Guidance

Privacy Notice for UK G7 Presidency

Published 18 February 2021

This notice sets out how we will use your personal data, and your rights. It is made under Articles 13 and/or 14 of the General Data Protection Regulation (GDPR).

1. Your data

1.1 Purpose

The Group of Seven (G7) is a multilateral organisation whose membership comprises some of the largest advanced economies in the world: Canada, France, Germany, Italy, Japan, the United Kingdom and the United States. The Presidency rotates on a yearly basis amongst the G7 members, and the UK will hold the Presidency in 2021.

The Presidency spans the entire year with multiple Ministerial and Senior Officials meetings, as well as a host of working groups taking place. The centrepiece will be a Leaders’ Summit, hosted by the Prime Minister and attended by member states, in summer 2021.

The purposes for which we are processing your personal data are:

• to share data (names and organisations) with non-UK bodies (ie foreign delegations/governments) to ascertain whether attending media are accredited within the official Leader delegation or independently

• to organise, hold and promote the G7 Presidency and various events including the Leaders’ Summit

• to operate our accreditation portal. This will be used across all of the Presidency events to accredit delegations, members of the media, external stakeholders and HMG staff. For physical in person events pass production will take place and access passes issued to accredited individuals

• to operate our Virtual Events Platform. This enables G7 working groups, engagement groups and ministers’ meetings to take place virtually

• to monitor media coverage, contact interested journalists, and to record media inquiries and our responses to them. We will track and capture media coverage of the G7 that will inform our strategic communications handling, and to support logistical operations by recording journalistic interest, with a view to assembling a list of media we wish to invite to the G7 Leaders’ Summit

• to share data with law enforcement agencies where necessary in relation to the security of the events

• to deal with any legal claims arising out of the event

• to engage and consult with key stakeholders on the development of proposals.

1.2 The data

We will process the following personal data:

For the accreditation portal:

• prefix
• full name
• gender
• full address
• date of birth
• mobile telephone number
• personal email address
• work email address
• mobile number
• company name
• company address
• fax number
• Twitter and other social media handles
• educational history
• employment history
• photo
• job title
• passport number
• passport expiry date
• nationality
• country of birth
• city of birth
• date of birth
• educational history
• employment history
• a declaration about any criminal convictions
• IP addresses and web analytics data

For the virtual events portal:

• name
• email addresses
• employer
• job title
• IP addresses and web analytics data

For catering purposes:

• dietary requirements to ensure there are no issues for those with certain food allergies or cultural/dietary requirements

For making reasonable adjustments for those with disabilities:

• details of the disability and adjustments required

Media database:

• name
• employer
• contact details
• number of social media followers
• publicly available social media content
• contact preferences
• preferred subject matters
• articles published about influences
• target groups

Any data we hold may be provided to law enforcement agencies where relevant to the security of the events.

1.3 Legal basis of processing

The legal basis for processing your web analytics and criminal convictions personal data is because you consent to us doing so.

The legal basis for processing all other data is that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. In this case that is holding the G7 Presidency.

Sensitive personal data is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

The legal basis for processing your sensitive personal data about dietary requirements and reasonable adjustments/disabilities is that processing is necessary for reasons of substantial public interest for the exercise of a function of the Crown, a Minister of the Crown, or a government department (paragraph 6, schedule 1, DPA 2018).

The legal basis for processing your criminal convictions sensitive personal data is because you consent to us doing so (paragraph 29, schedule 1, DPA 2018).

1.4 Recipients

Your personal data will be shared by us with our IT suppliers who provide the accreditation portal, virtual events portal, our website, and web hosting.

As your personal data will be stored on our IT infrastructure it will also be shared with our data processors who provide email, and document management and storage services.

Your data may be shared with venue providers for holding events and allowing visitors access, making reasonable adjustments, and catering.

Your data may be shared with law enforcement agencies where necessary for security purposes, or with a court or legal advisors where necessary to deal with legal claims.

1.5 Retention

Your personal data will be kept by us until all the events have taken place and then destroyed by December 2021.

2. Your rights

You have the right to:

• request information about how your personal data are processed, and to request a copy of that personal data

• request that any inaccuracies in your personal data are rectified without delay

• request that any incomplete personal data are completed, including by means of a supplementary statement

• request that your personal data are erased if there is no longer a justification for them to be processed

• in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted

• to object to the processing of your personal data

For criminal convictions data and web analytics data:

• you have the right to withdraw consent to the processing of your personal data at any time

3. International transfers

As your personal data is stored on our IT infrastructure, and shared with our data processors, it may be transferred and stored securely outside the UK. Where that is the case it will be subject to equivalent legal protection through an adequacy decision or the use of Model Contract Clauses.

4. Complaints

If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113

Email: casework@ico.org.uk

Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.

5. Contact details

The data controller for your personal data is the Cabinet Office. The contact details for the data controller are:

Cabinet Office
70 Whitehall
London
SW1A 2AS

Telephone: 0207 276 1234

Email: publiccorrespondence@cabinetoffice.gov.uk

The contact details for the data controller’s Data Protection Officer are:

Stephen Jones
Data Protection Officer
Cabinet Office
70 Whitehall
London
SW1A 2AS

Email: dpo@cabinetoffice.gov.uk

The Data Protection Officer provides independent advice and monitoring of Cabinet Office’s use of personal information.