Guidance

OFSI e-alert subscription privacy notice

Published 24 May 2018

© Crown copyright 2018

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/ofsi-e-alert-subscription-privacy-notice/ofsi-e-alert-subscription-privacy-notice

This notice sets out how we will use your personal data, and your rights under Articles 13 and 14 of the General Data Protection Regulation (GDPR).

1. Data subject categories

The personal information relates to members of the public.

2. Data categories

Compulsory information:

  • email address

Optional information:

  • sector
  • region

3. Purpose

The personal information is processed for the purpose of a subscription service for members of the public, so they can stay informed with e-alerts regarding financial sanctions updates or specific topics. This will enable OFSI to process the following functions:

  1. provide subscribers with e-alerts relating to their preferences
  2. statistical analysis and data reporting, for example the number of subscribers per sector

To perform this process consent is needed from the data subject. OFSI will maintain a consent register.

5. Recipients

Your personal data will only be shared with relevant staff in HM Treasury and other organisations for the purposes listed above. External parties include:

  • Grancius – The cloud based solutions provider for communications
  • NTT - HM Treasury’s IT infrastructure provider

We only disclose the personal data that is necessary to deliver the service and we will have a contract in place that requires organisations to keep your information securely and not to use it for their own direct marketing purposes.

We will not:

  • sell information to third parties
  • share your information with third parties for marketing purposes

6. Retention

Your data will only be held for as long as necessary for the purpose of providing the data subject with e-alerts. The data subject can unsubscribe from this service at any point, an unsubscribe button is contained within each e-alert they receive. When a data subject unsubscribes from e-alerts, their data will be retained for 12 months from the date they unsubscribe.

7. Special data categories

No categories of special category data will be processed.

8. Basis for processing special category data

No categories of special category data will be processed.

9. Transferring data

Data will be held in the US and is covered by the EU-US privacy shield, which is recognised as adequate protection by the European Commission.

10. Your rights

  • You have the right to request information about how your personal data are processed, and to request a copy of that personal data

  • you have the right to request that any inaccuracies in your personal data are rectified without delay

  • you have the right to request that your personal data are erased if there is no longer a justification for them to be processed

  • you have the right in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted

  • you have the right to object to the processing of your personal data where it is processed for direct marketing purposes

11. Where to submit a data subject access request (DSAR)

If you would like to enact your rights, you can do so by submitting a Subject Access Request at:

DSAR
HM Treasury Data Protection Unit
G11 Orange
1 Horse Guards Road
London
SW1A 2HQ

Email: dsar@hmtreasury.gov.uk

12. Complaints

If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Phone: 0303 123 1113

Email: casework@ico.org.uk

Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.

13. Contact details

The data controller for your personal data is HM Treasury. The contact details for the data controller are:

HM Treasury
1 Horse Guards Road
London
SW1A 2HQ

Phone: 020 7270 5000

Email: public.enquiries@hmtreasury.gov.uk

The contact details for the data controller’s Data Protection Officer (DPO) are:

Data Protection Officer
1 Horse Guards Road
London
SW1A 2HQ

Email: privacy@hmtreasury.gov.uk

Back to top