This notice explains how and why we will use your personal data and your rights if you are in contact with the Government Office for Technology Transfer. It is made under Articles 13 and / or 14 of the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Your data
We will process the following personal data:
- names and contact details of relevant contacts within the organization
This will include:
- name and surname
- Business role
- email address
- telephone number
- unnamed self-reported diversity data on participants in Government Office for Technology Transfer programs, including secondments from external organizations
We will process the following additional data:
- organization name
- other organizational features to assist the Government Office for Technology Transfer in its work
- recording the interactions between the Government Technology Transfer Office and your organization
We will link data such as professional names and email addresses between these and other sources to inform our ongoing work schedule and to facilitate effective program monitoring, evaluation and development.
Scope
The purpose for which we process your personal data is:
- to manage funding applications
- monitor and evaluate the Government Office for Technology Transfer program
- to facilitate communication with participating organizations
- provide support and guidance on knowledge wealth opportunities
- monitor and evaluate the impact of the program on equality
- identify areas where support can be provided by partner organizations
- to support your participation in meetings and workshops
Legal basis of the processing
The legal basis for the processing of your personal data is:
- public task: the processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority vested in the data controller, such as the exercise of a function of the Crown, of a Minister of the Crown, or a government department; the exercise of a function conferred on a person by a legislative act; the exercise of a function of one of the two Houses of Parliament; or the administration of justice. Collecting data will allow us to work effectively with participating organizations and will allow for the monitoring and assessment of the impacts of our work.
The legal basis for the processing of your special category data is:
- the processing belongs to a specific category of personal data and is necessary in order to identify or keep under control the existence or absence of equal opportunities or treatment between specified groups of persons (in paragraph 8, paragraph 2, of the 2 of Annex 1 to the Data Protection Act 2018) in relation to this category in order to allow the promotion or maintenance of such equality; and is not carried out for the purpose of measures or decisions against a particular data subject; and you have not refused consent; and you have not communicated that you do not want your data to be processed for these purposes; and the treatment is not likely to cause substantial harm or substantial suffering to an individual; and an appropriate policy document is in place. Self-reported data on the racial or ethnic characteristics of innovation teams applying for the grant fund will be collected through a voluntary questionnaire.
Note: Special category data (often known as sensitive personal data) is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, health data or data relating to a natural person’s sexual life or sexual orientation.
Recipients
Your personal data will not be shared outside of BEIS without your express permission. We may share your information if required by law, for example by court order or to prevent fraud or other crime.
As your personal data will be stored on our IT infrastructure, it will also be shared with our processors, currently Microsoft and Amazon Web Services. We do not allow our data processors to use or share this data for their own purposes.
Retention
General contact information, organizational details and transaction records will be retained throughout the employment relationship. Following the termination of the employment relationship, the data will be deleted after a maximum of 7 years.
Grant funding applications will be retained for a period of 4 years from the date of the panel assessment to allow for monitoring and evaluation of funds, including to inform future planning.
Aggregated data on innovation projects will be kept indefinitely to allow continuous monitoring and evaluation.
Your rights
You have the right to:
- request information on how your personal data is processed and request a copy of such personal data
- request that any inaccuracies in your personal data be rectified without delay
- request the integration of any incomplete personal data, also by means of a supplementary declaration
- request the deletion of your personal data if there is no longer a justification for their processing
- in certain circumstances (for example, where accuracy is disputed), request that the processing of your personal data be restricted
- oppose the processing of your personal data where processed for direct marketing purposes
- oppose the processing of their personal data
International transfers
Since your personal data is stored on our IT infrastructure and shared with our data processors Microsoft and Amazon Web Services, it can be transferred and stored securely in the UK and the European Economic Area. Where your personal data is stored outside the UK e IF IT’S will be subject to equivalent legal protection through the use of standard contractual clauses.
Complaints, disputes
If you believe that your personal data has been misused or handled improperly, you can file a complaint with the Information Commissioner, which is an independent UK regulator. The Information Commissioner can be contacted at:
Any complaint to the Information Commissioner does not affect your right to seek compensation through the courts.
The data controller of your personal data is the Department for Business, Energy and Industrial Strategy (BEIS).
You can contact the BEIS Data Protection Officer at:
Changes to this policy
We may change this privacy policy. If so, the “last updated” date at the bottom of this page will also change. Any changes to this privacy policy will immediately apply to you and your data.
If these changes affect the way your personal data is processed, we will take reasonable steps to notify you.