Guidance

Cross-government content community training privacy notice

Updated 29 November 2023

Content design training (GOV.UK and content design best practice courses) is run by the GOV.UK content community team. Training courses aim to help increased the capability of content designers across government and support publishers to GOV.UK.

Content design training is provided by the Government Digital Service (GDS) which is part of the Cabinet Office. The data controller for GDS is the Cabinet Office – a data controller determines how and why personal data can be processed. Read the Cabinet Office’s entry in the Data Protection Public Register for more information.

What data we collect from you

The personal data we collect from you will include:

  • name
  • email address
  • job title
  • organisation
  • telephone number

The legal basis for processing data for GOV.UK publishers attending GOV.UK training courses is in the exercise of a public task and under contract.

The legal basis for processing data for those who are not GOV.UK publishers will be by consent.

Why we need your data

We need this information to effectively manage the training course you would like to attend. This includes making sure we:

  • know who is attending and capacity limits are not exceeded
  • only admit registered attendees into our training locations for security reasons
  • have your details to create your GOV.UK Signon account (GOV.UK publishing courses only)
  • can send you pre and post course resources including the content community newsletter for updates to GOV.UK guidance and products

What we do with your data

We will:

  • make sure your data is only used in relation to the course you are attending for the purpose of course management and communications
  • create your GOV.UK Signon account using the details you have given us (GOV.UK publishing courses only)

We will not:

  • sell or rent your data to third parties
  • share your data with third parties for marketing purposes

We will share your data if we’re required to do so by law – for example, by court order, or to prevent fraud or other crime.

How long we keep your data

We will keep your personal data for 3 years or until consent is withdrawn.

Where your data is processed and stored

We design, build and run our systems to make sure that your data is as safe as possible at any stage, both while it’s processed and when it’s stored.

Your personal data may be transferred outside the European Economic Area (EEA) while being processed by GDS. If this happens, we’ll make sure you’re given the same level of technical and legal protection as you are within the EEA.

The tool we use to manage content design training is operated by a US company which offers safeguards to data handling supported by Model Contract Clauses. The US Privacy Shield also supports the safeguarding of your personal data.

How we protect your data and keep it secure

We are committed to doing all that we can to keep your data secure. We set up systems and processes to prevent unauthorised access to or disclosure of the data we collect about you – for example, we protect your data using varying levels of encryption. All third parties that process personal data for GDS are required to keep that data secure.

Children’s privacy protection

We don’t design or promote services for children who are 13 years of age or younger, and we don’t intentionally collect or keep data about anyone under the age of 13.

Your rights

You have the right to request:

  • information about how your personal data is processed
  • a copy of that personal data - this copy will be provided in a structured, commonly used and machine-readable format
  • that anything inaccurate in your personal data is corrected immediately

You can also:

If you have any of these requests, get in contact with our Privacy Team - you can find their contact details below.

If you gave your consent for us to collect and process your data, you have the right to:

  • withdraw your consent - this can be done at any time
  • request a copy of your personal data - this copy will be provided in a structured, commonly used and machine-readable format

Changes to this notice

We may change this privacy notice. When we make changes to this notice, the ‘last updated’ date at the top of this page will also change. Any changes to this privacy notice will apply to you and your data immediately. If these changes affect how your personal data is processed, GDS will take reasonable steps to make sure you know.

Questions and complaints

Contact the Data Protection Officer if you either:

  • have any questions about anything in this document
  • think that your personal data has been misused or mishandled
  • want to make a subject access request (SARS)

Email: [email protected]

The contact details for our Data Protection Officer are:

Data Protection Officer

Cabinet Office
70 Whitehall
London
SW1A 2AS

You can also complain to the Information Commissioner, who is an independent regulator.

Information Commissioner's Office

Email [email protected]

Contact form https://ico.org.uk/glo...

Telephone 0303 123 1113

Textphone 01625 545 860