ISHA - The Hip Preservation Society Privacy Policy

Who we are

ISHA – The Hip Preservation Society (ISHA) is registered as a company (13793663) and charity (1199165) in England and Wales whose registered office is at c/o Lee Bolton Monier Williams, 1 The Sanctuary, London, SW1P 3JT, United Kingdom. Administrative office address is Warrender House Haywood Road, Moffat, DG10 9BU, United Kingdom.

Our website address is:

How we collect information about you

We collect information in the following ways:

Information you provide to us directly

You may give us your information in order to sign up for membership, receive our newsletter, make a donation, purchase our products, attend one of our events, attend a course approved by ISHA or if you register as a volunteer, media volunteer or ambassador for us. Personal data may include but is not limited to your first name, last name, mailing address, email address, mobile phone number.

In addition, in accordance with common website practice, we will receive information about the type of device you are using to access our website or apps. For more information, please refer to our ‘Use of Cookies’ section below.

Information you provide to us indirectly

Your information may be sent to us by third parties, for example:

  • approved course organisers
  • free trainee programme partners
  • society partners
  • specific educational Project Leads or Local Liaison Organisers

ISHA assumes that any third party providers have made their privacy policy known and are complying with data protection rules that allow them to send us your personal information. You should check any privacy policy provided to you where you give your data to a third party.

  • Records of your visits to the site, through cookies and otherwise (which records may include: traffic data; location information; logs; information about your computer or mobile device such as, if applicable, your IP address, operating system, mobile carrier, or device identifying information)
  • Records of correspondence between us and you (for example, records of your and our communication for purposes of support services)
  • Comments, posts, or other data you upload to our site (for example, in the comments section of our blog posts)
  • Information you provide by completing forms on our website or in our products and services (for example, purchase information and information you provide when subscribing to newsletters or contacting us)

Use of cookies

Please also refer to our Cookie Policy.

In addition to the information you submit to us via the ISHA website(s), ISHA may collect information about visits to the site. ISHA collects information on page browser access. This is used within ISHA to improve the design, layout and content of its site and to support the development of new products and services. ISHA gathers information on the relative popularity of each page, the average number of pages accessed by visitors, the number of emails sent or files downloaded, and the average time spent on the site. None of this information is linked back to you as individual.

Cookies enable users to navigate the pages and if required customise the content to the needs of the user. Without cookies activated, we cannot guarantee your experience will be as we intended. Please note, if you delete or decline cookies, you may not be able to use all the functions we offer, that you cannot save your preferences and that our pages may not display properly.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you leave a comment on our website, you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

ISHA website(s) and other online third party software used by ISHA to provide educational and clinical resources may use the following cookies:

  • Temporary cookies – to enhance your browsing quality by allowing ISHA to know what pages you visit on this website, the ISHA Academy, member areas, and others, so that you do not have to enter the data again.
  • Permanent cookies – these will stay saved if you have given your permission for this, e.g. if you checked “Remember Me”. A permanent cookie will remember your choices when you next log in. This helps identify you as an individual visitor, but does not contain any information that may help others to identify you.
  • Google Analytics – we use this information to compile reports on website usage, visitor sources and analyse browser versions.
  • Vimeo/YouTube cookies – may be set on your computer once you click on the video player. The video player will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.
  • Twitter/Facebook/Instagram/LinkedIn cookies – may be set on your computer when you click through to ISHA’s social media pages. The data collected will depend on whether you are logged into an account on the relevant social media service.

Embedded content from other websites

Pages on the ISHA website(s) may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

In addition to the websites of other societies/associations, hospitals/clinics and organisations providing or facilitating virtual or in-person educational services or events, the ISHA website may contain embedded content from the following (non-exhaustive list):

General users – visitors to the ISHA Website

ISHA only collects aggregate data from users visiting and browsing its website, such as the number of visits per page are collected. Aggregate data are only used for internal and marketing purposes and do not provide any personally identifying information. We collect IP addresses to track visits by the use of cookies.

As an ISHA Member

When you apply to join ISHA as a “member” you are registering to have your application considered for membership. As such, you are signing up to receive information relating to your membership application, agreeing that your personal data can be shared with the ISHA Membership Review Committee, and that you will receive updates on membership activities, newsletters, education and research information relative to hip preservation, and to have access to the restricted personal member areas of the website(s). The word “member” refers to your membership application or your status as a member to the service.

These terms and conditions form the basis of the contract through which ISHA will deliver its service. On subscribing you agree to these terms and conditions and you are providing us with the appropriate consent to handle your personal information for these purposes in accordance with the General Data Protection Regulation (GDPR).

As an Annual Meeting/Virtual Meeting/Symposium/ Education Course registered delegate/user

Data transferred when signing up for a virtual event

We transmit personally identifiable data to third parties (data processors) only to the extent required to fulfil the terms of your contract with us, for example, to a virtual service provider to allow you to register and attend the virtual event.

