- Please note that we may need to retain certain information for our own record-keeping and research purposes even if you have asked us to stop processing it. We may also need to send you service-related communications relating to your user account even when you have requested not to receive marketing communications.
- You may exercise your rights above by contacting us using the contact details set out at the top of this Privacy Notice, or in the case of preventing processing for marketing activities also by checking certain boxes on forms that we use to collect your data to tell us that you don’t want to be involved in marketing or by updating your marketing preferences via your account with us. We will handle any request to exercise your rights in accordance with applicable law and any relevant legal exemptions.
How to exercise your rights:
-
You have certain rights in respect of the information that we hold about you, including:
-
Sharing data directly with Third Parties
- You might end up providing personal information directly to third parties as a consequence of your interactions with our Sites and other services offered by us. For example, your name and other personal information will be shared with other users when you correspond with them via the Sites, or you may attend an event hosted by us where you communicate personal information directly with other attendees. We are not responsible for how such third parties use personal data provided by you.
- Please be responsible with personal information of others when using our Sites and the services available on it. We are not responsible for your misuse of personal information, or for the direct relationship between you and others when takes place outside of the Sites or our services.
-
Third-party links
- The Sites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. When you leave our Sites, we encourage you to read the privacy notice of every one of the Sites you visit.
-
Changes to this Privacy Notice
- We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.
This Privacy Notice was updated on 29 July 2024.