Privacy Notice for external contact information
This notice sets out how we will use your personal data, and your rights. It is made under Articles 13 and/or 14 of the General Data Protection Regulation (GDPR).
The purpose for which we are processing your personal data is to communicate with you.
The personal information is processed for the purpose of making contact with individuals for the following business purposes:
- making contact with suppliers about services actually or prospectively provided by them (for example, personal information about contact persons at suppliers we use, or about suppliers we may choose to use for occasional tasks)
- making contact with individuals to inform them, or seek their views, about our policies or proposals, outside of a formal consultation process (for example, contact details for people in charities or representative bodies)
- making contact with customers or clients about services provided to them by the Registrar
- making contact with potential consultant lobbyists to ensure they are aware of the statutory requirements
- making contact with officials in other departments or public bodies (including other governments) to discuss policy proposals or development, communications activity, or operational matters
We will process the following personal data:
- your name
- email address
- job title
- phone number
Where we have consulted you for your views, the information may include your opinions.
Legal basis of processing
The legal basis for processing your personal data is that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. The task is the development of Registrar’s policy, or the management of the Office of the Registrar.
Your personal data will be shared by us with officials in other public bodies. This would be to assist in the development of policy, or for operational reasons.
As your personal data will be stored on our IT infrastructure it will also be shared with our data processors who provide email, and document management and storage services.
Your personal data will be kept by us for the purposes of contacting individuals in particular roles, and once they leave those roles the information will be updated and or deleted. This should take place at least once a year.
You have the right to:
- request information about how your personal data are processed, and to request a copy of that personal data
- request that any inaccuracies in your personal data are rectified without delay
- request that any incomplete personal data are completed, including by means of a supplementary statement
- request that your personal data are erased if there is no longer a justification for them to be processed
- in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted
- object to the processing of your personal data where it is processed for direct marketing purposes
- object to the processing of your personal data
As your personal data is stored on our IT infrastructure, and shared with our data processors, it may be transferred and stored securely outside the UK. Where that is the case it will be subject to equivalent legal protection through the use of Model Contract Clauses.
If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, or telephone: 0303 123 1113, or email: firstname.lastname@example.org
Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.
The data controller for your personal data is the Office of the Registrar of Consultant Lobbyists, 1 Horse Guards Road (Room 3.26), London, SW1A 2HQ, or 020 7271 8827, or email@example.com.
The contact details for the data controller’s Data Protection Officer are: Stephen Jones, Data Protection Officer, Cabinet Office firstname.lastname@example.org.
The Data Protection Officer provides independent advice and monitoring on the use of personal information by the Registrar and their Office.