logo
Open menu
Login Register

GDPR Consent

GDPR CONSENT NOTICE – TIF Education

Comprehensive Legal Notice for Processing of Personal Data (Global)

1. Identity and Contact Details of the Data Controller

Thalassaemia International Federation (TIF), operating the TIF Education platform (https://tifeducation.org), is the data controller responsible for the processing of your personal data in connection with your use of this platform and participation in TIF Education events.

Registered Address:
Ifigenias 31, Strovolos 2083, Cyprus

Contact for Privacy and Data Protection Matters:
Email: admin@tifeducation.org

TIF is a non-profit international federation based in Cyprus (European Union) and is subject to multiple data protection laws depending on your location:

  • EU users (including Cyprus, Greece, Italy, Sweden, Switzerland): GDPR (EU Regulation 2016/679) applies. Your national Data Protection Authority is your regulator.
  • UK users (United Kingdom): UK GDPR and Data Protection Act 2018 apply. The UK Information Commissioner's Office (ICO) is your regulator.
  • USA users (including California): CCPA/CPRA (California) and applicable state privacy laws apply. The Federal Trade Commission (FTC) and State Attorneys General enforce federal and state laws.
  • Canadian users: PIPEDA (federal) and applicable provincial laws apply. The Office of the Privacy Commissioner of Canada (OPC) is your regulator.
  • Brazilian users: LGPD (Lei Geral de Proteção de Dados) applies. The National Data Protection Authority (ANPD) is your regulator.
  • Australian users: Privacy Act 1988 (including Australian Privacy Principles) applies. The Office of the Australian Information Commissioner (OAIC) is your regulator.
  • Middle East users (UAE, Saudi Arabia, and others): UAE Data Protection Law, Saudi FDA, and local data protection laws apply. The TDRA (UAE) and CDA (Saudi Arabia) are regulators.
  • Indian users: DPDP Act 2023 applies. The Data Protection Board of India is your regulator.

For all privacy-related requests, data subject rights, or questions, contact: admin@tifeducation.org

TIF has not appointed a Data Protection Officer (DPO). For privacy matters, use the contact email above.

2. Scope of This Notice

This GDPR Consent Notice applies to all personal data processed by TIF Education when you:

  • Create a user account on TIF Education
  • Log in to your TIF Education account
  • Register for events (conferences, webinars, workshops, virtual events, hybrid events, physical/in-person events)
  • Participate in educational activities, scientific meetings, or training programs
  • Submit abstracts, research papers, or speaker applications
  • Book accommodation through TIF Education
  • Use virtual event infrastructure (Zoom)
  • Access recorded content, certificates, or educational materials

This notice is designed to comply with GDPR (EU), UK GDPR, CCPA/CPRA, PIPEDA, LGPD, Privacy Act 1988 (Australia), UAE Data Protection Law, and DPDP Act 2023 (India).

By using TIF Education and registering for events, you acknowledge that you have read, understood, and accepted the practices described in this notice.

3. Definitions

Personal Data: Any information relating to an identified or identifiable natural person (EU/UK GDPR); Personal Information (CCPA/PIPEDA/LGPD); Personal Data (Australia Privacy Act).

Sensitive Data: Special categories of data such as health, genetic, or biometric data under GDPR Article 9; Sensitive Personal Information under CCPA/LGPD; Sensitive Information under PIPEDA/Australia.

Processing: Any operation performed on personal data, whether or not by automated means, including collection, recording, storage, use, disclosure, or erasure.

Consent: Freely given, specific, informed, and unambiguous indication of your wishes by which you, by a clear affirmative action, signify agreement to the processing of your personal data (GDPR/UK GDPR); Authorized Consent (CCPA); Express Consent (PIPEDA/LGPD).

Event: Any conference, webinar, workshop, virtual event, hybrid event, or physical/in-person event organized or managed by TIF Education.

Third Party: Any natural or legal person, public authority, agency, or body other than you, TIF, the processor, or persons authorized to process data under direct authority of TIF.

Data Subject: The natural person whose personal data is being processed (GDPR); Consumer (CCPA); Individual (PIPEDA/LGPD).

