Date last updated: 7 March 2023
Introduction
This privacy notice tells you about how we handle the data you share with us.
We are committed to keeping your data safe and we want to make it clear how we collect, store and process it. This notice complies with data protection laws, any requirements stipulated by our funders and is aligned to the North East LEP’s accountable body (the North of Tyne Combined Authority’s) Data Protection Policies.
We will only use your data for the direct promotion or marketing of goods and services with your consent.
If you have any questions about our Privacy Notice, you can contact us at:
Name: North East Local Enterprise Partnership
Address: 1 St James Gate, Newcastle upon Tyne, NE1 4AD
Phone Number: 0191 561 5420
E-mail: [email protected]
Our Data Protection Officer can be contacted via: [email protected].
What information do we collect from you?
We collect data as prescribed by our funders along with some core data for our own records. Some examples of the data we collect are below, but not limited to this list:
- Business /organisation/ partner information – name, address including postcode, phone number website URL, email headquarter location, information on 51% BME, Female and family businesses information, business information available from public sources such as Companies House. Individual information – contact name, job title, email, phone number, position. Special category data, including your gender, ethnicity, disability and age.
- Business specific information, including company registration number or other unique reference number (HMRC VAT registration number/HMRC employer’s number/PAYE reference number), trading details, location, actual and forecasted accounting information, number of employees, description of the business, annual staff costs, annual depreciation costs, actual and forecasted turnover and profit, innovation and R&D spend
- Your comments, opinions and reflections on your current and future business growth opportunities
- Investment plans including sources of funds
- Evidence of defrayal of funding and audit reports in relation to projects that we financially support
- Actual outcome data from projects receiving financial support
- Business support/finance or funding referral information: purpose of referral, date, summary and an indication of whether the referral is taken up.
- Survey responses and data from forms you submit on our website – the data fields of which vary, depending on the purpose of the exercise.
What do we use this data for?
The North East LEP is responsible for developing and delivering a number of projects and programmes and your data helps us do this effectively. With your permission, we also want to keep you up to date with what we do and new projects and programmes as they come online.
Some of the specific things that we use your data for include, but is not limited to:
- Sending you e newsletters and marketing information about our activity and services
- Enable you to take part in our funding and delivery programmes
- Consider applications you make for grants, processing grant claims and monitoring grant performance and compliance
- To inform intelligence reporting at a regional and national level by aggregating the data and intelligence we have to inform and develop policy and strategy agendas
- Comply with our legal obligations including fraud protection and crime prevention
- To support our financial claims for external funding requirements
How do we collect data from you?
Most of the data we collect is provided to us directly from you, this includes but is not limited to:
- Completing survey response or responding to a consultation request
- Providing project applications to be part of our programmes and follow on submission of appraisal information, performance monitoring and evaluation data as a participant on these programmes
- Completing one of our online forms, including signing up to our newsletters and requesting an appointment
- Recorded telephone calls
- When you send us a complaint or feedback
- Submitting a job application or employee information
- Taking photographs at our events
- Tender submissions
- Licensed and publicly available databases and systems, including, but not exclusive to Companies House, Fame, Red Flag Alert, WordNerds, Dodds (note all licensed products we use are GDPR compliant and used in accordance with the guidelines set by the company).
- Our segmentation and diagnostic tool which can be completed as a self-assessment or with a member of the North East LEP team as part of a 121 appointment.
- Signing-up and attending an event.
Who do we share your information with?
We will never share your data with third parties for marketing or commercial reasons.
We will share data with our partners, delivery organisations and funders where it is essential for them to provide a service or those that providing funding, if we have an agreement with them or if we have a lawful basis to do so.
We may share data for research or evaluation purposes. This data is always anonymised, and we use aggregated data for research purposes. Any case studies that are developed are checked with the business / person before any dissemination.
We could share your data with the following people and organisations:
| Organisation or individuals | Why we share data with them |
Government and national partners
| Government | For monitoring, evaluation and audit purposes and in relation to programmes government funded. Government does have the use of third party suppliers for evaluation work, GDPR compliance etc. For compliance checks in relation to the National Assurance Framework for LEPs. To provide North East intelligence of pertinent issues, challenges and opportunities related to specific contexts i.e. COVID-19 and EU transition to inform their national response. |
Programme delivery
| Programme networks and cohorts you have joined | If you are part of a cohort or programme network we might setup meetings or send you information which will be sent to the entire group, this will allow you to communicate within the network should you wish to. |
| External funding providers | Submission of financial claims for external funding for our Programmes. Information will also be made available for audit and claim verification purposes. |
| Mentors (individual organisations) through the Mentoring Programme | We share the mentee profile with the mentor so they are able to provide advice and guidance and offer support to the mentee |
| UMi | Administration of grant finances for the Made Smarter Programme |
| Innovation Super Network | Challenge North Tyne |
| North East LEP Skills Bootcamp Consortium | We share information across a range of training providers and FE colleges who are signed up to the consortium. |
Local and regional strategic partners
| North of Tyne Combined Authority | As the accountable body for the North East LEP to enable scrutiny and compliance checks of LEP Board decisions with regards to financial and legal requirements and standards. |
| Tees Valley Combined Authority | We work in partnership with them to deliver programmes, such as the Made Smarter Adoption North East Programme |
| Northumbria and Teeside Universities | We work in partnership with them to deliver programmes, such as the Made Smarter Adoption North East Programme |
| Growth Hub Provider Network | To provide support to your business |
| Manchester Growth Company who manage the national Made Smarter Adoption Programm | They manage the national Made Smarter Adoption Programme |
| UMi | We work in partnership with them to deliver programmes, such as the Made Smarter Adoption North East Programme. |
| Winning Moves | www.benchmarkindex.com/privacy. |
How we store your personal information
Your information is securely stored on Microsoft SharePoint file through the security of Sunderland City Council’s IT service provided.
We also use the following sources that each have their own privacy or GDPR compliance statement:
| Where information is stored | Links to privacy and GDPR information |
| Mailchimp | General Data Protection Regulation (GDPR) Compliance: Get GDPR Consent for Marketing (mailchimp.com) |
| CRM | The GDPR information for the CRM through the provider Microsoft Dynamics. Find out more on the Privacy – Microsoft privacy |
| BT Cloud | Privacy – Microsoft privacy Privacy Policy | BT |
| Smugmug | Privacy (smugmug.com) |
| Survey Monkey | GDPR and CCPA Compliance | SurveyMonkey |
| Microsoft | Information is hosted on the Microsoft SharePoint environment hosted on Sunderland City Council’s ICT service, with appropriate organisational and technical measures to meet the requirements set out under Article 32 of the UK GDPR”. |
We also use WordPress and CORE Content Management Systems for our six websites:
- North East Local Enterprise partnership
- North East Growth Hub
- North East Evidence Hub
- North East Ambition
- Challenge North East
- Net Zero North East England
How long do we keep information
We keep information for the required time period in accordance with our Data Protection Retention Policy that can be accessed here.
For business/organisations who have participated in the North East Ambition ESF funded programme, we are required to retain the information up to 10 years after the programme ends (December 2023). This date may be sooner if we are advised by the Managing Authority guidance European Social Fund: document retention – GOV.UK (www.gov.uk).
Our legal basis
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing information is:
- Your consent. You are able to remove your consent at any time. You can do this by contacting [email protected]
- We need it to perform a public task – this includes being asked by government to share details because it relates to funding we have been issued.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of the personal information we hold for you
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances. This includes updating your preferences about us contacting you. You can do this at any time by contacting [email protected]
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at [email protected] if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at [email protected].
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk