Privacy Policy

NIESR is committed to protecting your privacy and security. This policy explains how and why we use your personal data, to ensure you remain informed and in control of your information.

Our Contact Details

Data Protection Officer
2 Dean Trench Street
SW1P 2HE

020 7222 7665

dataprotectionofficer@niesr.ac.uk

The Type of Personal Information We Collect

Personal data or personal information means any information about an individual from which that person can be identified.  It does not include data or information where the identify has been removed (anonymous data).

We may collect personal information from you through this website and/or in connection with one of the activities set out in the next section.

The types of personal data we may collect includes but is not limited to:

  • Business contact details such as the details of the company you work for, your title or position.
  • Personal contact information such as name, address, gender, data of birth, telephone number or other contact details
  • Payment information (if and to the extent that nay such payment information constitutes personal data)
  • Health information (strictly limited to such information we require to discharge our legal and duty of care obligations)
  • Technical information relating to your visits to our websites, social media or other electronic communications or economic tools
  • Marketing data about whether you would like to receive marketing communications from us and your preferences in relation to such marketing.

How We Obtain Personal Information, and How We Use It

We will only collect personal data where that information is necessary for us to complete one of the functions or activities of our charity.

Most of the personal information we process is provided to us directly by you for one of the following reasons

  • Applications submitted by you corporate membership or requests to receive our economic tools or newsletters.
  • Enquiries made by you through our website or social media channels
  • When you follow our social media accounts and register or subscribe to our mailing list.
  • Participation in a survey, research project, conference, training session or other events
  • Direct contact between you and our staff eg email, phone and direct meeting
  • Sending you marketing communications relating to NIESR, to which you have consented and which we think may be of interest to you.  You can inform us at any time here if you wish to unsubscribe by emailing events@niesr.ac.uk

We do not normally collect sensitive personal data and would only do so in the event that it was necessary for your protection, for example in the event of an accident on our premises.

Who We Share Your Data With

We will never sell your personal data.

We may disclose information to third parties where we have received your consent to do so or where we are required to do so by law.

We may also disclose your personal data to third parties:

  •  The suppliers and service providers we use to run our business processes, examples include:
    • Our hosting provider, providers of software as a service and e-mail service providers.
    • When we partner with a third party to host an event
    • Where we collaborate with or sub-contract to a third party to complete our research.

We may also share your data with our auditors.

In some instances where we share data with certain third parties those third parties will also be controllers of your data.  The survey company that we use, (currently Qualtrics and SurveyMonkey), will also be a controller of your data.  As controllers, they are responsible for their processing of your personal data. Please refer to Qualtrics and SurveyMonkey’s privacy policy for details as to how they process personal data.

Basis for Processing Personal Information

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

  1. Your consent. You are able to remove your consent at any time. You can do this by contacting dataprotectionofficer@niesr.ac.uk
  2. We have a contractual obligation.
  3. We have a legal obligation.
  4. We have a legitimate interest.
  5. We need it to perform a public task.

How We Store Your Personal Information

Your information is stored in our secure servers.  NIESR is ISO 27001 and Cyber Essentials accredited and our storage conforms with these requirements in order to safeguard and secure your information.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Data is only accessible to staff who require access for NIESR-related work and staff are trained to ensure that your data is secure.

We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).

We continually review what information we hold and delete what is no longer required.

Cookies

A cookie is a small data file which is stored on your browser or the hard drive of your computer (or other electronic device) when you access our site.

For more information about the cookies we use and the reasons why we use them, please see our Cookies Policy.

Your Data Protection Rights

Under data protection law, you have rights including:

  • Your right of access – You have the right to ask us for copies of your personal information.
  • Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
  • You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at dataprotectionofficer@niesr.ac.uk , 020 7222 7665 if you wish to make a request.

How to Complain

If you have any concerns about our use of your personal information, you can make a complaint to us at dataprotectionofficer@niesr.ac.uk , 020 7222 7665

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

 

11 Sept 2020