Legal Basis: The lawful ground under data protection law that permits TIF to process your personal data (e.g., contractual necessity, consent, legitimate interests, legal obligation).

Data Controller: The entity that determines the purposes and means of processing personal data (TIF Education).

Data Processor: The entity that processes personal data on behalf of the controller (e.g., Stripe, Zoom).

4. Categories of Personal Data Processed

TIF Education may collect and process the following categories of personal data:

4.1. Identity and Contact Data

  • Full name
  • Email address
  • Telephone number
  • Postal address (if provided)
  • Country of residence

4.2. Professional and Academic Data

  • Professional title (e.g., Doctor, Researcher, Professor, Medical Student)
  • Organization, institution, or university
  • Department or division
  • Academic qualifications
  • Curriculum Vitae (CV) and biography (when submitted as speaker or faculty)
  • Professional interests and specialization areas

4.3. Event Registration Data

  • Event(s) registered for
  • Registration type (free or paid)
  • Registration date and time
  • Payment status
  • Dietary requirements (if provided)
  • Accessibility or special assistance requests

4.4. Payment Data

  • Payment method type (e.g., credit/debit card)
  • Transaction amount and currency
  • Transaction date and time
  • Payment gateway reference (Stripe)

Important: TIF Education does not directly store complete card details. Payment processing is handled securely through Stripe, a third-party payment processor. Stripe's own privacy policy and terms govern the processing of payment card data.

4.5. Accommodation Data

  • Check-in date
  • Check-out date
  • Room type preferences
  • Special accommodation requests
  • Hotel name and location (when booking is facilitated)

4.6. Virtual Event Data (Zoom)

TIF Education uses Zoom Video Communications exclusively for virtual events (webinars, virtual conferences, hybrid conference sessions, educational meetings). When you participate in Zoom-based events, the following data may be collected:

  • Attendance logs (join/leave times)
  • Session participation data
  • Chat messages (public and private, if enabled)
  • Poll responses
  • Questions submitted via Q&A feature
  • Webinar engagement statistics
  • IP address and device information (as collected by Zoom)
  • Video and audio data (if camera/microphone is enabled)

Zoom acts as a data processor on behalf of TIF Education. Zoom's privacy policy is available at: https://zoom.us/privacy

4.7. Recording Data

TIF Education records events, including conferences, webinars, workshops, and hybrid sessions. Content that may be recorded includes:

  • Video of participants and speakers
  • Audio of discussions and presentations
  • Screen shares
  • Presentations (slides, documents)
  • Questions and answers
  • Discussions and panel interactions

Recorded content may later be published on TIF Education platforms or third-party platforms, archived for long-term educational use, shared as educational content, or used for future training programs.

4.8. Submission Data (Abstracts, Research Papers, Speaker Applications)

When you submit scientific or educational content, TIF Education may process:

  • Scientific abstracts
  • Research summaries
  • Academic submissions
  • Research papers
  • Educational materials
  • Author information
  • Institution details
  • Biographies
  • CVs
  • Presentation materials
  • Review and evaluation comments (internal)

4.9. Certificate Data

Depending on individual event requirements, TIF Education may issue attendance certificates, participation certificates, speaker certificates, educational certificates, or conference completion certificates. Certificate issuance may include your name, title, organization, event name, date, and signature/seal.

4.10. Account and Technical Data

  • User account credentials (username, hashed password)
  • Login history and session data
  • Profile information
  • Device type, browser type, and operating system
  • IP address (for security and functionality purposes)

5. Sensitive (Health) Data – Article 9 GDPR / Special Category Data

IMPORTANT: TIF Education is an educational platform focused on thalassaemia and related disorders, which are medical/health conditions. Under GDPR Article 9, health data is classified as Special Category Data requiring heightened protection.

