© Crown copyright 2018
This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: firstname.lastname@example.org.
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://www.gov.uk/government/publications/govuk-blogging-platform-privacy-notice/govuk-blogging-platform-privacy-notice
The GOV.UK blogging platform is a tool for people in government to blog about their work.
It’s provided by the Government Digital Service (GDS) which is part of the Cabinet Office.
The data controller for GDS is the Cabinet Office – a data controller determines how and why personal data is processed. Read the Cabinet Office’s entry in the Data Protection Public Register for more information.
What data we need
The personal data we collect from you will include an email address and a given name.
The legal basis for processing this data is the legitimate interests of individuals.
Why we need it
We collect your email address to send you email notifications about new blog posts. We collect an email address and a given name so that we:
- know you’re a real person
- can respond to your comments on our blog posts
What we do with it
We use the information you give us to send email notifications about new blog posts, and to know you’re a real person and can respond to your comments on our blog posts.
We will not:
- sell or rent your data to third parties
- share your data with third parties for marketing purposes
We will share your data if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.
How long we keep your data
We will only retain your personal data for as long as:
- it is needed for the purposes set out in this document
- the law requires us to
In general, this means that we will only hold your personal data for a minimum of 1 year and a maximum of 7 years.
Children’s privacy protection
Our services are not designed for, or intentionally targeted at, children 13 years of age or younger. It is not our policy to intentionally collect or maintain data about anyone under the age of 13.
Where your data is processed and stored
We design, build and run our systems to make sure that your data is as safe as possible at any stage, both while it’s processed and when it’s stored.
Your personal data will not be transferred outside of the European Economic Area (EEA) while it’s processed at GDS.
How we protect your data and keep it secure
We are committed to keeping your data secure. We set up systems and processes to prevent unauthorised access or disclosure of the data we collect about you – for example, we protect your data using varying levels of encryption. We also make sure that third parties we deal with have an obligation to keep all personal data they process on our behalf secure.
You have the right to request:
- information about how your personal data is processed
- a copy of any personal data you have provided in an accessible format
- that anything inaccurate in your personal data is corrected immediately
You can also:
- raise an objection about how your personal data is processed
- request that your personal data is erased if there is no longer a justification for it
- ask that the processing of your personal data is restricted in certain circumstances
If you have any of these requests, get in contact with our Data Protection Officer. Contact details can be found below.
Changes to this notice
We may modify or amend this privacy notice at our discretion at any time. When we make changes to this notice, we will amend the last modified date at the top of this page. Any modification or amendment to this privacy notice will be applied to you and your data as of that revision date. If these changes affect how your personal data is processed, GDS will take reasonable steps to make sure you know.
How to contact us
Contact the Data Protection Officer if you either:
- have any questions about anything in this document
- think that your personal data has been misused or mishandled
Data Protection Officer
If you have a complaint, you can also contact the Information Commissioner, who is an independent regulator set up to uphold information rights.