Privacy notice for UKCORR
This document sets out what we do with your personal data in relation to GDPR and freedom of information activities.
This document applies to you if you have ever contacted UKCORR regarding a freedom of information or GDPR matter.
Who are we?
UKCORR is the data controller in relation to the processing activities described below. This means that UKCORR decides why and how your personal information is processed.
Where this document refers to “we”, “our” or “us” below, unless it mentions otherwise, it’s referring to UKCORR
What information do we collect about you, and how do we collect it?
Information that you give to us
We collect information that you supply when you contact us to make a request or enquiry, or complete a survey of ours, such as your name, contact details and nature of your request. This information is held by the UKCORR committee, and will be stored separately to any other records we hold.
Information that we collect automatically
Information that we receive from third parties
How do we use your personal information?
We need to know some information about you so that we can send you the information you have requested and contact you about it if necessary. We have a legal obligation under GDPR legislation to do this. If you make a complaint or appeal in respect of your request, it is in our legitimate interest to process your personal data for this purpose.
We also use personal data to analyse how successful our activities have been. For example when responding to a survey or to gather feedback on a particular topic.
Who do we share your information with?
UKCORR will not share your data with anyone else. All personal data that we store is for UKCORR purposes only
We do not use third party suppliers and service providers for information sharing
Do we transfer information outside the EEA?
Generally, information you provide to us is stored on our secure servers, or on our cloud based systems which are located within the EEA.
However, there are times when we do need to store information outside the EEA. If we transfer your information outside of the EEA, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. This would either be imposing contractual obligations on the recipient of your personal information, or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. For example, we would ensure that a US based supplier has signed up to “Privacy Shield”.
How long do we keep your personal information for?
The UKCORR committee will keep your contact details for as long as the purpose (s) you contacted us for. In terms of survey data we would look to anonymous this on publication of the survey results and not retain any of your personal data.
You have a number of rights in relation to your personal information, which apply in certain circumstances. In order to exercise any of these rights, please contact us using the details at the bottom of this document.
You have the right
- To access your personal information that we process
- To rectify inaccuracies in the personal information that we hold about you
In some circumstances, you also have the right
- To have your details removed from systems that we use to process your personal data
- To restrict the processing of your personal data in certain ways
- To obtain a copy of your personal data in a structured electronic data file
- To object to certain processing of your personal data by us
- To request that we stop sending you direct marketing communications.
If you are concerned about the way we have processed your personal information, you can complain to the Information Commissioner’s Office (ICO). Please visit the ICO’s website www.ico.org.uk for further details.
Please direct any queries about this document or about the way we process your personal information to our Data Protection Officer using the contact details below.