Retailsectorcouncil.co.uk is provided by the British Retail Consortium, the secretariat to the Retail Sector Council (RSC).
An important part of our work is providing information and transparency about the work of the RSCl, communicating news about our activities and seeking views from the general public and businesses on current issues. To do so, we use personal information to keep in touch with individuals, as well as businesses and partners.
We will use the contact information you have given us to send you important information. This may be by post, email, text message or telephone.
We may also use the information we hold about you, in order to provide you with information about other products or services we feel may interest you.
The personal data we collect from you includes:
· questions, queries or feedback you leave, including your email address if you contact firstname.lastname@example.org
· your email address and subscription preferences when you sign up to our email alerts
· how you use our emails - for example whether you open them and which links you click on
· your Internet Protocol (IP) address, and details of which version of web browser
· information on how you use the site, using cookies and page tagging techniques
We use Google Analytics software to collect information about how you use retailsectorcouncil.co.uk. We do this to help make sure the site is meeting the needs of its users and to help us make improvements, for example improving site research.
Google Analytics stores information about:
· the pages you visit on retailsectorcouncil.co.uk
· how long you spend on each retailsectorcouncil.co.uk page
· how you got to the site
· what you click on while you’re visiting the site
We also collect data in order to:
· improve the site by monitoring how you use it
· gather feedback to improve our services, for example our email alerts
· respond to any feedback you send us, if you’ve asked us to
· send email alerts to users who request them
· allow you to access government services and make transactions
· provide you with information about local services if you want it
Our legal basis for collecting, holding and using your information
Data protection law sets the lawful legal bases (or ‘conditions’) which allow us to collect, hold and use your personal information. For the RSC, these are:
· For the purposes of our own legitimate interests. We believe that we have a legitimate interest in being able to provide useful information about the work of the Retail Sector Council. As set out in this notice, this sometimes requires us to collect and use personal information about individuals. We only use this legal basis where these interests are not overridden by your interests and fundamental rights or and freedoms.
· Where we have entered into a contract with you. In these circumstances, we may need to process your personal information in order to fulfil the contract. For example, this may apply if you book to attend an event organised by the Retail Sector Council.
· Where we are under a legal obligation to process personal information. For instance, we are required to collect certain information in accordance with our obligations under equalities legislation.
· Sometimes, we will ask you for your agreement to process your personal information. This is particularly the case when we wish to collect or use any special categories of personal information (see below).
Data protection law recognises certain "special categories" of personal information, which include information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information for uniquely identifying a person, information concerning health, and information concerning a person's sex life or sexual orientation.
These special categories are considered particularly sensitive and so we will only collect and use this information where you have given us your explicit consent or where we consider it necessary to do so. For example, you may choose to tell us about your health condition before attending one of our events, or your political opinions as part of a campaign. We will only use this information for the particular event or campaign and not for any other purposes.
Security and storage of your personal information
The information about you that we collect will not be transferred outside the European Economic Area (EEA).
We will generally keep personal information about you no longer than is needed for us to carry out the functions described in section 2 of this notice. For example:
· We will usually delete personal information that we collect related to our events after 18 months – to cover the annual event cycle. However, we may retain some information (such as attendance records) for longer where it is in our legitimate interests to do so.
· We will keep personal information held as part of our membership records for the duration of that organisation's membership. At the end of the membership, we will delete the majority of records and only retain the minimum information necessary to deal with any future issues.
You have the right to request from us access to your own personal information. This is sometimes known as a 'subject access request'.
You also have the right to ask us not to process your personal data for direct marketing purposes.
You can exercise this right by contacting email@example.com,
From 25 May 2018, you will have additional rights to request from us:
· That any inaccurate information we hold about you is corrected
· That your information is deleted
· That we stop using your personal information for certain purposes
· That your information is provided to you in a portable format
· That decisions about you are not made by wholly automated means
Many of the rights listed above are limited to certain defined circumstances and we may not be able to comply with your request. We will tell you if this is the case.
If you choose to make a request to us, we will aim to respond to you within one month. We will not charge a fee for dealing with your request.
If you are dissatisfied with how we are using your personal information or if you wish to complain about how we have handled a request, then please contact our Compliance Officer and we will try to resolve any issues you may have.
You also have the right to complain to the Information Commissioner's Office, which is the statutory regulator for data protection law. Find details of how to complain to the ICO.insert this hyperlink https://ico.org.uk/concerns/