This document outlines how processes and manages personal data and:
The Data Controller is The APPG for Environment
If you have any questions about this policy or for more information about how we use your data or would like to exercise any of your rights contact .
All processing is carried out by consent or either under the legitimate interest of , or public interest. These cover processing to conduct campaigning and communication. Where processed under the lawful basis of a task carried out in the public interest, it is to support or promote democratic engagement. This includes fundraising activity in order to support democratic engagement.
Data held is that provided by you when you contact us and correspondence with third parties in response to cases taken up on your behalf.
Personal data is stored electronically and securely. We ensure that our service providers comply with the same high standard that we do, and are in the UK.
Special category data will be processed under the lawful basis indicated in section 3, as is permitted in clauses 22, 23 and 24 of schedule 1 of the Data Protection Act, covering political parties and elected representatives.
The EU GDPR adequacy decision means that data can continue to flow between the UK and the European Economic Area (EEA). Some service providers are located outside of the EEA and therefore it may be necessary to transfer your personal data outside of the EEA. Where the transfer of your data outside of the EEA takes place we will make sure that it is protected in the same way as if the data was inside the EEA, and it only occurs with your consent.
We will use one of the following safeguards to ensure this:
Legally it is not permitted to transfer certain types of data, such as Electoral Register Data, outside of the EEA, and we honour that obligation.
Personal data will be held for no longer than necessary. Some types of data may be held for longer than others. Typically the maximum retention is two election cycles. Review of the data held will occur in each election cycle to determine whether it should be maintained or put beyond use.
Subject Access Requests are dealt with in line with the guidance given by the Information Commissioner’s Office (ICO):
If you have contacted us about a personal or policy issue, your data may be passed on to a third-party in the course of dealing with your enquiry, such as local authorities, government agencies, public bodies, health trusts, regulators, and so on. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the basis upon which they were originally intended.
We may need to share your data with a third party, such as the police, if required to do so by law. Your personal data is only used as outlined here and within your reasonable expectations based on the nature of the communication, and recognising the need of engagement in support of democratic engagement.
At any point you have the following rights:
If you are unhappy with the way that we have processed or handled your data then you have a right to complain to the Information Commissioner’s Office (ICO). The ICO is the supervisory body authorised by the Data Protection Act 2018 to regulate the handling of personal data within the United Kingdom. The contact details for the ICO are:
If you have any questions about the data held please contact via the contact information on this website.
Please note that proof of identity is required should you choose to exercise any of the above rights in relation to personal data.
For more information about data within Parliament, please refer to the House of Commons Data Protection information here: https://www.parliament.uk/site-information/data-protection/commons-data…
Parliament holds a register of APPGs, which you can find here: https://www.parliament.uk/mps-lords-and-offices/standards-and-financial…
We retain the right to update this policy at any time. If there are changes that significantly impact your rights, we will contact you in advance.
Version: 2306