This Privacy Statement was last reviewed and updated in November 2020 to reflect data protection laws operating across the European Union, particularly the General Data Protection Regulation (also known as the GDPR). We are committed to protecting your privacy and we comply with the GDPR and the UK data protection rules (together with associated guidance) (“Data Protection Laws“).
This Privacy Statement describes the information we may collect from you and explains how we use, store and share your personal data and supplements any fair processing notice provided to you, including the Personal Information Charter.
This website (“Website“) is run by the Department for Digital, Culture, Media & Sport (“we” and “us“, “DCMS“). DCMS is the controller for the personal information we process, unless otherwise stated.
Any changes to this Privacy Statement in the future will be posted on this page, and where appropriate, notified to you by email. We will also post a notice on the Website landing page. Please check back frequently to see any updates or changes to this Privacy Statement.
Where do we get your information?
Beneficiaries: We collect your information from your supplier, who has registered with us as part of the Gigabit Broadband Voucher Scheme “the Scheme”.
Supplier representative: We collect your information from your employer.
What information do we receive about you?
We receive information such as your name, address and postcode.
Why do we need this information?
To operate and administer the Scheme effectively, verify the use of vouchers, determining eligibility for the Scheme and to report on the effectiveness of the Scheme to local and central government.
Who do we share the information with?
Registered suppliers, relevant local bodies, other government departments and local and central government.
Otherwise, we will only disclose your information to:
(a) our professional advisors (including without limitation tax, legal or other corporate advisors who provide professional services to DCMS)
(b) regulators (including Ofcom), law enforcement or fraud prevention agencies, courts, the police and any other authorised bodies, for the purposes of investigating any actual or suspected criminal activity or other regulatory, legal, commercial or public matters etc.
The use of your personal information by third parties under (b) will be governed by such third parties’ privacy statements and policies, which you should familiarise yourself with. These parties are also “controllers”, which means they have independent obligations under the Data Protection Laws to protect your personal data and provide you with information as to how they process it (subject to certain exemptions). We also have contracts in place with these third parties to safeguard the personal information we share with them.
(c) other third-party suppliers for business administration or IT purposes
The use of your personal information by third parties under (c) is governed by this policy. We appoint these third parties on a “processor” basis, which means they are subject to contractual and legal obligations to protect your personal information in line with the Data Protection Laws, this policy and contractual obligations we have put in place with these third parties to safeguard the information we share.
(d) analytics or search engines, including Google that enable us to optimise and improve your website experience. For more information, please see our cookies policy.
On what basis can we process your information?
We process your information on the basis that it is necessary for the performance of a task (i.e. the operation of the Scheme) carried out in the public interest. Your personal data may be processed for statistical analysis that may be published on an anonymous basis, for example in the form of location maps (or other types of graphical or literary representation).
DCMS has put in place various security measures in accordance with up-to-date industry procedures as set out in this Privacy Statement to keep personal data as safe and secure as possible and to protect from unauthorised or unlawful processing and accidental loss, destruction or damage.
We have in place appropriate policies, rules and technical and organisational measures to protect your personal information from unauthorised or unlawful processing, and against accidental loss, destruction of or damage to personal information.
Supplier representatives: You are responsible for protecting your password and username when logging into the portal and must not share it with, or disclose it, to anyone.
HOW LONG WE KEEP YOUR INFORMATION
We will typically keep your personal data for ten (10) years (as we are required to keep records about who benefits from vouchers for this period).
You have a number of rights under data protection laws in relation to the way we process your personal data. These are set out Here. You may contact us to exercise any of these rights, and we will respond to any request received from you promptly and in compliance with data protection laws.
We encourage you to contact us first if you have any queries, comments or concerns about the way we handle your data. However, if you are not satisfied with our handling of any request by you in relation to your rights or concerns, you also have the right to make a complaint to our lead supervisory authority, which is the UK’s Information Commissioner’s Office.
For further information from us on data protection and privacy or any requests concerning your personal information please contact us.