We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
1. What information do we collect?
We do not share any of our contacts information with other organisations and only use it to inform our stakeholders and other interested parties about our work. We do not generally engage in the email marketing of services, and any information emails we send have an “unsubscribe” option. The only exceptions to this are in relation to the promotion of our macroeconomic model, NiGEM, and information on corporate membership of NIESR. In both these cases we rely on the explicit consent of recipients for us to hold contact information about them. For subscribers to our newsletter, we collect certain information which is explained here: https://www.niesr.ac.uk/subscribe At our offices we do not require any personal information in order for visitors to use our guest Wifi while they are on the premises, and the Wifi does not connect with our IT network.
- information about your computer and about your visits to and use of this website;
- information that you provide to us for the purpose of registering with us;
- information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters.
A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites.
When required, cookies beginning with 'SESS' are used to track an individual's persistent status, such as whether they are logged in.
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
3. Using your personal information
We may use your personal information to:
- enable your use of the services available on the website;
- send you email notifications which you have specifically requested;
- send to you marketing communications relating to our business which we think may be of interest to you by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);
- deal with enquiries and complaints made by or about you relating to the website.
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
In addition, we may disclose your personal information:
- to the extent that we are required to do so by law;
- in connection with any legal proceedings or prospective legal proceedings;
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
5. Security of your personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Data we hold at NIESR is kept in a protected IT environment, in line with the requirements of ISO 27001 on Information Security (for which NIESR is accredited) and the requirements of Cyber Essentials (for which NIESR is also accredited). NIESR is registered with the Information Commissioner’s Office (ICO): registration number Z4953990.
The shared data drives on the NIESR server are accessible only to staff who require access to them for NIESR related work, and data are deleted once the work has been completed. We also have a disposal policy for records of former staff, interviewees and other visitors to our offices.
You are entitled to view, amend, or delete any personal information that we hold about you. Please email your request to our Data Protection Officer – Sally Jacob: dataprotectionofficer [at] niesr.ac.uk (dataprotectionofficer)s.jacob [at] niesr.ac.uk (@niesr.ac.uk)
Data security breaches are prevented by stringent Data Security Procedures practiced by NIESR and stakeholders. Any data breach detected is notified with 72 hours to ICO and the individual/s as per GDPR Guidelines.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping your password and user details confidential. We will not ask you for your password (except when you log in to the website).
6. Policy amendments
7. Your rights
You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity.
You may instruct us not to process your personal information for marketing purposes by email at any time. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal information for marketing purposes.
8. Third party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
What information we may collect
- We collect data directly from job applicants who provide data to apply for a specific, adversited job or by speculatively submitting a CV. This will include data from covering letter/CVs, as well as data acquired during interviews and from referees.
Why we collect and process this information and how we will use it
- We process data from applicants in order to manage our recruitment process and to assess the skills and experience of applicants to confirm suitability for employment. The organisation may also need to process data from job applicants to respond to and defend against legal claims. It may also use the data to inform future decisions about where and when to recruit. Access to the data is given to the recruitment panel. In the case of employment referees, contact will only be made with the prior consent of the candidate.
Lawful basis for processing this information
- The lawful basis for processing information from a job application is consent, which you are providing by submitting an application. Where information is required to comply with legal obligations (e.g. it is required to check a successful applicant's eligibility to work in the UK before employment starts) the lawful basis for processing some information is legal.
How long we keep your information
- For unsuccesful candidates, data will be held for six months from the date of application before being deleted form our systems. For successful candidates, a contract will be entered into and personal data will be transferred to a personnel file.