5.1. What We Do Not Collect Intentionally

TIF Education does not intentionally collect the following sensitive data:

  • Medical diagnosis or test results (for patients)
  • Treatment history
  • Medication details
  • Genetic test results (unless submitted as part of research)
  • Sexual orientation
  • Religious beliefs
  • Political opinions
  • Trade union membership

5.2. What You May Voluntarily Provide

In limited cases, you may voluntarily provide information that could reveal health-related data, such as:

  • Patient status (yourself or family member)
  • Personal experience with thalassaemia
  • Dietary requirements related to medical conditions
  • Disability-related accommodation requests
  • Research data involving health/medical information

5.3. Legal Basis for Processing Sensitive Data

If you voluntarily provide health-related data, TIF Education processes it under the following legal bases:

  • GDPR (EU): Article 9(2)(a) – Explicit Consent for processing special category data
  • UK GDPR: Article 9(2)(a) – Explicit Consent + Data Protection Act 2018, Schedule 1
  • CCPA (California): Not classified as sensitive under CCPA, but treated with heightened protection
  • PIPEDA (Canada): Sensitive information – requires Express Consent
  • LGPD (Brazil): Article 11 – Explicit Consent for sensitive data
  • Australia Privacy Act: Sensitive information – requires Express Consent
  • UAE Data Protection Law: Article 12 – Explicit Consent for health data
  • DPDP Act (India): Special protection for sensitive personal data

5.4. Your Rights Regarding Sensitive Data

  • You may choose not to provide health-related data
  • If you provide it, you may withdraw consent at any time
  • TIF will delete sensitive data upon withdrawal, unless retention is required for legal obligations
  • Sensitive data is stored with enhanced security measures

By providing health-related data, you confirm that you are providing it voluntarily and consent to its processing under the terms above.

6. Purposes and Legal Basis for Processing

TIF Education processes your personal data for the following purposes:

6.1. Event Registration and Administration

Purpose: To process your registration for events, manage event access, issue certificates, and handle administrative tasks.

Data categories: Identity and contact data, professional and academic data, event registration data

Legal basis (GDPR/UK GDPR): Article 6(1)(b) – Contractual necessity (to fulfill your event registration)

6.2. Payment Processing

Purpose: To process payments for paid registrations and accommodation bookings.

Data categories: Payment data, identity and contact data

Legal basis (GDPR/UK GDPR): Article 6(1)(b) – Contractual necessity

Note: Payment processing is handled through Stripe. TIF Education does not store complete card details. Stripe's terms and privacy policy apply.

6.3. Accommodation Booking

Purpose: To manage hotel booking support related to conferences and accommodation management for event attendees.

Data categories: Accommodation data, identity and contact data

Legal basis (GDPR/UK GDPR): Article 6(1)(b) – Contractual necessity

6.4. Event Communications and Administrative Notifications

Purpose: To send event-related communications, including event announcements, registration confirmations, event reminders, educational updates, and conference information.

Data categories: Identity and contact data, email address

Legal basis (GDPR/UK GDPR): Article 6(1)(a) – Consent (for optional communications); Article 6(1)(b) – Contractual necessity (for essential administrative communications related to your registration)

You may opt out of optional communications at any time.

6.5. Sponsor and Exhibitor Data Sharing

Official TIF Policy: Attendee data is never shared with sponsors or exhibitors unless the attendee expressly opts in during registration.

  • Default: No sharing
  • Explicit consent required for any sharing
  • No automatic sponsor access to attendee data

Data categories: Identity and contact data, professional and academic data, event interests (if opted in)

Legal basis (GDPR/UK GDPR): Article 6(1)(a) – Consent

You may withdraw consent at any time by contacting admin@tifeducation.org.

6.6. Virtual Event Infrastructure (Zoom)

Purpose: To enable participation in webinars, virtual conferences, hybrid conference sessions, and educational meetings via Zoom.

Data categories: Virtual event data (attendance logs, session participation, chat messages, poll responses, questions, engagement statistics, IP address, device information, video/audio)

Legal basis (GDPR/UK GDPR): Article 6(1)(b) – Contractual necessity (to provide the virtual event service you have registered for); Article 6(1)(a) – Consent (for recording and additional processing beyond essential participation, where applicable)

6.7. Event Recordings and Publication

Purpose: To record events and later use recordings for educational content, archival, future training purposes, and publication (depending on event rules).

Data categories: Recording data (video, audio, screen, presentations, questions, discussions)

Legal basis (GDPR/UK GDPR): Article 6(1)(a) – Consent

By participating in recorded events, you acknowledge that sessions may be recorded. If you do not consent to recording, you may still attend the event, but certain participation features may be limited.

