The following privacy notice applies solely to the information collected by International Federation of Medical Students’ Associations (IFMSA) through the Exchange Database (exchange.ifmsa.org). IFMSA also has a general data privacy policy which applies to all areas of work. By agreeing to this clause, you will also be agreeing to the IFMSA general privacy policy, which can be found here.

1. Who we are

The International Federation of Medical Students’ Associations (IFMSA) is a Non-Governmental Organization founded in 1951. It is the world’s oldest and largest independent organization representing associations of medical students internationally, and it currently represents more than 1.3 million students worldwide.

IFMSA envisions a world in which all medical students unite for global health and are equipped with the knowledge, skills, and values to take on health leadership roles locally and globally. This is achieved by leading initiatives that impact positively the communities we serve, and by building capacity through training, project and exchanges opportunities while embracing cultural diversity so as to shape a sustainable and healthy future.

2. What personal information do we collect?

The data we collect through the exchange database are the ones strictly necessary for us to be able to organize your Professional or Research Exchange. More specifically, the personal information we collect include:

  • Personal information (name, gender, nationality, date of birth, passport/ID number, passport/ID expiration date, and language spoken)
  • Information on your university/faculty
  • Contact details (email, phone, address, and country of residence)
  • Copy of documents required by the hosting National Member Organization (NMO) or Local Committee (LC) for your exchange (including, but not limited to, proof of enrollment, photo, passport copy, insurance policy, immunization record/vaccination card, police clearance report). The specific list of documents required can be found on the Exchange Conditions of your hosting country/National Member Organization (NMO), which are accessible here.

3. Data ownership and storage

IFMSA is the sole owner of the data collected through the IFMSA database. The data is stored in a server owned by a web company based in a non-EU country; the company does not have access to the data except in special circumstances when it is required to fix problems with the database. Please note that, whenever we share personal data with the company, we take all reasonable steps to ensure the safety of your private information, including but not limited to changing the password immediately after the problem is fixed.  

Within the IFMSA, your data are accessible only to the Local Exchange Officer/Local Officer on Research Exchange of your sending and hosting LC, the National Exchange Officer/National Officer on Research Exchange of your sending and hosting NMO and the International Teams of the Standing Committee on Professional Exchange/Standing Committee on Research Exchange of the IFMSA. All the people who need to access your data can do so through their official database accounts which are password-protected.

Outside of IFMSA, your personal information are shared only with the hosting institution which is responsible for your exchange, and with the web company in the exceptional cases mentioned above. In all cases, we strive or will continue to strive to ensure that the organizations we work with have adequate data-protection and confidentiality clauses on data collection that are compliant with the regulations set out within the EU data protection legislation.

IFMSA only has access to the information that you voluntarily give us on the exchange database.

4. How is your information used?

IFMSA collects information about you through the database Application Form (AF), Card of Documents (CoD) and Card of Confirmation (CC) with the sole purpose of organizing your exchange. The information collected through the database Evaluation Form is used by IFMSA and the hosting NMO to improve the quality of the exchange program, and by IFMSA to assess the impact of the exchange program on students.

Some of your personal information in the Evaluation Form (i.e., your gender, country of origin, and some of the answers you give in the form) is disclosed to a third party; however, you will be asked to give specific consent for providing this information to a third party in the Evaluation Form. However, we would like to make it clear that at this moment, IFMSA does not engage in targeted advertising, and thus we do not share any data with third parties for marketing or advertising purposes.

As for the length of storage, we will hold your personal information on our system and process your data for as long as is necessary for the relevant activity (namely the exchange program itself and its impact assessment).

5. Your access to and control over information

You can do the following actions at any time by contacting us via email (gs@ifmsa.org):

  • Request a copy of the personal information we have about you
  • Have us change or correct any data we have about you
  • Have us delete any data we have about you
  • Withdraw consent using your information
  • Share any concerns regarding the use of your personal information

Keep in mind that we cannot guarantee your exchange in case you ask us to delete some or all of your personal information, or you withdraw your consent for using your information before the end of your exchange.

6. Contact Information:

Should you find some infringements that you would like to be rectified or would like to find more information on our privacy policies, please contact us at gs@ifmsa.org with the subject [GDPR INQ] in the subject line.