Sharing your personal data with exhibitors and sponsors

1. By attending an in-person or virtual event and logging into ISHA’s selected registration, app or virtual platform, your name, country, job title, organisation, area of interest and other details you choose to populate your event profile with, e.g. profile picture, will be visible to all attendees, including sponsors and exhibitors. Your contact details (email address, telephone number and postal address) remain hidden.

2. During a virtual event whilst using the virtual platform, or within a mobile app, if you

  • Contact or engage with a sponsor or exhibitor
  • Click on any part of or visit an exhibition booth, including its content
  • Attend a sponsored session

your click action automatically gives your consent and the personal data you provided to us (full name, country of residence and email address) will be shared with the sponsor or exhibitor, and sponsors or exhibitors may be in contact with you about their products and services outside of the virtual platform. You also agree that, where relevant, these parties may transfer your data outside of the EEA for these purposes and you consent to such a transfer.

3. You can revoke any consent you have given under this policy at any time by informing the exhibitor or sponsor when connecting with them.

4. During the event, screenshots of the event may be taken to be used for communication and promotional purposes on the website, social media and other marketing and communications channels.

Exhibitors are expected to respect data protection regulations in relation to the symposium and any information that is presented in the context of the symposium. Delegate information may not be used for any purpose other than that agreed in advance in writing with the organisers.


If you leave comments on the website(s), we collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.

Visitor comments may be checked through an automated spam detection service.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Data protection and use of personal data

For the purposes of the GDPR and the Data Protection Act 2018, ISHA is the Data Controller of any personal data you supply. However, if you use Stripe to pay for your membership or for registering for a meeting or course, Stripe will also be a data controller of the personal data you share with us. Please refer to Stripe’s Privacy Statement for more:

If you apply for membership, services and newsletters, the personal data you supply will be used to process your application, to provide our services to you and to administer your membership. This may include troubleshooting aimed at preventing, detecting and repairing problems affecting the operation of the services and the improvement of features with joint data processors (Aubergine262, Microsoft Dynamics, EventsAir).

If you request a password reset, your IP address will be included in the reset email.

How we use your information

We will use your personal information where relevant to:

  • provide you with the services, products or information you asked for;
  • keep a record of your relationship with us;
  • respond to or fulfil any requests, complaints or queries you make to us;
  • understand how we can improve our services, products or information by conducting analysis and market research;
  • manage our events;
  • further our charitable objectives;
  • for Outreach Volunteers, to inform you of upcoming Outreach programs to potentially apply for;
  • register, administer and personalise online accounts when you sign up to products we have developed;
  • send you correspondence and communicate with you;
  • administer our websites and troubleshoot, perform data analysis, research, generate statistics and surveys related to our technical systems;
  • test our technical systems to make sure they are working as expected;
  • display content to you in a way appropriate to the device you are using (for example if you are viewing content on a mobile device or a computer);
  • generate reports on our work, services and events;
  • safeguard our staff and volunteers;
  • monitor website use to identify visitor location, guard against disruptive use, monitor website traffic and/or personalise information which is presented to you;
  • process your application for a job or volunteering position;
  • conduct training and quality control;
  • audit and administer our accounts;
  • meet our legal obligations, for instance to perform contracts between you and us, or our obligations to regulators, government and/or law enforcement bodies;
  • carry out fraud prevention and money laundering checks;
  • undertake credit risk reduction activities;
  • as part of a sale of some or all of our undertakings and assets to any third party, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, sale, merger, reorganisation, change of legal form, dissolution or similar event (we will always notify you in advance and we will aim to ensure that your privacy rights will continue to be protected); and/or
  • establish, defend or enforce legal claims.

Sending marketing communications

Our marketing communications include information about education and research on hip preservation, including our events and updates about what ISHA is doing. Occasionally, we may include information from partner organisations or organisations who support us in these communications. We operate an ‘opt-in only’ communication policy with the exception of standard administrative communications, e.g. application for payment, invoices, receipts, membership certificates. We will only send marketing communications to you if you have explicitly stated that you are happy for us to do so through direct communication or social media and other platforms as appropriate.

We may use information you have given us directly, for example the record of your previous membership purchases, your location and demographics, as well as the type of activity you have been involved with, for marketing purposes, to tailor our communications with you about future activities.

Committee / Task Force and Award / Grant applicants

After applying for a role with an ISHA Committee, Board or Task Force, or applying for an ISHA Grant or Award we will use the information provided on your application form to process your application and monitor recruitment statistics.

Details of unsuccessful candidates are kept for 24 months, after which the data is deleted from our records.

