This is UK Export Finance’s information charter page. It’s about our data protection policy, and includes information on the data we hold on you and how you make a request for this information.
UK Export Finance is committed to our obligations under the Data Protection Act, the Freedom of Information Act (FOIA) and the Environmental Information Regulations. This charter sets out how we aim to meet these obligations.
We may need to handle information about you or your business so that we can provide better services for you. This is how we look after that information.
If we receive non-personal information from third parties we must comply with any legal obligations which apply to that information.
If we ask you for personal information - and you provide it to us - we must comply with our obligations under the Data Protection Act. They include:
- saying why we need that information
- asking only for the information that we need, and not to collect too much or irrelevant information
- protecting that information and making sure that nobody has access to it who shouldn’t
- letting you know if we will share it with other organisations - and whether you can object to that
- not keeping it for longer than necessary
In return, we ask you to:
- give us accurate information
- tell us as soon as possible if there are any changes to that information
This helps us to keep your information reliable and up to date.
You can find more details on:
- how to find out what information we hold about you and how to ask us to correct any mistakes
- agreements we have with other organisations for sharing information
- how we check the information we hold is accurate and up to date - see our information security risk management policy below
- how to make a complaint
UK Export Finance will retain all pay and pension files, relating to individuals, for either 7 years after the State Pension age or 7 years after an individual leaves employment with UK Export Finance, whichever is the later. Why do we set this period of retention? While requirements under the Data Protection Act will always be taken into account (including ensuring that information is not kept longer than is necessary), we also have to consider that such documents are valuable as evidence of actions, rights and obligations under pay and pension provision.
Information security risk management
UK Export Finance’s information security policy is aligned to ISO2701 best practice. It covers:
- security policy
- the organisation of security
- asset management
- human resources security
- physical and environmental security
- communications and operations management
- access control
- information systems acquisition, development and maintenance
- information security incident management
- business continuity management
Rights to request information under the Data Protection Act
To make a request under the Data Protection Act for information which we hold on you, please email us at firstname.lastname@example.org.
Requests for other types of information
The Freedom of Information Act and the Enviromental Information Regulations gives you the right to request general information held by us. Find out how to make a freedom of information request.
Queries and concerns
If you have any queries or concerns or want to make a complaint regarding our holding or use of personal or non-personal information, please email us at email@example.com.
For independent advice about data protection, privacy and data sharing issues, please contact the Information Commissioner at:
Telephone: 0303 123 1113 (local rate) or 01625 54 57 45
Fax: 01625 524510
You can find out more on the Information Commissioner’s Office website.