Personal information charter
How UK Export Finance handles your personal information
This is UK Export Finance’s personal information charter page. It’s about our data protection policy, and includes information on the data we hold on you and how you make a request for this information.
We may need to handle information about you or your business so that we can provide better services for you. This is how we look after that information.
If we receive non-personal information from third parties we must comply with any legal obligations which apply to that information.
If we ask you for personal information - and you provide it to us - we must comply with our obligations under the Data Protection Act. They include:
- saying why we need that information
- asking only for the information that we need, and not to collect too much or irrelevant information
- protecting that information and making sure that nobody has access to it who shouldn’t
- letting you know if we will share it with other organisations - and whether you can object to that
- not keeping it for longer than necessary
In return, we ask you to:
- give us accurate information
- tell us as soon as possible if there are any changes to that information
This helps us to keep your information reliable and up to date.
You can find more details on:
- how to find out what information we hold about you and how to ask us to correct any mistakes
- agreements we have with other organisations for sharing information
- how we check the information we hold is accurate and up to date - see our information security risk management policy below
- how to make a complaint
Information security risk management
UK Export Finance’s information security policy is aligned to ISO2700 best practice. It covers:
- security policy
- the organisation of security
- asset management
- human resources security
- physical and environmental security
- communications and operations management
- access control
- information systems acquisition, development and maintenance
- information security incident management
- business continuity management
Rights to request information under the Data Protection Act
To make a request under the Data Protection Act for information which we hold on you, please email us on email@example.com
Requests for other types of information
The Freedom of Information Act (FOIA) and the Enviromental Information Regulations (EIRs) gives you the right to request general information held by us. Find out how to make an FOI request.
Queries and concerns
If you have any queries or concerns or want to make a complaint regarding our holding or use of personal or non-personal information, please email us at firstname.lastname@example.org
For independent advice about data protection, privacy and data sharing issues, please contact the Information Commissioner at:
Telephone: 08456 30 60 60 or 01625 54 57 45
Fax: 01625 524510
You can find out more on the Information Commissioner’s Office website.