We are committed to safeguarding the privacy of our website visitors and all stakeholders; this policy sets out how we will treat your personal information.
1. What information do we collect?
We do not share any of our contacts information with other organisations and only use it to inform our stakeholders and other interested parties about our work. We do not generally engage in the email marketing of services, and any information emails we send have an “unsubscribe” option. At our offices we do not require any personal information in order for visitors to use our guest Wifi while they are on the premises, and the Wifi does not connect with our IT network.
We may collect, store and use the following kinds of personal information:
- information about your computer and about your visits to and use of this website;
- information that you provide to us for the purpose of registering with us;
- information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters.
During the period of the Covid 19 lockdown, we will be using Zoom to broadcast our webinar series and other events. These events will be recorded and made public on our website and on our social media platforms for the purposes of promoting research activities. A list of those registering for these events will be held for reporting purposes.
A cookie consists of information sent by a web server to a web browser and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites.
|Session cookie||SESS<…>||When required, cookies beginning with ‘SESS’ are used to track an individual’s persistent status, such as whether they are logged in.|
|Google analytics||_utma_utmb_utmc_utmz||These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.|
3. Using your personal information
We may use your personal information to:
- enable your use of the services available on the website;
- send you email notifications which you have specifically requested;
- send to you details of ESCoE events, publications, e-newsletter and other communications relating to our business which we think may be of interest to you, , by email or similar technology (you can unsubscribe at any time). If unsubscribing to our mailing list we will maintain a log of this request for our records;
- deal with enquiries and complaints made by or about you relating to the website.
We will not provide your personal information to any third parties for the purpose of direct marketing.
In addition, we may disclose your personal information:
- to the extent that we are required to do so by law;
- in connection with any legal proceedings or prospective legal proceedings;
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
5. Security of your personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
The ESCoE is hosted at the National Institute of Economic and Social Research (NIESR). Data held at NIESR is kept in a protected IT environment, in line with the requirements of ISO 27001 on Information Security (for which NIESR is accredited) and the requirements of Cyber Essentials (for which NIESR is also accredited). NIESR is registered with the Information Commissioner’s Office (ICO): registration number Z4953990.
The shared data drives on the NIESR server are accessible only to staff who require access to them for NIESR related work, and data are deleted once the work has been completed. We also have a disposal policy for records of former staff, interviewees and other visitors to our offices.
You are entitled to view, amend, or delete any personal information that we hold about you. Please email your request to NIESR’s Data Protection Office: email@example.com
Data security breaches are prevented by stringent Data Security Procedures practiced by NIESR and stakeholders. Any data breach detected is notified within 72 hours to ICO and the individual/s as per GDPR Guidelines.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping your password and user details confidential..
6. Policy amendments
7. Your rights
You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity.
You may instruct us not to process your personal information for marketing purposes by email at any time. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal information for marketing purposes.
8. Third party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
What information we may collect
- We collect data directly from job applicants who provide data to apply for a specific, advertised job or by speculatively submitting a CV. This will include data from covering letter/CVs, as well as data acquired during interviews and from referees.
Why we collect and process this information and how we will use it
- We process data from applicants in order to manage our recruitment process and to assess the skills and experience of applicants to confirm suitability for employment. The organisation may also need to process data from job applicants to respond to and defend against legal claims. It may also use the data to inform future decisions about where and when to recruit. Access to the data is given to the recruitment panel. In the case of employment referees, contact will only be made with the prior consent of the candidate.
Lawful basis for processing this information
- The lawful basis for processing information from a job application is consent, which you are providing by submitting an application. Where information is required to comply with legal obligations (e.g. it is required to check a successful applicant’s eligibility to work in the UK before employment starts) the lawful basis for processing some information is legal.
How long we keep your information
- For unsuccessful candidates, data will be held for six months from the date of application before being deleted from our systems. For successful candidates, a contract will be entered into and personal data will be transferred to a personnel file.