This is our approach to your privacy, including how and why we collect personal information about individuals and how we use that data.
Any questions regarding this Policy and our privacy practices should be sent by email to email@example.com or by writing to Shared intelligence, Europoint Centre, 5-11 Lavington Street, London SE1 0NZ.
About Shared Intelligence
We are a small research and consultancy practice, based in London, who provide services to those responsible for delivering public services and deciding public policy. We are an employee-owned private limited company with no external shareholders. Most of our work is carried out in England, and we conduct some work in other parts of the UK, and Europe.
The data we collect
There are three main reasons we might collect and hold information about you:
- News about our work – if you are a current or past client of ours and/or have asked us to keep you in touch with our work, we will use your contact information to keep in touch with you by email with news about our work.
- Our current clients – if we are delivering a service for you, in other words if you are one of our clients, we will hold information you provide to us which is necessary to delivering that service, including your contact details and correspondence about the work we are undertaking.
- Individuals we need to contact to undertake a project – if you are not a client but we need to contact you in order to carry out a project (e.g. if you are a consultee, or survey respondent) we may collect and hold information required to make contact with you, and we may collect and hold information you give us verbally, in writing, or through a survey. Sometimes we are given individuals’ contact information by a client (e.g. name are provided of those who should be interviewed) in which case we will ensure our client only gives us information about people who have consented.
Data we hold to provide news emails about our work
We collect and hold personal information in order to send news emails about our work to our clients, former clients, and other individuals we have met personally. Our news emails are sent via a third-party provider – Mailchimp. The personal information we require to send news emails is stored by Mailchimp under their own privacy terms. We use Mailchimp because of their commitment to protecting privacy, and because their systems make it easy for you to manage your data and opt-out at any time. Mailchimp also have controls to prevent personal information being abused – for instance they can stop the use of their service by organisations which appear to be sending emails without the consent of recipients (i.e. spam).
Should anyone wish to unsubscribe from our news emails there are clear instructions on every news email we send. Alternatively you can send a request to be removed from the news email list to firstname.lastname@example.org or to Shared intelligence, Europoint Centre, 5-11 Lavington Street, London SE1 0NZ.
Data we hold about our current clients in order to deliver a service
We collect contact information about our clients at the start of each project which includes their personal information and we keep this and details of correspondence such as tender documents, invoices, and project reports which may also contain personal information. We may keep such information for a minimum of 6 years to meet our company reporting obligations. Such information is destroyed when no longer necessary.
Data we need to undertake a project
This may include details about individuals we need to invite to meetings as part of a project, or whom we need to contact, or ask to complete a survey or questionnaire.
Often we will approach individuals to request their participation in our project and collect their data. Sometimes we are given contact information by a client (e.g. a list of suggested consultees) in which case we always ensure our client only gives us information for which they have consent.
When we undertake online surveys we use a third-party online survey platform – SurveyMonkey. The personal information we collect and store through SurveyMonkey is governed by their own privacy terms. If we need to make a copy of data collected by SurveyMonkey to keep on our own systems we will encrypt or anonymise data, or protect it some other way proportionate to the risks we perceive.
The legal basis for processing this information is our legitimate interest where the use of personal data is necessary to fulfil a legitimate research or consultancy project. We are committed to request only the minimum personal information required for the task we are undertaking. This type of data is held no longer than necessary or is destroyed as soon as a subject asks for it to be removed.
Sharing your personal data
We do not pass on personal information to third party organisations without the subject’s explicit permission. For example if we collect data from you as part of a project for a local authority, we will not pass your information to that local authority without your consent. If we are working with a subcontractor we will not pass your information to our subcontractor without your consent.
The only exception to this is where we are under a duty to disclose or share your personal data in order to comply with any legal obligation.
We never share your information with third parties for marketing purposes.
Third party links
We have a number of data security safeguards to ensure the data we hold is secure and where appropriate either encrypted or protected by other means. Shared Intelligence is certfied under the Government-backed Cyber Essentials scheme which sets standards for how we protect our data from cyber attacks. We also use market-leading third party platforms (such as Mailchimp and Surveymonkey) for storing our most sensitive data – in particular mailing lists and questionnaire responses. The scale and sophistication of those platforms provides additional protection against data loss or malicious data breach. Data files with large volumes of personal data and/or sensitive data, when held on our own systems are encrypted or otherwise protected against access except by those explicitly authorised.
Your GDPR Rights
A full list of your GDPR rights are as follows:
- The right to access the personal data we hold on you
- The right to correct and update the personal data we hold on you
- The right to have your personal data erased
- The right to object to processing of your personal data
- The right to data portability
- The right to withdraw your consent to the processing at any time for any processing of personal data to which consent was sought.
- The right to object to the processing of personal data where applicable.
- The right to lodge a complaint with the Information Commissioners Office. You can contact the Information Commissioners Office via email, on 0303 123 1113, or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Any questions regarding this Policy and our privacy practices should be sent by email to email@example.com or by writing to Shared intelligence, Three Tuns House, 109 Borough High Street, London SE1 1NL.