top of page

Privacy Policy


NeighbourlyLab is committed to protecting your personal information.

 

Please note, this is not a stand-alone document. To understand this Privacy Notice, and how we use your personal data when you interact with us, this document should be read alongside CEI’s full Privacy Policy here:https://www.neighbourlylab.com/privacy

If you have any questions about this Privacy Notice or any Data Protection related matters relevant to NEIGHBOURLYLAB you can send an email to our Data Protection Officer: dpo@theevidencequarter.com

What personal information do we collect

If your personal information is used by NEIGHBOURLYLAB because you are attending one of our events, we will collect the following information: The information below is to provide you with a non-specific list of possible personal information we may request from you within any project or piece of research we conduct.  We may collect and process the following types of personal information which will be highly dependent on the work we are doing:

• Personal identifiers: for example, name, email address, telephone number, where you work, job title.

• Responses to interviews and surveys such as feedback surveys

• Personal information related to the Equality Act 2010 inclusive of data known as ‘Protected Characteristics’ (disability, medical information,  or information required to facilitate the accessibility of an event)

 

Why do we collect your information and what do we use it for

We collect your personal information for the following purposes:

  • To organize events, contact you about the event, and any feedback you might have regarding the event

  • To accommodate any disability or dietary needs at an event

  • With your consent, to contact you about further events or to participate in an interview, seminar, presentation, conference, and/or workshop, and/or focus group session as part of a project or piece of research.

  • To make confidential contact with you where you have indicated an interest in being contacted about the research area or participating in any research projects associated with this area of research (you are able to opt out at any time and are under no obligation to participate in any research projects)


We will also use your personal information to respond to and identify your personal information when you submit a data subject rights request.
 

Our lawful basis for processing your data

We process the personal data of event participants in a variety of ways. 

Most commonly, the lawful basis for using your personal information may be one or more of the following:

  • Legitimate Interest if your information is publicly available or if your information was shared by a commissioner within the context of a wider project

  • Consent

 

For collecting your sensitive personal information, also known as GDPR special categories of personal information, in general, we rely on GDPR Article 9.2(a) : Consent. This is also relevant to any personal information known as “protected characteristics” under the UK Equality Act 2010.
 

Security, Storage and Sharing of your data

We take the security of your information very seriously and have put physical, technical, operational, and administrative strategies, controls and measures in place to help protect your personal information from unauthorised access, use or disclosure as required by law and in accordance with accepted good industry practice. We will always keep these under review to make sure that the measures we have implemented remain appropriate.

 

We use Google Workspace & Google Cloud Platform for the secure storage of personal information processed by us. Through the use of Google services, the organisation is able to provide a high level of security around the storage of highly sensitive personal data which is captured within a high variety of our activities. You can find further security and compliance information in the Google Compliance Resource Centre, Privacy Resource Centre and the Google Cloud & the GDPR pages.

 

Your personal data may also be stored with specific third-party services for the minimum period necessary to perform activities with your personal information. Each third-party is subject to contractual and security reviews to ensure adequate and comparative levels of security, we’d expect for ourselves, is provided for the data they process on our behalf.

 

The types of third-party providers we use include:

  • Transcription services

  • Mass email services

  • Communications providers

  • Survey platform services

  • Client Relationship Management services

  • Website services and platform providers

  • IT services organisations

 

Where appropriate, we may share your personal information with our professional advisers including our lawyers and auditors, project partners, industry experts, peers (of a group you are involved in as a Sector Stakeholder), and local and central government departments where it is strictly necessary. It is also possible that we may be required to share your data to comply with applicable laws or with valid legal processes, such as in response to a court order.

 

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded by implementing at least one of the following safeguards:

 

  • Transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK (the UK also recognises the European Commission list of adequate countries. For further details, see European Commission: Adequacy of the protection of Personal Data in non-EU countries)

  • Specific contracts/agreements approved by the UK which give personal data the same protection it has in the UK. For further details, seeUK International Data Transfer Agreements. We will also assess in-country standards as part of this process.

 

We may share the information we gather with other organisations in the following scenarios (where this has been outlined in the privacy notice):

  • Evaluators and Delivery Partner organisations and other organisations that are funded by us or collaborating with us on projects or pieces of research.

  • Independent contractors or suppliers, we hire to work on specific projects or pieces of research we conduct or commission.

 
Always refer to the research project Privacy Notice to confirm how your data will be stored, shared, and kept secure.

 

How long we keep your data

We will only keep personal information for as long as it is needed to fulfil the purpose for which it was collected.

The length of time which we plan to keep any information for will be outlined on the privacy notice for each individual project. Wherever possible, personal data will be anonymised or pseudonymised, as long as this does not impair the aims of the project.

When data is no longer needed, unless there is another legal reason for us to retain your personal information, we will securely destroy any paper or digital records.
 

Your rights concerning your data
You have non-absolute rights concerning your data: Where consent has been used, you can revoke it. You have the right to request that we rectify your data if it is wrong or needs updating. You have the right to access a copy of the information we hold about you, the right to erasure if no legal requirements oblige us to retain your information, the right to restrict or object to the use of your data right to rectification and the right to obtain a copy of your data in a commonly legible format. You can request these actions by contacting dpo@whatworks-csc.org.uk. If you have concerns regarding the use of your information, you can also contact the ICO.


 

Last update to this Privacy Notice

This Privacy Notice was last updated in August 2023.

Research Participants

Discovery Review

Visitors

Project Team

Suppliers

Website

Recruitment

Communications

bottom of page
We are creating online surveys with support from SurveyHero.com.