Privacy Policy
Introduction
The Thames Estuary Growth Board (“the Company”) understands that the information you trust us with is important to you, and we are committed to protecting that information and respecting your privacy.
As part of this we are fully committed to complying with the provisions of relevant Data Protection legislation and regulations including UK General Data Protection Regulation (UK GDPR).
This privacy policy sets out how, when and why we collect, use, share and retain your personal information, in what situations we may disclose it and how we keep it secure.
This policy is effective as of 15th May 2023. It will be assessed annually against new technologies, business practices, regulatory changes and the evolving needs of the Company and the services provided by it.
The Policy covers all brands, services and activities operated by the Company, including, but not limited to, Investuary and other activities of the Board and Executive Team as well as any other brands or products that are created in the future.
We are registered with the Information Commissioners Office, the UK’s Data Protection Authority.
What information we collect about you
The information we collect may include personal information about you and others in your organisation. Primarily this is information we collect directly from you, some automatically, primarily in the following circumstances:
- filling in forms on any of our platforms;
- as part of using our services;
- by corresponding with us by phone, e-mail, WhatsApp, Teams, Zoom, Google Meet, online chat or otherwise;
- registering on one of our platforms;
- interacting with our platforms;
- sharing information on social media from our platforms; or
- reporting a problem or concern with one of our platforms.
The Company does not collect personal data about individuals except where there is a legitimate business requirement or when such information is provided on a voluntary basis.
With regard to each of your visits to our sites we may automatically collect the following information:
- technical information, including the internet protocol (IP) address used to connect your computer to the internet, type of mobile device you use, a unique device identifier (for example your device’s IMEI number, the MAC address of the device’s wireless network interface or the mobile phone number used by the device), mobile network information, your mobile operating system, your login information, browser type and version you use, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit to our platforms such as Investuary, including the full uniform resource locators (URL) clickstream to, through and from our platforms (including date and time); pages you viewed or information you searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number;
- details of your use and visits to any of our platforms including, but not limited to traffic data, web logs and other communication data;
- we also use GPS technology in some apps to determine your location. Some of our location-enabled services within apps require your personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by adjusting the settings of the application on your mobile device.
We may receive information about you if you use any other websites we operate or other services we provide. We also work with third parties (including, for example, electronic analytics, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, investment agencies) and may receive information about you from them.
The personal information we collect can include:
- your full name;
- postal address and country;
- company/organisation;
- employer and job title;
- e-mail address;
- records of your correspondence with us;
- phone number (s);
- username and password;
- photos and videos;
- social media account names;
- and any other information you may share with us or enter into any of our platforms.
Why we use the information about you
We collect and use your personal data to give you information in relation to activities that you might engage with in collaboration with us and/or services that we may provide you including the securing of investment, engaging with Investuary, and our sector-based workstreams and events.
In addition, we may contact you to seek your views or comments on emerging investment, political or economic issues; to undertake research and analysis; to protect us and you from fraud; to improve the services we offer; to report to our funders; and to inform you of other services or activities that may be of interest to you.
The personal data held by the Company may also be used on an aggregate basis without any personal identifiers to provide third parties with information about the Estuary more broadly, e.g., its economic and business composition; to help us develop services or improve the features and content of our websites including Investuary; and to provide funders, investors and others with aggregate information about our partners.
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we principally rely on for processing this information are:
- Performance of a contract: where the use of your information is necessary to perform and or comply with a legally binding contract that you have with us, including Non-Disclosure Agreements.
- Legitimate interest: we may use your information for our legitimate interests including to provide you with the most helpful and relevant support, website experience, emails or newsletters, or to improve and promote relevant help and services, along with administrative, fraud prevention and detection and legal purposes.
- Consent: we may rely on your consent to use your personal information for certain services or for direct marketing purposes. You may withdraw your consent at any time. Please use the opt-out at the bottom of some emails or contact us using the details provided at the end of this policy if you do not wish to share your personal information.