If you would like ISHA to delete your details from our records, please write to

We keep and use anonymous statistical information from applicants to enhance our recruitment processes and to monitor equality and diversity. This will not contain any information that could identify individual job applicants.

If an applicant has been successful and begins volunteering with ISHA, we will create a personal file, which will contain information you have provided. Contact information will be shared with ISHA staff and other ISHA volunteers and committee or task force members, and your name and picture will be displayed on our website. After your term’s end, your name will be part of our historic archive of volunteers for governance and statistical purposes.

Managing your contact preferences

We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms have clear marketing preference questions and we include information on how to opt out when we send you marketing. If you don’t want to hear from us, that’s fine, and you can change your preferences at any time. Just let us know when you provide your data or contact us by telephoning +44 (0) 20 3519 9147, emailing us at, or visiting MyISHA via the ISHA website.

Legal basis for processing

Data protection laws mean that each use we make of personal information must have a “legal basis”. The relevant legal bases are set out in the GDPR and in current UK data protection legislation, including the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.

Specific consent

Consent is where we ask you if we can use your information in a certain way, and you agree to this (for example when we send you marketing material via post, phone, text or email). Where we use your information for a purpose based on consent, you have the right to withdraw consent for any future use of your information for this purpose at any time by telephoning +44 (0) 20 3519 9427 or emailing us at

Legal obligation

We have a basis to use your personal information where we need to do so to comply with one of our legal or regulatory obligations. For example, in some cases we may need to share your information with our various regulators such as the Charity Commission, Fundraising Regulator, Information Commissioner, or to use information we collect about you for due diligence or ethical screening purposes.

Performance of a contract / take steps at your request to prepare for entry into a contract

We have a basis to use your personal information where we are entering into a contract with you or performing our obligations under that contract. Examples of this would be if you are buying something from us (for instance membership or registration for one of our events), applying to work with us, or being funded to undertake research.

Vital interests

We have a basis to use your personal information where it is necessary for us to protect life or health. For instance, if there is an emergency impacting individuals at one of our events or Outreach trips, or a safeguarding issue which requires us to contact people unexpectedly or share their information with emergency services.

Legitimate interests

We have a basis to use your personal information if it is reasonably necessary for us (or others) to do so and in our/their “legitimate interests” (provided that what the information is used for is fair and does not unduly impact your rights).

We consider our legitimate interests to include all of the day-to-day activities ISHA carries out with personal information including:

  • providing membership services
  • use of personal information when we are monitoring use of our website or apps for technical purposes
  • use of personal information to administer, review and keep an internal record of the people we work with, including our volunteers and contributors
  • sharing of personal information between relevant teams and committees within ISHA
  • for Committee Volunteers: creating a Committee profile within the Committee Volunteer database. Information kept includes blood type, personal health details and passport information.

We only rely on legitimate interests where we consider that any potential impact on you (positive and negative), how intrusive it is from a privacy perspective and your rights under data protection laws do not override our (or others’) interests in us using your information in this way.

When we use sensitive personal information (for example, information about your race or ethnic origin, your religious or political beliefs, or your health), we require an additional legal basis to do so under data protection laws, so will either do so on the basis of your explicit consent or another route available to us at law for using this type of information (for example if you have made the information manifestly public, we need to process it for employment, social security or social protection law purposes, your vital interests, or, in some cases, if it is in the public interest for us to do so).

How we keep your information safe

We ensure that there are appropriate technical and organisational controls (including physical, electronic and managerial measures) in place to protect your personal details. For example, our network is protected and routinely monitored.

We do not store credit card details, nor do we share financial details with any third parties.

ISHA uses EventsAir software to process and manage membership, marketing and event attendee personal data. Details of EventsAir’s data protection policy can be found at

How long we keep your information for

Please also refer to our Data Retention Policy.

ISHA has specific criteria to determine how long we will retain your information for, which are determined by legal and operational considerations. For instance, we are required to keep some personal information for tax or health and safety purposes, as well as keep a record of your interactions with us.

For ISHA Committee and Board Volunteers, we retain the information in your profile unless you explicitly write to the ISHA Secretariat asking for it to be deleted. In such occasions, ISHA would permanently delete all files containing your information used for legitimate interest.

Sharing your information with other organisations

We will never sell or rent your information to third parties for marketing purposes. However, we may disclose your information to third parties in connection with the other purposes set out in this policy. These third parties may include:

  • business partners, suppliers and sub-contractors who may process information on our behalf;
  • IT service providers;
  • Outreach Partners (e.g.: NGOs, Medical Societies, Governments, etc.) where information would be needed for project preparation, such as issuing visa letters, flight tickets, security checks, etc.

Some of our suppliers run their operations outside the European Economic Area (EEA) – this may include a country which may not be subject to the same data protection laws as companies based in the UK. In these circumstances, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law, and appropriate safeguards are in place.

