Kent County Council’s Trade Development Services Privacy Notice
We keep this privacy notice under regular review. The policy was last updated on 23/03/2022
Kent County Council respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
Who are we?
Kent County Council collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the United Kingdom General Data Protection Regulation (‘UK GDPR’) and the Data Protection Act 2018. We are responsible as ‘controller’ of that personal information. The Trade Development Team within Kent County Council’s Economic Development Division provides a range of information and services which aim to help Kent businesses to access opportunities in overseas markets. We work closely with external partner organisations locally, nationally and internationally to implement these activities. In order to carry out this work, we need to communication with Kent businesses about the projects, programmes, events and activities that we and our partners deliver which help companies to export. Our Data Protection Officer is Benjamin Watts.
For information, in addition to ‘personal data’ covered by the General Data Protection Regulation and explained below, we may also collect commercial information about the businesses participating in our projects such as the annual turnover, number of employees, company description etc. to help with the implementation of our projects including capturing results and impacts.
The personal information we collect and use
Information collected by us
In the course of our activities designed to help Kent businesses with international trade, KCC’s Trade Development team collects the following personal information when you provide it to us:
- Names, job roles, contact details (email, phone and postal address) of representatives of Kent businesses
- We also collect the following ‘special category data’ (personal data which is more sensitive and is treated with extra care and protection) when you provide it to us:
- Age, Disability, Gender reassignment, Marriage and Civil Partnerships, Pregnancy and Maternity, Race, Religion and Belief, Sex, Sexual Orientation
- In addition to the above, if you attend an overseas business event with us, we would also request the following which we would store for use during future overseas events unless you ask us to delete it on completion of the trip:
- Emergency contact details, a mobile phone number
- ‘Advance Passenger Information’ (API) required for travelling abroad such as passport numbers and expiry date, nationality, car registration numbers and date of birth where applicable
We may also need to request special category sensitive information as follows to ensure your wellbeing during the trip:
- Special dietary requirements
- Details of any health issues that could affect you during a visit
We also obtain personal information from other sources as follows:
- Kent company websites and social media networks (Linked In, Twitter etc.) where we believe we may have a programme that is of specific interest to the business
How we use your personal information
We use your personal information to:
- Contact you about events and business support activities which may be of interest
- Enable you to benefit from business support programmes and project activities (such as trade show visits, networking events or workshops)
- Keep records about companies which have participated in business support programmes to satisfy the requirements of external funding bodies
Any special category sensitive information that we collect about your is used:
To ensure your wellbeing during overseas and UK events. We may need to share this information electronically with selected partner organisations or external suppliers (such as caterers or airlines) within the European Union to make sure that any special requirements you have are taken into account.
How long your personal data will be kept
We will hold your personal information:
- Until the end of December 2026 for activities funded by our European projects (ISE, IMPULS, SIE and Boost4Health) as this is the required retention period for documentation evidencing the implementation of these business support projects as set out in the Grant Offer Letters in place between the Managing Authority of these programmes and Kent County Council.
- Until you or your company notifies us that you wish us to delete your personal data.
Reasons we can collect and use your personal information
We rely on you providing consent as the lawful basis on which we collect and use your personal data. You may withdraw your consent at any time. If you do withdraw your consent no further personal information will be collected and the existing personal information shall only be retained in accordance with KCC’s data protection policy. If you do withdraw your consent you will no longer be able to be kept informed about business support programmes and activities which may benefit your company.
We rely on you providing explicit consent as the lawful basis on which we collect and use your special category personal data. You may from time to time provide us with information about your physical health, for example you may wish us to know about a health issue or disability you may have for the purpose of allowing us, our managers or our partner organisations to make adjustments to ensure your wellbeing during an overseas trip or UK event. If you provide us with this information we will only process it (including sharing the information with our partners) to the extent that it is necessary for that purpose.
Who we share your personal information with
- We will share personal information with law enforcement or other authorities if required by applicable law or in connection with legal proceedings.
- We will share personal information with our legal and professional advisers in the event of a dispute, complaint or claim. We rely on Article 9(2)(f) where the processing of special category data is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.
- We may transfer your data to several countries or organisations outside the UK which are our delivery partners for any EU-funded / externally business support projects as well as any international service providers such as the organisers of international trade shows. We do this to ensure the successful delivery of our business support activities. Details of our delivery partner organisations are available on the relevant project website or pages:
- We may also share data with business support partners to enable us to identify overseas contacts for your business through our networks and partnerships and provide appropriate support for your business. Please contact firstname.lastname@example.org for further details on who we may share data with within our specific trade development projects..
- We may share your data with other business support providers involved in a particular business support programme, activity or event in which you participate with your consent. This would include the following types of data: Name, contact details and role within your company
- We will share information regarding your health or special dietary requirements, to the extent it is necessary, with KCC officers or partner organisations who are responsible for the overseas trips/ events in which you participate.
For details of our business support partners please contact email@example.com.
Under the UK GDPR you have a number of rights which you can access free of charge which allow you to:
- know what we are doing with your information and why we are doing it
- ask to see what information we hold about you
- ask us to correct any mistakes in the information we hold about you
- object to direct marketing
- make a complaint to the Information Commissioner’s Office.
Depending on our reason for using your information you may also be entitled to:
- object to how we are using your information
- ask us to delete information we hold about you
- have your information transferred electronically to yourself or to another organisation
- object to decisions being made that significantly affect you
- stop us using your information in certain ways.
We will always seek to comply with your request however we may be required to hold or use your information to comply with legal duties. Please note: your request may delay or prevent us delivering a service to you.
For further information about your rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the United Kingdom General Data Protection Regulation.
If you would like to exercise a right, please contact the Information Resilience and Transparency Team at firstname.lastname@example.org.
Your Right to Withdraw your Consent
Where we rely on your consent to process your personal information, you can withdraw your consent to our use of your data at any time.
You can do this by contacting us by email or telephone using the details provided on this website.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Who to Contact
Please contact the Information Resilience and Transparency Team at email@example.com to exercise any of your rights, or if you have a complaint about why your information has been collected, how it has been used or how long we have kept it for.
You can contact our Data Protection Officer, Benjamin Watts, at firstname.lastname@example.org.
The United Kingdom General Data Protection Regulation also gives you the right to lodge a complaint with the Information Commissioner who may be contacted at https://ico.org.uk/make-a-complaint/ or telephone 0303 123 1113.
For further information visit https://www.kent.gov.uk/about-the-council/about-the-website/privacy-statement