Privacy notice for contact form
The Purpose of this document
The Department for Business and Trade (DBT) is committed to protecting the privacy and security of your information. This notice describes how we collect and use your personal data in accordance with UK data protection legislation, namely the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
It is important that you read this notice, so that you are aware of how and why we are using your information.
Cookie Policy
Read our cookie policy to find out about the cookies we use, what they're for and when they expire.
What personal data we collect
The personal data DBT collects about you depends on your enquiry. This may include but is not limited to:
- your name
- your email address
- your phone number
- your address
- job or role within your company
- use of assistive technology
- rating of enquirer’s knowledge of where to go for help and support with exporting
- where did you hear about
- your feedback about ESS
The purpose of collecting data
The data you provide will be processed by DBT for the following purposes:
- to manage relationships in support to businesses trading or investing internationally
- to identify and secure opportunities both international and the UK
- to direct businesses to appropriate advice, events, and services
- to better evaluate the impact of trade and investment services and process business applications to access trade and investment related advice and services
- to support understanding of the trade and investment environment and the domestic and international business landscape
- to target financial support at businesses to secure trade and investment opportunities
- to understand barriers to trade and investment and design effective and intelligent trade and investment policy, services and make business decisions
- to send you promotional messages in order to carry out our public task or function as a government department
- to seek your feedback and improve our services
If your enquiry relates to domestic services, we will pass your personal data to the Business Support Service within DBT for them to manage your request.
Lawful basis for processing your personal data
Our lawful basis for processing your personal data is that the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, per Article 6 (1)(e) of the UK GDPR.
In 2021, the ICO issued guidance clarifying that promotional messages issued by public sector organisations would not be classed as direct marketing if those promotional messages are necessary for the performance of a public task or function.
In view of this clarification, DBT relies on the ‘public task’ lawful basis when sending promotional messages to carry out DBT’s public tasks or functions. This is without prejudice to your right to object and to exercise other applicable rights available under the regulation. The full details of data subjects’ rights and how to contact us is provided below.
How we share your personal data
Depending on your enquiry, your personal data may be shared with the following organisations:
- UK Export Finance
- Other Government Departments (Foreign, Commonwealth and Development Office, Cabinet Office)
- Devolved Administrations (Welsh Government, Scottish Government, Invest Northern Ireland)
- Local Enterprise Partners (38 organisations) including Local Government and trade bodies.
Overseas Delivery Partners, operating under grant letter to DBT
Other third parties under contract to support the above purposes (These include and are not limited to: Adetiq, UK Shared Business Services, Kantar Public, Dun and Bradstreet Ltd, Zendesk, Freshdesk, Green Park, Profusion, MadeTech).
You will be notified if your information is shared with other third parties not included in this list.
DBT or organisations contracted by DBT may contact you using the information you provide, in order to request feedback on the services and for your input on how to improve them.
Aggregated analysis may be shared with the Information Commissioner’s Office (ICO) the Government Internal Audit Agency (GIAA), the National Audit Office (NAO)
We will not:
- sell or rent your data to third parties.
How we protect your personal data
We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data - for example, we protect your data using password protection, limiting staff access to specifically ‘security cleared’ individuals. We also take steps to ensure any third parties we deal with keep all personal data they process on our behalf secure and in line with data protection legislation.
How long we keep your data
We will only retain your personal information for as long as:
- it is needed for the purposes set out in this document
- the law requires us to,
In line with DBT’s retention and disposal policy and schedules, your personal data will be retained for 7 years from the date when it was provided, or subsequently updated, and then disposed of.
Anonymised information related to your query, our advice, aggregated analyses, and any other related information will be retained for up to 15 years from the date when the advice was provided or the analyses approved.
Accuracy
We take all reasonable steps to keep your personal data in our control and used on an on-going basis, accurate, complete, current and relevant, based on the latest information provided to us. We rely on you to keep us informed about any changes to your personal data in keeping with UK GDPR principles.
Your rights and access to your information
You have the right to request:
- information about how your personal data is processed.
- a copy of that personal data
- that anything inaccurate in your personal data is corrected immediately
You can also:
- raise an objection about how your personal data is processed
- request that your personal data is erased if there is no longer a justification for it
- ask that the processing of your personal data is restricted in certain circumstances
- request an opt-out from being contacted for research purposes
Contacting us
If you have any questions about this privacy notice or how we handle your personal information, or exercise your right as aforementioned, you can also write to us at:
Data Protection Team
data.protection@businessandtrade.gov.uk
Department fFor Business and Trade
Old Admiralty Building
Admiralty Place
LONDON, SW1A 2DY
You can also make a complaint to the Information Commissioner, who is an independent regulator.
casework@ico.org.uk
Telephone: 0303 123 1113
Textphone: 01625 545860
Monday to Friday, 9am to 4:30pm
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Changes to this privacy notice
We reserve the right to update this privacy notice at any time and we will provide you with a new privacy notice if we make any substantial updates.
The Department for Business and Trade are registered as a Data Controller under the General Data Protection Regulation and Data Protection Act 2018.
Confidentiality
Information provided whilst using this service, including personal information, may be disclosed in accordance with access to information regimes, primarily the Freedom of Information Act 2000 (FOIA).
If you want the information you provide to be treated confidentially, please be aware that, in accordance with the FOIA, public authorities are required to comply with a statutory code of practice which deals, amongst other things, with obligations of confidence.
In view of this, it would be helpful if you could explain to us why you wish that information to be treated confidentially. If we receive a request for disclosure of that information, we will take full account of your explanation, but we cannot give an assurance that confidentiality can be maintained in all circumstances.