Skip to main content
  1. Home
  2. Main privacy policy of the Department for Business and Trade

Privacy policy for project finance

Purpose of this document

The Department for Business and Trade (DBT) is committed to protecting the privacy and security of your information. This privacy notice describes how we collect and use personal information about you in accordance with UK Data Protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are required under data protection legislation to notify you of the information contained in this privacy notice. It is important that you read this notice so that you are aware of how and why we are using your information.

What data we collect

Personal data we collect includes:

  • your name
  • your position within your organisation
  • your work email address
  • your work telephone number
  • your organisation type
  • the name of your organisation
  • the registered name of your organisation
  • the address of your organisation
  • the industry you work in
  • whether you have customers outside the UK
  • whether you supply companies that sell overseas
  • whether you have at least 3 years of registered accounts
  • your annual turnover
  • the number of employees that work for your organisation

Why we need your data

The information you provide will be processed by DBT and selected third parties in order to:

  • help you find your local trade office
  • give advice on exporting from the UK
  • offer business.gov.uk user account services and support
  • assess your eligibility for export financing
  • get feedback on our events
  • register interest in exporting security products as part of the UK Defence & Security Exports
  • understand the types of people and companies interested in our services
  • process business applications to access trade and investment related advice and services
  • understand barriers to trade and investment
  • evaluate the impact of trade and investment services provided by the department

Other purposes which may be relevant (to be considered on a case-by-case basis) are to:

  • gather feedback to improve our services
  • respond to any feedback you send us, if you have asked us to
  • allow you to access government services and make transactions
  • provide you with information about relevant services
  • monitor use of the site to identify security threats

Lawful basis for processing

Our lawful basis for processing your personal data is that the processing is necessary:

  • to perform a task in the public interest (Article 6(1)(e) of the UK GDPR and section 8 of the Data Protection Act 2018
  • for the exercise of our functions as a government department

How we share your information

We will, in some circumstances and where the law allows, share your data with other government departments, agencies, public bodies, and third-party service providers which may include, but are not limited to:

  • Amazon Web Services (AWS)
  • Government Digital Service (GDS)
  • organisations contracted by DBT to deliver investment support services, including Ernst & Young and OCO Global
  • organisations contracted by DBT to provide marketing and communications services, including M&C Saatchi, Manning Gottlieb OMD, TMW Unlimited, Stova, and Populus
  • Kantar Public
  • Local Enterprise Partnerships and trade bodies
  • devolved administrations
  • other UK government departments, including but not limited to the Foreign and Commonwealth Development Office

You will be notified if your information is shared with other third parties not included in this list.

Aggregated analysis of responses may also be shared with the Information Commissioner’s Office (ICO), the Government Internal Audit Agency (GIAA) and the National Audit Office (NAO).

We will not:

  • sell or rent your data to third parties
  • share your data with third parties for their marketing purposes

We will also share your data if we are required to do so by law or regulation, for example, by court order or to prevent fraud or other crime.

How long we keep your data

In line with our records management and retention and disposal policy, we will only retain your personal information for as long as:

  • it is needed for the purposes set out in this document
  • the law requires us to

We will retain your personal information for up to 10 years from the date on which it is provided or subsequently updated, in order to fulfil the purposes for which it was collected.

How we protect your data and keep it secure

We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data. For example, we protect your data using varying levels of encryption. All personal data is stored in the European Economic Area (EEA).

We also ensure that any third parties keep all personal data they process on our behalf secure.

Contacting you

We will use the personal information you provide to contact you about the specific service you have used or enquiry you have made.

We rely on the ‘public task’ lawful basis when sending promotional messages to carry out DBT’s public tasks or functions (Article 6(1)(e) of the UK GDPR and section 8 of the Data Protection Act 2018). This is without prejudice to your right to object and to exercise other applicable rights available under the regulation. The full details of data subjects’ rights and how to contact us are provided below.

Your rights

You have the right to request:

  • information about how your personal data is processed
  • a copy of any personal data we hold about you
  • that any inaccuracies in your personal data are corrected immediately

You can also:

  • raise an objection about how your personal data is processed
  • request that your personal data is erased if there is no longer a justification for it
  • ask that the processing of your personal data is restricted in certain circumstances

Contact us

If you have any requests relating to your rights or have questions about this privacy policy and how we handle your personal information, you can contact:

Data Protection Officer
Department for Business and Trade
Old Admiralty Building
Whitehall
LONDON
SW1A 2DY
Email: data.protection@businessandtrade.gov.uk

Information Commissioner’s Office 

Contact the Information Commissioner for independent advice about data protection, privacy, and data-sharing issues.

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Textphone: 01625 545860
Email: casework@ico.org.uk

Changes to this privacy notice 

We reserve the right to update this privacy notice at any time and we will provide you with a new privacy notice when we make any substantial updates.

Confidentiality 

Information provided whilst using this service, including personal information, may be disclosed in accordance with access to information regimes, primarily the Freedom of Information Act 2000 (FOIA).

If you want the information you provide to be treated confidentially, please be aware that, in accordance with the FOIA, public authorities are required to comply with a statutory code of practice that addresses obligations of confidence, among other things.

Something went wrong. Please try again.

Was this page useful?

Thanks for letting us know

Can you tell us why this page was useful?

Do not share any personal or commercially sensitive information.

Cancel

Thanks for letting us know

Can you tell us more about your feedback?

Do not share any personal or commercially sensitive information.

Cancel

Thanks for your feedback