Privacy

We are committed to ensuring that your privacy is protected. This privacy statement sets out how New Local collects, processes, uses and protects any information that we keep about you.  

Do please read this statement together with anything else we tell you when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy statement is in addition to these other statements and does not seek to replace or override them. 

This Privacy statement is kept under regular review and will be updated from time to time. Any updates to the Privacy statement will be placed on this web page. This statement was last updated in October 2020.  

Who we are 

New Local is an independent think tank and network with a mission to transform public services and unlock community power. We are home to a network of 60+ councils and other partners, all united in a drive to create sustainable, inclusive and community-informed public services. 

Our work, which includes running events and growing this network of organisations, requires us to collect personal data. New Local is the data controller and processor, meaning we are responsible for your data and what happens to it.  

The personal data we collect about you 

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed. 

We may collect, use, store and transfer different kinds of personal data about you including:  

  • Identity Data such as your name, title, role, and employer.  
  • Contact Data such as your work email address, phone number and postal address.  
  • Technical Data such as your IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.  
  • Usage Data such as information about how you use our website, products and services.  
  • Marketing and Communications Data such as your preferences in receiving marketing from us and other communication preferences.  

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.  

We do not collect any Special Categories of Personal Data about you such as details about your race or ethnicity, religious beliefs, sexual orientation, private political opinions, trade union membership and information about your health, except in our recruitment process. This is dealt with in our separate recruitment policy data protection statement.  

How your personal data collected 

We use different methods to collect data from and about you including through: 

  • Direct interactions – you may give us your data by completing forms or by corresponding with us by post, phone, email or through other interactions. This includes personal data you provide when you: register for an event, participate in our research, apply for a job or internship position, ask to be put on our mailing list or give us some feedback. 
  • Automated technologies or interactions – as you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. 
  • Publicly available sources – we may receive personal data about you from public sources 

Purposes for which we use your personal data 

We will only use your personal data when the law allows us to. We have set out below a description of all the ways we use personal data, and which of the legal bases we rely on to do so.  

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below. 

Research  

Typical data: Identity, contact, technical. 

Lawful basis for processing: Consent; legitimate interests 

Event registration 

Typical data: Identity; Contact 

Lawful basis for processing: Contract; consent 

Communication with current and prospective members and partners and other interested parties 

Typical data: Identity, Contact, Marketing and Communications 

Lawful basis for processing: Legitimate interests 

Process applications for job / internship opportunities 

Typical data: Identity, Contact,  

Lawful basis for processing: Contract 

Process network membership 

Typical data: Identity 

Lawful basis for processing: Legitimate Interests 

To meet our legal and reporting duties 

Typical data: Identity; contact 

Lawful basis for processing: Legal obligation 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. 

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. We will also use your personal data when it is necessary for either yours or our legitimate interests, (our interests will never override your interests or fundamental rights) or we need to comply with a legal or regulatory obligation. 

You can opt out of receiving marketing emails at any time by clicking the ‘unsubscribe link’ at the bottom of the email or by contacting us.  

Keeping your data secure and up to date 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees and third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. 

We have in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. 

We do our best to ensure your data is accurate and up to date. If your data changes please contact us so we can make the appropriate changes. If you would like to see what information we hold please at any time. 

Where we need to collect personal data by law or to provide you with a service you’ve requested and you do not provide that data, we may not be able to provide you with that service. In this case, we may have to cancel the service but we will notify you if this is the case at the time. 

Disclosers of your personal data 

Some of the functionality on our website and operations involves us cooperating with, and sharing your Personal Information with, third parties. We have carefully selected these third parties and taken steps to ensure that when we share your Personal Information with them, it is adequately protected.  

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. 

Data Retention 

We will only retain your personal data for as long as is necessary to fulfil our legal obligations or for the purposes we collected it for. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. 

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request by contacting us. In some circumstances you can ask us to delete your data, see below for further information. 

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you. 

Other information about our website 

New Local’s website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.  

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. 

Your legal rights 

We will only use your personal data when the law allows us to. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Please do contact us in the first instance to give us the opportunity to deal with your concerns.  

Our full contact details are:  

New Local 

The Rain Cloud 

76 Vincent Square 

Westminster 

London  

SW1P 2PD 

020 7148 4601, info@newlocal.gov.uk  

Under certain circumstances, you have rights under data protection laws in relation to your personal data. If you wish to exercise any of the rights set out above, please contact us. 

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.