LLEP Privacy Notice
This Privacy Notice sets out how the Leicester and Leicestershire Enterprise Partnership Ltd. (LLEP) uses and protects any information that you give to us when you use the LLEP and Business Gateway websites or share information when communicating with the LLEP.
The LLEP works in partnership with the private, public and voluntary and community sectors to deliver growth, productivity and prosperity for its businesses, people and places. Our work with partners and government means that we collect and use information about individuals whom we work or come into contact with.
The LLEP is committed to protecting your privacy. To comply with the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR) and to prevent unauthorised access, we follow strict procedures regarding the storage and disclosure of information that you consent to give us.
We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.
Controller and contact information
Any questions regarding this Policy and our privacy practices should be sent by email to Elizabeth Botmeh, Admin@llep.org.uk or in writing to Leicester and Leicestershire Enterprise Partnership Ltd, 19 Halford Street Leicester LE1 1JA.
Alternatively, you can telephone 0116 454 2917.
LLEP is the controller and is responsible for your personal data where we determine the purposes for which we process personal data and how we process that data. The LLEP is registered with the Information Commissioners Office registration number ZA518492.
LLEP is the controller and is responsible for this website.
LLEP’s accountable body is Leicester City Council (“the Council”), which is also a controller for the purpose of the GDPR and Data Protection Act 2018. LLEP’s relationship with the Council is governed by agreements, details of which can be found on our website and in the Local Assurance Framework available at https://llep.org.uk/governance/assurance/.
Where the LLEP is providing services on behalf of the Council in accordance with the Local Assurance Framework or otherwise, the Council will be the controller and we will be acting as processor of personal data on its behalf. A copy of the Council’s privacy notice can be viewed at https://www.leicester.gov.uk/your-council/how-we-work/our-website/privacy/. The Council has a Data Protection Officer (DPO), who can be contacted via firstname.lastname@example.org or in writing to Data Protection Officer, Information Governance & Risk. Legal Services, 4th Floor, Rutland Wing, City Hall, 115 Charles Street, Leicester, LE1 1FZ
The data we collect
“Personal data” means any information which relates to an identifiable, living individual. It does not include anonymous data which cannot be linked to an identifiable person.
We will only use your personal information when the law allows us to. The law says that we must identify a lawful basis for each use of your personal data.
We collect information about you when you visit one of our websites, llep.org.uk or bizgateway.org.uk, when you attend one of our events or contact us about products and services or if you register to receive one of our newsletters.
Data is taken from you in one of the following ways:
- Through our customer relationship management (CRM) software (used to track engagement for internal reporting purposes and for reporting to government)
- Via our “Contact us” form (managed through our website and our CRM)
- E-newsletter submission form (managed through Dotdigital formerly Dotmailer).
- Event or workshop form (managed through Eventbrite and our CRM)
- Project expression of interest forms managed through our Programme Management Software
- Social media (managed through our social media sites)
- Anonymous cookie information
- All other contact (i.e. through direct contact with team members)
- Through contractual obligation such as project funding or awarding tenders.
- Applications to become a company director or become a member of the company.
We may collect information about you from other sources. This may include the following:
- Information that we receive from our partners and affiliates
- Publicly available information, including from sources such as Companies House and the Electoral Roll
- Information you have shared publicly, including on social media
- Information from third party databases including credit reference agencies
The type of information we collect will vary from time to time and will be determined by the purpose the data is being collected for. You will be made aware which information LLEP is collecting at the time.
This may include:
- Job title
- Email address
- Contact telephone number (business, mobile or home)
- Name of Business/ Organisation including parent company or organisation, if applicable
- Nature of Business/ Organisation including type, address, site, website and number of employees
- Firm-level data for a business – typically company registration number, number of employees and annual turnover
- Social media accounts
- Equal opportunities information
- Demographic information such as postcode, preferences and interests
- IP address, location and browser detail
- Conflicts of Interests
- Project information (including commercially sensitive information)
- Finance information
- Other information relevant to business surveys and or/services
- Details of meetings, phone calls, emails, agendas, outcomes, actions, minutes and other documents
- Questions, comments, queries or feedback from engagement activities
- Cookies – We use Google Analytics to help us understand how people use our website to ensure we offer the best content and user experience for our customers. This information is collected anonymously, and we cannot identify you personally from the data
How we use your data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract, we are about to commence or have commenced with you.
- Making payments on invoices, grants or loans.
- Where it is necessary for our legitimate interests (or those of a third party), by which we mean in the interest of our LLEP’s business in conducting and managing our business to provide a strategic lead on activities contributing to the county’s economic growth. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
- Where we need to comply with a legal or regulatory obligation that we are subject to.
- Where consent has been given, we will use this information to send you our newsletters and other news and information about our events and service.
How we store your information
LLEP has several different ways that it holds data depending on the data collection method and the reason for data collection:
Most data is stored on systems held under our control:
- LLEP uses a customer relationship management (CRM) platform for the management of engagement activities with businesses, local authorities, government organisations and private partners. The CRM data is held on secure servers within the UK.
- LLEP uses a programme management solution (PMS) for the management of our grant or loan funded activities. The PMS data is held on secure servers within the UK
From time to time, the technical support staff of our CRM platform supplier (Alcium Ltd) and PMS provider (TMI Systems Ltd) may access your data. We have strict controls over how, why and when they can do this. Any access will only be done on our instruction and under contract.
- Data is stored on ICT servers held by our accountable body, all LLEP staff are employed by the Council and a protocol and service support agreement is in place which details the relationship between the LLEP and the Council.
- The Council services use platforms such as Microsoft Office 365, Google, Amazon Web Services and Vodafone which host data in the USA and EU under contract.
At no time will your information be passed to organisations external to us and our partners, for marketing or sales purposes or for any commercial use without your prior expressed consent.
We may share your data with selected third parties. For example, we may share your information with:
- Information may be shared with our Accountable Body in order to enable them discharge of the LEPs responsibilities.
- Our funders, where we are required to do so, – HM Government, The Careers and Enterprise Company or the European Union – or in relation to the funds we manage.
- Contact management systems such as Dotdigital, Evolutive, and Verto, to send and manage emails, instant messages, social media messages.
For a more detailed list see https://www.llep.org.uk/privacy/
How long do we hold your personal data?
We will only hold your personal data for as long as we need it for the purposes for which it was collected. Where we provide you with any service, we will retain any information you provide to us, for at least for as long as we continue service our agreement to you. Where we are using your personal data for one of our legitimate interests, we will only hold your personal data for as long as we have that interest.
Your data protection rights
Your personal information belongs to you and you have the right to:
- correct your data if you think it is wrong (Right to Rectification);
- erase your personal data in certain circumstances (Right to Erasure);
- stop using your data if you think it is wrong or we shouldn’t have it, until it’s put right or deleted (Right to Restriction);
- stop using your data if you think we no longer should be using it (Right to Object);
- transfer the information you gave us from one organisation to another or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated (Right to Data Portability);
- consider any complaint you have about how we have used your data.
How to complain
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.