Good Governance Institute sees the new General Data Protection Regulation, known as GDPR, as an opportunity for you to have more control over how your data is used. The changes will help to better protect your personal data and will allow you to access the information on file faster and more effectively.
We are strongly committed to protecting personal data and will ensure your information is confidential. This privacy statement describes why and how we collect and use personal data, and provides information about your individual rights. This applies to personal data provided to us, both by you or by others. We may use the personal data provided to us for any of the purposes described in this privacy statement, as contractually agreed, or as stated at the point of collection.
Personal data is any information relating to you. The Good Governance Institute collects and processes personal data for two reasons, as part of a contractual relationship, or to keep you informed on events, reports and announcements. When collecting and using your personal data, our policy is to be transparent about why and how we process that data.
Types of data we collect and process
We collect information in cases where there is a contractual relationship to deliver a programme of work, and we need to process personal data to comply with our obligations under the contract. Additionally, information is collected when we are asked to provide a proposal for work which may include email addresses.
At GGI, knowledge sharing forms an important component of our work, enabling us to share our expertise, experience and learning. Our tools, resources and events focus on best practice across various sectors, supporting organisations to improve governance practice and creating opportunities for partners to connect and share learning. We collect personal data which includes email addressed, job titles and employer information in order to keep people informed of news about our events, resources and learning opportunities, as well as to ensure our records are right, which will involve verifying every now and then that you are happy for us to continue to store your information.
For visits on our website, www.good-governance.org.uk, we use a third-party service, Google Analytics, to collect standard internet log information and visitor patterns. We do this to find out the number of visitors to the various parts of the site for example, however, this information is processed in a way which does not identify anyone. Neither GGI or Google collects any information related to the identity of those visiting our website.
We ensure the security of all the personal data that we have on record through use of the data storage system Drupal CiviCRM, which is hosted in the European Union on a secure certificated server. Additionally, we have a framework of policies, procedures and training in place which address data protection, confidentiality, security and regular review of the measures we employ to keep data secure. We (GGI LTD) are registered with the Information Commissioner’s Office, ICO (Registration number: ZA077038), and we are also registered with NHS Digital (our organisational code is 8K008) for the Data Security and Protection Toolkit.
Data controller and contact information
Please contact Laura Botea, data controller for the Good Governance Institute and GGI Ltd, if you have any questions about this privacy statement including how and why we process personal data:
Good Governance Institute
70 South Lambeth Road, London SW8 1RL
Phone: 0773 268 1132
The introduction of GDPR ensures that it is the responsibility of GGI as a data controller to enable you to have access and control over your personal data.
If you wish to see full details of the information we have on file, you can make a subject access request under the General Data Protection Regulations to firstname.lastname@example.org.
To update personal data we are holding or to withdraw consent, you may email us at email@example.com, and we will promptly amend any information found to be incorrect, or remove any personal information from our system.
Changes to this privacy statement
At GGI, ensuring your personal data is kept secure is seen as an ongoing responsibility, therefore we will keep this privacy statement under regular review. This privacy statement was last updated on 21 May 2018.
If you are unhappy about our use of your personal data, please send us an email with the details of your complaint to firstname.lastname@example.org, and we will respond promptly. You also have the right to lodge a complaint with the Information Commissioner’s Office. For further information on your rights and how to complain to the ICO, please visit the ICO website.