Privacy Notice
Enhanced International Support Services China (EISS China)
This notice sets out your rights with respect to how We will use your personal data. The Department for Business and Trade (DBT) (also referred to as “We” or “Us” or “Our” in this Privacy Notice) recognises that it has a duty to people whose information We hold to treat that information responsibly, keep it safe and secure, and process it correctly and proportionately. We process your personal data lawfully and fairly in line with the 2018 Data Protection Act. This privacy notice broadly explains what information We collect, the purpose for processing, categories of personal information and who We may share it with. It is important that you read this notice, so that you are aware of how and why We are using your information.
Purpose
The purpose of processing your data is to provide in-market support to SMEs in China through an Export Support Hub, providing market advice and guidance. The Hub will also manage a pool of specialist private sector providers which clients can choose to engage with for further support.
The information we collect
Mandatory information to be collected as part of the consultation:
- name (first name and surname)
- email address
- name of organisation/business/business organisation you represent if any
- relevant business information to support the triage/ diagnostic of your company including turnover, sector, experience of exporting
We use your personal information in line with the purpose detailed in this Privacy Notice. We may also use your contact details to remove your response if you instruct us to do so.
Our legal basis for processing your data
Your personal data will be processed on the lawful basis of:
- Public Task, the processing is necessary for DBT to perform a task in the public interest and as an official function of the department’s role.
How we may share your information
Your personal data will be processed and shared within the Department for Business and Trade and with selected third parties.
Third parties with whom information will be shared with are:
- Grant Thornton, the data processor providing in market customer services
- aggregated analysis of responses may be shared with the Information Commissioner’s Office (ICO), the Government Internal Audit Agency (GIAA), the National Audit Office (NAO) and central government departments
- third party evaluators appointed by DBT to review overall programme performance and impact.
We may share information with other government departments who may have a common interest with resolving complaints.
We may also anonymise some personal data you provide to us to ensure that you cannot be identified and use this data to allow the DBT to effectively target and plan the provision of services related to the purposes described above.
We will not:
- sell or rent your data to third parties
- share your data with third parties for marketing purposes
- use your personal data in analytics
We will also share your data if we are required to do so by law or regulation, for example, by court order, or to prevent fraud or other crime.
How long we will keep your information
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will retain your personal information for as long as: it is needed for the purposes set out in this document
- it is needed for the purposes set out in this document
- the law requires us to do so
Subject to the paragraph above, we will retain your personal information for up to 7 years from the date on which it is provided. However, we conduct regular reviews to ensure we only keep information required for the purpose of which it was collected. Should there be any indication that there will be a business need to extend this retention period, this will be robustly reviewed, and any changes will be clearly outlined and recorded in a revised notice.
Your rights and access to your information
You have the right to request a copy of the information that We hold about you. The Data Protection Act (DPA) also gives you additional rights that refer to how the DBT holds and uses your information.
Consequently, under certain circumstances, by law you have the right to:
- request information about how your personal data is processed.
- raise an objection about how your personal data is processed.
- right to raise a request for erasure
- right to portability
Identity and contact details
The Department for Business and Trade are registered as a Data Controller under the General Data Protection Regulation and Data Protection Act 2018. Our contact details are:
Data Protection Officer
Department for Business and Trade
Old Admiralty Building
Whitehall
LONDON
SW1A 2DY
Email: data.protection@businessandtrade.gov.uk
You have a right to complain to us if you think We have not complied with Our obligation for handling your personal information. You can contact Our Data Protection Officer using the same contact. If you are not satisfied with the DBT response you have a right to complain to the Information Commissioner’s Office (ICO). You can report a concern by visiting the ICO website.
For more information about your rights under the Data Protection Act or to request a copy of any data held about you please contact data.protection@businessandtrade.gov.uk
Changes to this privacy notice
We reserve the right to update this privacy notice at any time and We will provide you with a new privacy notice when We make any substantial updates.
Confidentiality
If you wish the information you provide to be treated as confidential please be aware that, in accordance with the Freedom of Information Act (FOIA), public authorities are required to comply with the FOIA.
In view of this, it would be helpful if you have reasons for confidentiality if you could explain to us why you wish that information to be treated confidentially. If We receive a request for disclosure of information that has been provided, We will take full account of your explanation, but We cannot give an assurance that confidentiality can be maintained in all circumstances.