Where we are under a legal or regulatory duty to do so, we may disclose your details to the police, regulatory bodies, or legal advisors, and/or where we consider this necessary, to protect the rights, property or safety of ISHA, its personnel, visitors, users or others.

Information collected from Board, Committee and Task Force applicants

After applying for a role with the ISHA Board, a Committee or a Task Force, we will use the information provided on your application form to process your application and monitor recruitment statistics.

Details of unsuccessful candidates are kept for 24 months, after which the data is deleted from our records. Personal details will still be retained within your membership record, whilst you retain membership of ISHA.

If you would like ISHA to delete your details from our records, please write to

We keep and use anonymous statistical information from applicants to enhance our recruitment processes and to monitor equality and diversity. This will not contain any information that could identify individual job applicants.

If an applicant has been successful and begins a volunteer leadership role with ISHA, we will create a personal file, which will contain information you have provided. Contact information will be shared with ISHA staff and other ISHA Board Volunteers, Committee or Task Force members, and your name and picture will be displayed on our website. After your term’s end, your name will be part of our historic archive of volunteers for governance and statistical purposes.

Keeping your information up to date

We really appreciate it if you let us know if your contact details change. If we are informed by reliable sources (such as partnership organisations or official institutions) that your details have changed, we will update your details so we can stay in touch, provided that you have opted in to hearing from ISHA or if it enables us to meet our contractual obligations to provide you with membership services. We only use sources where we have documented consent from partners who have confirmed that you have been informed of how your information may be shared and used, i.e. society partnership organisations where membership is provided, Approved Course organisers via their ISHA approved course programme. This activity also prevents us from having duplicate records and out of date preferences, so that we don’t contact you when you have asked us not to.

We are committed to putting you in control of your data and you are free at any time to let us know if you do not want us to check your personal details against other publicly available sources. You can do that when logged into your account. Please access MyISHA to update this, or telephone us at +44 (0) 20 3529 9427 or email us at

Your rights

Under UK data protection law, you have rights over personal information that we hold about you. We have summarised these below:

Right to access your personal information

You have a right to request access to the personal data that we hold about you and to other supplementary information, including the reason why we use your personal data and how long we will keep it for. You also have the right to request a copy of the information we hold about you, and we will provide you with this unless legal exceptions apply.

If you want to access your information, send a description of the information you want to see by post to ISHA – The Hip Preservation Society (ISHA), Warrender House, Haywood Road, Moffat, DG10 9BU, United Kingdom or email to

Right to have your inaccurate personal information corrected

You have the right to have inaccurate or incomplete information we hold about you corrected. If you believe the information we hold about you is inaccurate or incomplete, please provide us with details and we will investigate and, where applicable, correct any inaccuracies.

Right to restrict use of your personal information

You have a right to ask us to restrict the processing of some or all of your personal information in the following situations: if you have told us that some information we hold on you isn’t right and we are in the process of verifying the accuracy of the information; we are not lawfully allowed to use it; you need us to retain your information in order for you to establish, exercise or defend a legal claim; or you believe your privacy rights outweigh our legitimate interests to use your information for a particular purpose and you have objected to us doing so.

Right to erasure of your personal information

You may ask us to delete some or all of your personal information and in certain cases, and subject to certain exceptions, you have the right for this to be done.

Right for your personal information to be portable

If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you or another service provider in a machine-readable format.

Right to object to the use of your personal information

If we are processing your personal information based on our legitimate interests or for scientific/historical research or statistics, you have a right to object to our use of your information.

If we are processing your personal information for direct marketing purposes, and you wish to object, we will stop processing your information for these purposes as soon as reasonably possible.

If you want to exercise any of the above rights, please write to us at ISHA – The Hip Preservation Society (ISHA), Warrender House, Haywood Road, Moffat, DG10 9BU, United Kingdom or email to We may be required to ask for further information and/or evidence of identity. We will endeavour to respond to your request within one month of receipt of your request, however if we are unable to do so we will contact you with reasons for the delay.

Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances. For more details we recommend you consult the guidance published by the UK’s Information Commissioner’s Office (link is external).


If you are unhappy with any aspect of how we are using your personal information, we’d like to hear about it, so please email We appreciate the opportunity this feedback gives us to learn and improve.

You also have the right to lodge a complaint about any use of your information with the Information Commissioner’s Office (link is external), the UK data protection regulator.

Changes to this Policy

We may change this Privacy Policy from time to time. If we make any significant changes in the way we treat your personal information, we will make this clear on the ISHA website or by contacting you directly. This policy was last updated January 30th, 2023.

Contact us

Name: Caroline Mackenzie

Address: Warrender House, Haywood Road, Moffat, DG10 9BU, UK

Phone Number: +44 (0)203 519 9427