You may withdraw consent before the recording is published or archived by contacting admin@tifeducation.org. After publication, withdrawal may not be technically or legally feasible due to archival and distribution constraints.

6.8. Abstract, Research Paper, and Speaker Submissions

Purpose: To process submissions for abstract submissions, research paper submissions, speaker registrations (speakers, faculty members, presenters), and scientific and educational activities.

Data categories: Submission data, author information, institution details, biographies, CVs, presentation materials

Legal basis (GDPR/UK GDPR): Article 6(1)(b) – Contractual necessity (if your submission is accepted and you participate as speaker/faculty); Article 6(1)(a) – Consent (for submission and review process)

By submitting, you confirm that you hold the necessary rights to the content and that the content does not infringe third-party intellectual property rights.

6.9. Certificate Issuance

Purpose: To issue certificates of attendance, participation, speaker recognition, educational completion, or conference completion, depending on event requirements.

Data categories: Identity and professional data, event registration data

Legal basis (GDPR/UK GDPR): Article 6(1)(b) – Contractual necessity (if certificates are part of event requirements); Article 6(1)(f) – Legitimate interests (for educational recognition and record-keeping)

6.10. Account Management and Platform Functionality

Purpose: To enable user account creation, login, profile maintenance, and platform functionality.

Data categories: Account and technical data, identity and contact data

Legal basis (GDPR/UK GDPR): Article 6(1)(b) – Contractual necessity (to provide the platform service); Article 6(1)(f) – Legitimate interests (account security and platform integrity)

6.11. Security and Fraud Prevention

Purpose: To ensure the security of the platform, prevent fraud, and protect the rights and property of TIF Education and its users.

Data categories: Account and technical data, IP address, login history

Legal basis (GDPR/UK GDPR): Article 6(1)(f) – Legitimate interests (security and fraud prevention)

6.12. Legal Obligations

Purpose: To comply with legal obligations under Cyprus law, EU law, or international obligations.

Data categories: Relevant personal data as required by law

Legal basis (GDPR/UK GDPR): Article 6(1)(c) – Compliance with a legal obligation

6.13. Internal Analytics and Reporting

Purpose: To understand how the TIF Education platform is used, to improve services, to monitor event participation, to manage registrations, to issue certificates, to support scientific and educational operations, to improve platform security and performance, and to generate operational insights.

Data categories: All data collected through the platform, including account activity, registration records, event attendance, certificate issuance, submission activity, payment status, and technical logs

Legal basis (GDPR/UK GDPR): Article 6(1)(f) – Legitimate interests (operational improvement, service quality, platform security)

Note: Analytics is generated from our own database and platform records (first-party analytics). We do not use Google Analytics, Google Tag Manager, Meta Pixel, LinkedIn Insight Tag, Microsoft Clarity, or similar third-party advertising analytics tools at this time. Analytics may be aggregated or pseudonymized where possible, but where personal data is used, it is processed under the legal bases above.

7. Your Rights by Jurisdiction

Your privacy rights may vary depending on your location. Below is a summary of your rights:

7.1. EU Users (GDPR)

You have the following rights:

  • Right to access your personal data (Article 15)
  • Right to rectification of inaccurate data (Article 16)
  • Right to erasure / right to be forgotten (Article 17)
  • Right to restrict processing (Article 18)
  • Right to data portability (Article 20)
  • Right to object to processing (Article 21)
  • Right to withdraw consent at any time (Article 7)
  • Right to lodge a complaint with your national Data Protection Authority

Regulator: Contact your national DPA (e.g., Cyprus Commissioner, Irish DPC, German BfDI).

7.2. UK Users (UK GDPR)

You have the same rights as EU GDPR, plus the right to complain to the UK Information Commissioner's Office (ICO).

Regulator: https://ico.org.uk/

7.3. USA Users (CCPA/CPRA + State Laws)

California Residents (CCPA/CPRA):

  • Right to know what personal data is collected
  • Right to delete personal data
  • Right to opt-out of sale or sharing of personal data
  • Right to correct inaccurate personal data
  • Right to limit use of sensitive personal information
  • Right not to be discriminated against for exercising rights

TIF's policy is NO sharing of attendee data with sponsors unless you expressly opt in. TIF does not sell your personal data to third parties.

