This document outlines how the APPG on Global Health processes and manages personal data and:
- Clarifies the purpose of data use
- Identifies the data controller.
- Explains the lawful basis for processing personal data.
- Outlines the personal data held and processed.
- Outlines the scope of the special category personal data held and processed.
- Outlines the process of Subject Access Requests.
1. Purpose of data use
The APPG on Global Health processes your personal data for the purposes of maintaining and using a membership/mailing list, and in case of any events or meetings, for keeping minutes of meetings. The data which we obtain from you and process is:
- Your name, title and email address
- Your role, and/or the organisation that you work for (if any)
We use this information to send you information about the APPG and its work, including meeting notices and minutes. We may also record personal information about you, including your opinions, in minutes of meetings.
2. Data Controller
The Data Controller is the All-Party Parliamentary Group on Global Health's chair and registered contact.
If you have questions about the use of your personal data or you wish to amend or correct it, you should contact the APPG’s chair and registered contact, whose details you can find from the APPG register https://www.parliament.uk/mps-lords-and-offices/standards-and-financial-interests/parliamentary-commissioner-for-standards/registers-of-interests/register-of-all-party-party-parliamentary-groups/ or contact the Secretariat of the APPG directly firstname.lastname@example.org.
4. Lawful basis for processing
Our lawful basis for using this information is consent. We will hold this information securely and we will keep this information for five years. We will not transfer this personal data to any other organisation, unless you have agreed to it, and in the case that they are subcontracted by us to work on a report.
Please also note that under the rules which Parliament has set for APPGs, the names of APPG members (but not their contact details) are published on the group’s website or else provided to enquirers on request.
5. Data sources
Data held is that provided by you when you contact us and correspondence with third parties in response to cases taken up on your behalf.
6. Data Security
Personal data is stored electronically and securely. We ensure that our service providers comply with the same high standard that we do, and are in the UK.
7. Special category data
Special category data will be processed under the lawful basis indicated in section 3, as is permitted in clauses 22, 23 and 24 of schedule 1 of the Data Protection Act, covering political parties and elected representatives.
8. Data retention policy
Personal data will be held for no longer than necessary. Some types of data may be held for longer than others. Typically the maximum retention is two election cycles. Review of the data held will occur in each election cycle to determine whether it should be maintained or put beyond use.
9. Subject Access Requests
Subject Access Requests are dealt with in line with the guidance given by the Information Commissioner’s Office (ICO):
- We will request verification of the identity of any individual making a request, and ask for further clarification and details if needed.
- We will respond within 28 calendar days once we have confirmed it is a legitimate request.
- Data subjects have the right to the following:
- To be told whether any personal data is being processed
- To be given a description of the personal data, the reasons it is being processed and whether it will be given to another organisations or people.
- To be given a copy of the information comprising the data, and given details of the source of the data where this is available.
10. Will we share your data with anyone else?
If you have contacted us about a personal or policy issue, your data may be passed on to a third-party in the course of dealing with your enquiry, such as local authorities, government agencies, public bodies, health trusts, regulators, and so on. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the basis upon which they were originally intended.
We may need to share your data with a third party, such as the police, if required to do so by law. Your personal data is only used as outlined here and within your reasonable expectations based on the nature of the communication, and recognising the need of engagement in support of democratic engagement.
11. Data Rights
At any point you have the following rights:
- Right of access – you have the right to request a copy of the information held about you.
- Right of rectification – you have a right to correct data held about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data held about you to be erased from our records.
- Right to object – you have the right to object to certain types of processing, such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: if our office refuses your request under rights of access, we will provide you with a reason why. You have the right to complain.
12. Making a complaint
If you are unhappy with the way that we have processed or handled your data then you have a right to complain to the Information Commissioner’s Office (ICO). The ICO is the supervisory body authorised by the Data Protection Act 2018 to regulate the handling of personal data within the United Kingdom. The contact details for the ICO are:
- Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF
- Telephone: 0303 123 1113
- Website: https://ico.org.uk/concerns/
If you have any questions about the data held please contact via the contact information on this website.
Please note that proof of identity is required should you choose to exercise any of the above rights in relation to personal data.
For more information about data within Parliament, please refer to the House of Commons Data Protection information here: https://www.parliament.uk/site-information/data-protection/commons-data…
Parliament holds a register of APPGs, which you can find here: https://www.parliament.uk/mps-lords-and-offices/standards-and-financial…
We retain the right to update this policy at any time. If there are changes that significantly impact your rights, we will contact you in advance.