Guidance

Government Security Awards 2022 privacy notice

Published 3 February 2022

This notice sets out how we will use your personal data, and your rights. It is made under Articles 13 and/or 14 of the UK General Data Protection Regulation (UK GDPR).

Your data

The purpose(s) for which we are processing your personal data is(are):

The annual Government Security Awards will take place in March. Nominations are open to all members of the Government Security Function, with nomination forms distributed via the Government Security Bulletin & Newsletter (both voluntary subscription only).

We will process the following personal data:

• name
• department
• email
• number
• business unit
• job title

The legal basis for processing your personal data is:

• processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller
• data subject consent (for the winner: a short video clip of winner to be recorded from home receiving their award)

Your personal data will be shared in the below ways:

1. Share the full list of nominations using 2X internal channels: Government Security Profession Newsletter and Government Security Bulletin - both have 1000+ subscribed followers who are all part of the government security function. In both we would just include the nominees names, departments and the category they were awarded for.

2. We would also like to share the full list of nominees with all nominees and nominators via email - all addresses would be BCC’d.

As your personal data will be stored on our IT infrastructure it will also be shared with our data processors who provide email, and document management and storage services.

Your personal data will be kept by us for 6 months after the award ceremony in case there is a need to respond to any queries or challenges.

Your rights

You have the right to request information about how your personal data are processed, and to request a copy of that personal data.

You have the right to request that any inaccuracies in your personal data are rectified without delay.

You have the right to request that any incomplete personal data are completed, including by means of a supplementary statement.

You have the right to request that your personal data are erased if there is no longer a justification for them to be processed.

You have the right in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted.

You have the right to object to the processing of your personal data where it is processed for direct marketing purposes.

You have the right to object to the processing of your personal data.

You have the right to withdraw consent to the processing of your personal data at any time.

Complaints

If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow, Cheshire
SK9 5AF
0303 123 1113
icocasework@ico.org.uk

Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.

Contact details

The data controller for your personal data is the Cabinet Office. The contact details for the data controller are:

Cabinet Office
70 Whitehall
London
SW1A 2AS
0207 276 1234

Cabinet Office Public Enquiries: Contact Form

The contact details for the data controller’s Data Protection Officer are: dpo@cabinetoffice.gov.uk

The Data Protection Officer provides independent advice and monitoring of Cabinet Office’s use of personal information.