How to Opt-Out: Contact admin@tifeducation.org to opt out of any data sharing.

Other States: Virginia (VCDPA), Colorado (CPA), Connecticut (CDPA), Utah (UCPA) have similar rights. TIF complies with all applicable state laws.

Federal Laws: The FTC enforces federal privacy laws. TIF complies with applicable federal regulations.

7.4. Canadian Users (PIPEDA)

You have the following rights:

  • Right to access your personal information
  • Right to challenge accuracy and completeness
  • Right to withdraw consent (with limitations)
  • Right to complain to the Office of the Privacy Commissioner of Canada (OPC)

Regulator: https://www.priv.gc.ca/

Sensitive Information: Health data is sensitive under PIPEDA and requires Express Consent.

7.5. Brazilian Users (LGPD)

You have the following rights:

  • Right to confirm processing (Article 18)
  • Right to access your data (Article 18)
  • Right to correct incomplete or inaccurate data (Article 18)
  • Right to anonymize, block, or erase data (Article 18)
  • Right to data portability (Article 18)
  • Right to delete data processed with consent (Article 18)
  • Right to know about third-party sharing (Article 18)
  • Right to revoke consent (Article 8)
  • Right to complain to ANPD

Regulator: https://www.gov.br/anpd/

Sensitive Data: Health data is sensitive under LGPD Article 5 and requires Explicit Consent (Article 11).

7.6. Australian Users (Privacy Act 1988)

You have the following rights:

  • Right to know why data is collected (APP 1)
  • Right to know how data is collected (APP 1)
  • Right to access your data (APP 5)
  • Right to correct your data (APP 5)
  • Right to complain about privacy breaches (APP 1)
  • Right to complain to the Office of the Australian Information Commissioner (OAIC)

Regulator: https://www.oaic.gov.au/

Sensitive Information: Health data is sensitive information under APP 3 and requires Express Consent.

7.7. Middle East Users (UAE, Saudi Arabia, etc.)

UAE (Dubai/Abu Dhabi):

  • Right to access data (Article 10)
  • Right to correct data (Article 10)
  • Right to withdraw consent (Article 7)
  • Right to complain to TDRA (Telecommunications and Digital Government Regulatory Authority)

Regulator: https://www.tdra.gov.ae/

Saudi Arabia:

  • Right to access data
  • Right to correct data
  • Right to withdraw consent
  • Right to complain to CDA (Communications and Digital Authority)

Regulator: https://www.cda.gov.sa/

Health Data: Requires Explicit Consent under UAE Data Protection Law Article 12 and Saudi FDA.

7.8. Indian Users (DPDP Act 2023)

You have the following rights:

  • Right to access information (Section 11)
  • Right to grievance redressal (Section 12)
  • Right to erasure (Section 11)
  • Right to nominate (Section 13)
  • Right to complain to Data Protection Board of India

Regulator: https://dpbi.gov.in/ (when operational)

Sensitive Data: Special protection for sensitive personal data under DPDP Act.

8. Categories of Recipients of Personal Data

TIF Education may disclose your personal data to the following categories of recipients:

8.1. Third-Party Service Providers (Processors)

TIF engages third-party processors to provide specific services. These processors act on TIF's instructions and are bound by contractual obligations:

  • Stripe: Payment processing (payment gateway)
  • Zoom Video Communications: Virtual event infrastructure
  • Hosting and cloud service providers: Data storage and platform hosting
  • Email service providers: Transactional email delivery (where applicable)
  • Technical support and maintenance providers

All processors are required to implement appropriate technical and organizational measures to protect your personal data.

8.2. Scientific Committee and Reviewers

For abstract, research paper, and speaker submissions, limited data may be shared with:

  • Scientific committee members
  • Peer reviewers
  • Faculty coordinators

8.3. Sponsors and Exhibitors (Only with Explicit Consent)

TIF's official policy: Attendee data is never shared with sponsors or exhibitors unless you expressly opt in during registration.