Sharing information
We may share your information with trusted third-party service providers, partners and/or funders in certain circumstances. We may share your information with selected third parties including:
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- we may (with your consent, where appropriate) pass your details onto third parties including our partners to provide you with information and offers which may be of interest to you;
- advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, business women in the United States). We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience; and
- analytics and search engine providers that assist us in the improvement and optimisation of our platforms.
We do not sell your personal information to third parties.
Retaining your data
The personal data collected is stored in one or more of the Company’s CRM and other appropriate data management systems, both paper-based and electronic. The Company and the information we collect about you is subject to various regulatory, legislative and contractual requirements.
We will endeavour not to keep your personal information for longer than required for us to fulfil our obligations to you, our funders and legal/regulatory authorities. Where it is not possible for us to delete your data, we will ensure appropriate security and organisational measures are in place to protect your data.
If you request to receive no further contact from us, we will keep some basic information about you on our suppression list in order to avoid sending you unwanted materials in the future.
Information security
We work hard to keep your data safe. We use an appropriate combination of technical and organisational measures to ensure, as far as reasonably possible, the confidentiality, integrity and availability of your information at all times. We have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. If you have a security concern, please contact us using the contact details at the end of this policy.
We limit access to your personal data to only those employees, contractors or agents and funders who have a legitimate business need to have access to that data. They will be subject to a duty of confidentiality and due care with respect to handling the personal data.
Information we collect through your use of our websites
We collect information through the use of cookies and similar technologies to enable us to remember you when you visit our websites and to improve your on and offline experience.
The use of these cookies helps us understand how you use our websites, view our services and respond to our communications activity, so we can tailor communications and enhance our partner offering to you.
When you visit one of our websites we may record your device information, including IP address, hardware and software used, general location and when and how you interact with our websites.
This information is retained and used to note your interest in our partner offering and improve your experience. When you receive communications emails from us, we may use technology or links to determine how you use our direct communications and your interest in it.
To find out more about our use of cookies and related technologies please contact us using the contact details at the end of this policy.
Links to Third Party Sites
Where appropriate and only for the legitimate business needs of the Company and its partners, the Company may provide links to third party web sites, or advertisements which contain links to third-party sites.
These links are provided as a service to you. The linked third-party websites are operated by independent entities that have their own privacy policies. This privacy policy does not apply to such other websites or to the use that those entities make of your information. The Company has no control over the content displayed on such sites, nor over the measures, if any, taken by such sites to protect the privacy of your information.
The Company’s websites may also serve third party advertisements, or other content that contains their own cookies or tracking technologies. The Company does not control the use of those technologies.
Social media
We may use third party provided tools to manage our social media interactions. If you send us a private or direct message via social media the message may be stored by these tools. Like other personal data, these direct messages will not be shared with any other organisations.
Opt-out
If you do not wish to receive marketing, updates or other such material, you may opt out by contacting us at the details at the end of this policy. In addition, we may use the ‘unsubscribe’ option on some email generated content.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access: you have the right to ask us for copies of your personal information.
- Your right to rectification: you have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure: you have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing: you have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing: you have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability: you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. If you have any questions about how we use your personal information, please contact us using the details at the end of this policy.
Complaints
We work hard to ensure your personal information is treated safely and securely. However, if you have a complaint please write to us using the contact details at the end of this policy. You can also complain to the ICO if you are unhappy with how we have used your data.
ICO’s address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline number: 0303 123 1113
ICO website: www.ico.org.uk
Contact
Who to contact in relation to processing of personal information or with regard to any matters above:
Holly Williams, Head of Operations, Thames Estuary Growth Board, Pennine Place, 2a Charing Cross Road, London WC2H 0HF
Or: holly.williams@thamesestuary.org.uk
Please note that because of regulatory, legislative or contractual requirements it may not be possible for us to delete your data.
Privacy Policy Issue 1.1. Dated 15.05.23.