Privacy notice
Contact the DBT Investment Team
The purpose of this document
The Department for Business and Trade (DBT) is committed to protecting the privacy and security of your information. This privacy notice describes how we collect and use personal information about you in accordance with UK Data Protection legislation, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
We are required under data protection legislation to notify you of the information contained in this privacy notice. It is important that you read this notice, so that you are aware of how and why we are using your information.
What data we collect
Personal data we collect includes:
- your name
- your job title
- your business email address
- your business telephone number
Why we need your data
The information you provide will be processed by DBT and selected third parties in order to:
- respond to your enquiry about investing in the UK
- provide you with information about relevant DBT services
- match you to the right UK trade and investment opportunities
- direct you to appropriate advice, events and services
- understand barriers to trade and investment
- design effective and intelligent trade and investment policy, services and make business decisions
Our legal basis for processing your data
The legal basis for processing your personal data is that it is necessary:
- to perform a task in the public interest
- for the exercise of our functions as a government department
How we share your information
We will, in some circumstances and where the law allows, share your data with other government departments, agencies, public bodies and third party service providers which may include, but are not limited to:
- Amazon Web Services (AWS)
- Government Digital Service (GDS)
- Organisations contracted by DBT to deliver investment support services
- Organisations contracted by DBT to provide marketing and communications services, including M&C Saatchi, Manning Gottlieb OMD, TMW Unlimited, Aventri and Populus
- Kantar Public
- Local Enterprise Partnerships and trade bodies
- Devolved administrations
- Other UK government departments, including but not limited to the Foreign and Commonwealth Office
You will be notified if your information is shared with other third parties not included in this list.
Aggregated analysis of responses may also be shared with the Information Commissioner’s Office (ICO), the Government Internal Audit Agency (GIAA), and the National Audit Office (NAO).
We will not:
- sell or rent your data to third parties
- share your data with third parties for their marketing purposes
We will also share your data if we are required to do so by law or regulation – for example, by court order, or to prevent fraud or other crime.
How long we keep your data
In line with our records management and retention and disposal policy, we will only retain your personal information for as long as:
- it is needed for the purposes set out in this document
- the law requires us to
Subject to the bullets above, we will retain your personal information for up to 10 years from the date on which it is provided or subsequently updated, in order to fulfil the purposes for which it was collected.
How we protect your data and keep it secure
We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data - for example, we protect your data using varying levels of encryption. All personal data is stored in the European Economic Area (EEA).
We also ensure that any third parties keep all personal data they process on our behalf secure.
Contacting you
We will use the personal information you provide to contact you about the specific service you have used or enquiry you have made.
In addition to this, when you provide your personal information, you have the option to provide your consent for us to contact you by email or telephone with direct marketing communications. You will only receive these communications if you have given your consent.
If you provide your consent for direct marketing, you have the right to unsubscribe at any time. For email marketing, you can do so using the ‘unsubscribe’ link included in all DBT marketing emails. For telephone marketing, you should inform the caller that you no longer wish to be contacted.
Your rights
You have the right to request:
- information about how your personal data is processed
- a copy of any personal data we hold about you
- that any inaccuracies in your personal data are corrected immediately
You can also:
- raise an objection about how your personal data is processed
- request that your personal data is erased if there is no longer a justification for it
- ask that the processing of your personal data is restricted in certain circumstances
Contacting us
If you have any of these requests or have questions about this privacy notice and how we handle your personal information, contact:
Data Protection Officer
Department for Business and Trade
Old Admiralty Building
Whitehall
LONDON
SW1A 2DY
Email: data.protection@businessandtrade.gov.uk
DBT’s Data Protection Officer
DBT’s Data Protection Officer (DPO) is responsible for independent advice and monitoring of DBT’s use of personal information.
Contact the DPO with any concerns about how DBT handles your personal information.
Data Protection Officer
Department for Business and Trade
Old Admiralty Building
Whitehall
LONDON
SW1A 2DY
Email: data.protection@businessandtrade.gov.uk
Information Commissioner’s Office
Contact the Information Commissioner for independent advice about data protection, privacy and data-sharing issues.
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Textphone: 01625 545860
Email: casework@ico.org.uk
Changes to this privacy notice
We reserve the right to update this privacy notice at any time and we will provide you with a new privacy notice when we make any substantial updates.
Confidentiality
Information provided whilst using this service, including personal information, may be disclosed in accordance with access to information regimes, primarily the Freedom of Information Act 2000 (FOIA).
If you want the information you provide to be treated confidentially, please be aware that, in accordance with the FOIA, public authorities are required to comply with a statutory code of practice which deals, amongst other things, with obligations of confidence.