  • If you opt in, shared data may include: name, email, professional title, organization, and event interests
  • You may withdraw consent at any time

8.4. Public and Educational Audience (Recordings and Publications)

Recorded events and submitted content may be:

  • Published on TIF Education platforms
  • Shared on third-party platforms (e.g., YouTube, Vimeo, institutional repositories)
  • Used for internal educational and training purposes
  • Archived in digital repositories

Once published, such content may be accessible to the general public or specific academic/medical communities.

8.5. Regulatory and Legal Authorities

TIF may disclose personal data to:

  • Data protection authorities (e.g., Cyprus Commissioner for Personal Data Protection)
  • Law enforcement agencies (where required by law)
  • Courts and tribunals (in legal proceedings)

9. International Transfers of Personal Data

TIF Education is based in Cyprus (EU), but your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including but not limited to:

  • United States (Stripe, Zoom, hosting providers)
  • United Kingdom (post-Brexit data transfers)
  • Canada
  • Brazil
  • Australia
  • Middle East (UAE, Saudi Arabia, etc.)
  • India

Such transfers are subject to appropriate safeguards in accordance with applicable data protection laws, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • UK International Data Transfer Agreement (IDTA) for UK transfers
  • Adequacy decisions (where the European Commission or relevant authority has determined the country provides adequate protection)
  • Binding Corporate Rules (where applicable)
  • Industry-standard encryption and security measures

You may request a copy of the appropriate safeguards by contacting admin@tifeducation.org.

10. Data Retention Periods

TIF Education retains your personal data only for as long as necessary to fulfill the purposes outlined in this notice, or as required by law.

10.1. Event Registration Data

Retention period: Duration of the event plus up to 2 years afterward.

Purpose: Administrative, legal, compliance, and educational record-keeping.

10.2. Payment Data

Retention period: As required by Cyprus tax and accounting laws (typically 5–7 years).

Purpose: Legal and fiscal obligations.

10.3. Accommodation Data

Retention period: Duration of the stay plus up to 2 years afterward.

Purpose: Administrative and legal record-keeping.

10.4. Virtual Event Data (Zoom)

Retention period: Up to 2 years after the event, unless longer retention is required for legal or educational purposes.

Zoom's own retention policies also apply (see Zoom Privacy Policy).

10.5. Event Recordings

Retention period: Indefinitely or until formally deleted.

Purpose: Educational, archival, and training purposes.

You may withdraw consent before publication, but not after.

10.6. Abstracts, Research Papers, Speaker Submissions

Retention period: Indefinitely or until formally deleted.

Purpose: Academic and educational archival.

10.7. Account Data

Retention period: Until account deletion plus up to 2 years afterward.

Purpose: Administrative and legal record-keeping.

10.8. Marketing Communications Data

Retention period: Until you withdraw consent or unsubscribe.

Purpose: Marketing and educational communications.

If you request erasure of your data, TIF will comply unless retention is necessary for compliance with legal obligations, performance of a contract, establishment/exercise/defense of legal claims, or archival purposes in the public interest, scientific or historical research, or statistical purposes.

11. How to Exercise Your Rights

To exercise any of your rights, please contact:

Email: admin@tifeducation.org

Address: Ifigenias 31, Strovolos 2083, Cyprus

In your request, please include:

  • Your full name
  • Your email address
  • The specific right you wish to exercise
  • Any relevant details to help us identify your data

We will respond within one month (30 days) of receiving your request. This period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt.

No fee is required to exercise your rights, unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act.

12. Cookies and Similar Technologies

TIF Education uses cookies and similar technologies for the following purposes:

12.1. Essential Cookies

Essential cookies are strictly necessary for:

  • Login sessions and authentication
  • Account security
  • Registration workflows
  • Payment sessions through Stripe
  • Core platform functionality

Without essential cookies, the platform cannot function properly.

12.2. Non-Essential Cookies

TIF Education currently does not use:

  • Google Analytics
  • Google Tag Manager
  • Meta Pixel / Facebook Pixel
  • LinkedIn Insight Tag
  • Microsoft Clarity
  • Advertising or marketing tracking cookies
  • Social media tracking cookies

If TIF Education introduces non-essential cookies in the future, a separate Cookie Policy and consent mechanism will be implemented in accordance with GDPR and ePrivacy Directive requirements.

