UK Export Academy
The purpose of this document
The Department for Business and Trade (DBT) is committed to protecting the privacy and security of your information. This privacy notice describes how we collect and use personal information about you in accordance with UK Data Protection legislation (the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018).
We are required under data protection legislation to notify you of the information contained in this privacy notice. It is important that you read this notice, so that you are aware of how and why we are using your information.
What data we collect
Personal data we collect is:
- Email Address
- First Name
- Last Name
- Telephone Number
- Job Title
- Business name
- Business postcode
Why we need your data
The information you provide will be processed by DBT and selected third parties in order to:
- process queries to the department relating to the UKEA service
- match and target businesses to the most relevant services
- manage relationships with businesses the department is supporting to trade or invest internationally
- identify businesses with the greatest propensity to trade or invest and direct them to the most appropriate advice, events and services
- evaluate the impact of trade and investment services
- better understand the trade and investment environment and business landscape
- process business applications to access trade and investment related advice and services
- understand barriers to trade and investment
- design effective trade and investment policy, services and make business decisions
How is your personal data collected?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your name, contact information and other personal data by filling in forms or by corresponding with us by email or otherwise on the service. This includes personal data you provide when you: (a) sign up to an event; (b) request promotional messages to be sent to you; (c) complete forms or surveys; or (d) give us feedback or contact us.
Automated technologies or interactions. As you interact with the service, we will automatically use your data to provide links to other similar technologies such as Microsoft Teams for the purpose of delivering webinar content.
Our lawful basis for processing your data
Our lawful basis for processing your personal data is that the processing is necessary for us to perform our public tasks and functions, particularly our responsibility to advise, support, and promote British businesses to grow and export.
How we share your information
We will, in some circumstances and where the law allows, share your data with other government departments, agencies, public bodies and third-party service providers which may include, but are not limited to:
- Amazon Web Services (AWS)
- Government Digital Service (GDS)
- Delivery Partners (DPs)
- Organisations contracted by DBT to provide marketing and communications services, including M&C Saatchi, Manning Gottlieb OMD, TMW Unlimited, Aventri and Populus
You will be notified if your information is shared with other third parties not included in this list.
Aggregated analysis of responses may also be shared with the Information Commissioner’s Office (ICO) the Government Internal Audit Agency (GIAA), and the National Audit Office (NAO).
We will not:
- sell or rent your data to third parties
- share your data with third parties for marketing purposes
- use your data in analytics
We will also share your data if we are required to do so by law or regulation – for example, by court order, or to prevent fraud or other crime.
How long we keep your data
In line with our retention and disposal policy, we will only retain your personal information for as long as:
- it is needed for the purposes set out in this document
- the law requires us to
Subject to the bullets above, we will retain your personal information for up to 3 years from the date on which it is provided or subsequently updated, in order to fulfil the purposes for which it was collected.
How we protect your data and keep it secure
We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data - for example, we protect your data using varying levels of encryption.
Your information is generally stored on servers and filing systems in the UK or the European Economic Area. From time to time, it may be stored in or accessed from countries outside the European Economic Area. See the full privacy notice for more information: https://www.great.gov.uk/privacy-and-cookies/full-privacy-notice/
We also take steps to ensure that any third parties keep secure all personal data they process on our behalf.
We will use the personal information you provide to contact you about the specific service you have used or enquiry you have made.
In addition to this, when you provide your personal information, you have the option to provide your consent for us to contact you by email or telephone with direct marketing communications. You will only receive these communications if you have given your consent.
If you provide your consent for direct marketing, you have the right to unsubscribe at any time. For email marketing, you can do so using the ‘unsubscribe’ link included in all DIT marketing emails. For telephone marketing, you should inform the caller that you do not wish to be contacted.
In respect of the processing outlined in this privacy notice, you have the right to request:
- information about how your personal data is processed
- a copy of that personal data
- that we rectify any inaccuracies in information we hold about you
You can also:
- raise an objection about how your personal data is processed
- ask that the processing of your personal data is restricted in certain circumstances
If you have any questions about this privacy notice or how we handle your personal information, or to exercise your data subject rights, you can also write to us at:
Data Protection Officer
Department for Business and Trade
Old Admiralty Building
You can also make a complaint to the Information Commissioner, who is an independent regulator:
Information Commissioner's Office
0303 123 1113
Changes to this privacy notice
We reserve the right to update this privacy notice at any time and we will provide you with a new privacy notice when we make any substantial updates.
Information provided whilst using this service, including personal information, may be disclosed in accordance with access to information regimes, primarily the Freedom of Information Act 2000 (FOIA).
If you want the information you provide to be treated confidentially, please be aware that, in accordance with the FOIA, public authorities are required to comply with a statutory code of practice which deals, amongst other things, with obligations of confidence.