13. Data Security

TIF Education implements appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, damage, alteration, or disclosure.

Measures include:

  • Secure login and authentication mechanisms
  • Encryption for data in transit (HTTPS/TLS)
  • Encryption for payment processing via Stripe
  • Access controls limiting data access to authorized personnel only
  • Regular security reviews and updates
  • Secure data storage with backup and disaster recovery procedures
  • Staff training on data protection and confidentiality

Despite these measures, no internet transmission is 100 percent secure. TIF Education cannot guarantee absolute security but strives to protect your data using industry-standard practices.

14. Automated Decision-Making and Profiling

TIF Education does not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

Strictly necessary automated processing (e.g., registration system logic, payment validation) is based on contractual necessity and includes human oversight where appropriate.

15. Children's Personal Data

TIF Education events are primarily intended for:

  • Doctors
  • Healthcare professionals
  • Researchers
  • Scientists
  • Academics
  • Medical students
  • Patient advocates
  • Patients and families (where applicable)

Minimum Age: 18 years old for registration.

  • TIF Education does not knowingly collect personal data from children under the age of 16 (GDPR default) or 13 (COPPA/UK).
  • If you are under 18, you must have parental or guardian consent to register.
  • If TIF Education becomes aware that it has collected personal data from a child under 16 without verifiable parental consent, it will take steps to delete such data.

16. Governing Law and Jurisdiction

Governing Law: Cyprus law applies to all disputes related to this notice and TIF Education.

Jurisdiction: Any legal disputes shall be subject to the exclusive jurisdiction of the courts of Cyprus (Nicosia).

Language: This notice is provided in English. If provided in other languages, the English version prevails for legal interpretation.

Waiver: You may not waive your rights under applicable data protection laws.

17. Changes to This Notice

TIF Education may update this GDPR Consent Notice from time to time to reflect changes in our practices, legal or regulatory requirements, platform features, or services.

The updated notice will be posted on this page with an updated "Last revised" date. We encourage you to review this notice periodically.

Continued use of TIF Education after changes constitutes acceptance of the updated notice.

18. Last Revised

Last revised: June 4, 2026

19. Contact Information

Thalassaemia International Federation (TIF)

Operating Platform: TIF Education

Website: https://tifeducation.org

Address: Ifigenias 31, Strovolos 2083, Cyprus

Email: admin@tifeducation.org

For privacy-related requests, data subject rights, or questions about this notice, please contact us using the above details.

20. Acknowledgment

By registering for TIF Education events and using the TIF Education platform, you acknowledge that:

  • You have read, understood, and accepted this GDPR Consent Notice
  • You agree to the processing of your personal data as described herein
  • You have been informed of your rights under GDPR, UK GDPR, CCPA, PIPEDA, LGPD, Australia Privacy Act, UAE Law, and DPDP Act
  • You understand that TIF Education does not share attendee data with sponsors unless you expressly opt in
  • You understand that events may be recorded and recordings may be used for educational and archival purposes
  • You understand that payment processing is handled through Stripe and TIF does not store complete card details
  • You understand that Zoom is used for virtual events and related data may be collected
  • You confirm that you are 18 years or older (or have parental consent if under 18)
  • You understand that health-related data is sensitive and requires explicit consent if provided
  • You understand that internal analytics is generated from our own database for operational and service improvement purposes


 

OTP Verification

Enter the code sent to your email

Didn’t receive OTP?

Forgot Password

Enter the registered email

Check your email

We've sent a 4-digit OTP to your email address. Please enter the code to verify your account.

Reset Password

Create a new password

Accommodation Rules

A valid ID proof is required for all guests at the time of check-in.

Rooms are allocated on a first-come, first-served basis unless pre-booked.

Any damage to hotel property will be charged to the guest.

Guests are requested to maintain cleanliness and respect shared spaces.

Outside visitors may be restricted as per hotel guidelines.

Noise levels should be kept minimal after 10 PM.

Thalassaemia International Federation is not responsible for any personal loss.