Thank you for your interest in the Future of Adult Social Care report developed by CCN, ACCE and Newton.

Some of the information we will collect and use during the course of our dissemination activities will be personal data.

Newton Europe Limited is the designated “data controller” for this programme, on behalf of the County Councils Network (CCN) and the Association of County Chief Executives (ACCE).  This means that we decide how we hold and use the personal information we collect about you.

We think that it is important to be transparent about how we collect and use your personal data and are committed to protecting the privacy and security of the information we hold about you.  This privacy notice provides more information about how we do this and provides you with certain information that must be provided under the UK General Data Protection Regulation (UK GDPR).  

If you have further questions about this notice, or about data protection or the security of your data, please contact Rachel Lenik (Rachel.Lenik@newtoneurope.com) or Greig Harper (Greig.Harper@newtoneurope.com).

‍

1. Data Protection Principles

We will comply with data protection law and principles, which means that your data will be:

• used lawfully, fairly and in a transparent way;
• collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
• relevant to the purposes we have told you about and limited only to those purposes;
• accurate and kept up to date;
• kept only as long as necessary for the purposes we have told you about; and
• kept securely.

‍

2. What personal data do we collect?

We collect, store and use your name and email address.

‍

3. How is your personal data collected?

We collect personal information from you directly when you complete the email sign-up form on this website.  Data is stored in the MailChimp marketing platform.

‍

4. Why do we need to process your personal data?

We collect, store and use personal data about you to pursue legitimate interests of our own, or those of third parties.  When we do this, we always make sure that your fundamental interests and rights do not override those interests.

The examples given below do not form an exhaustive list of purposes for which your personal data will be processed, and we reserve the right to add to them at any time.

‍

5. Situations in which we use your personal data

The situations in which we will process your personal data are listed below:

To pursue legitimate interests of our own, or those of third parties, including:

• to communicate with you about updates to the programme of work;
• to run our marketing events and communicate with you about such events;
• to communicate with existing and potential clients by providing information about the work that we do, including information about current and previous projects.

‍

6. Who has access to your personal data?

Your information will be shared internally, this may include it being shared with your Newton point of contact, marketing, recruitment, finance and IT staff, in each case if and where access to the data is necessary for performance of their roles.

We may also share your personal data externally with third parties where required by law or where we have another legitimate interest in doing so.  For example, we may share your personal data with third parties in order to:

• run and administer our marketing events. For example, our virtual event platform provider, Virtual iVent Limited;
• monitor engagement with the Future of Adult Social Care programme, in partnership with CCN and ACCE;
• produce and edit promotional videos;
• produce promotional materials, including flyers, case studies and social media posts; and
• obtain professional advice on our marketing and/or PR strategy.

Where we share your personal data with third parties, we require that they respect the security of your data and treat it in accordance with the law.  We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

Your data may be transferred to countries outside the UK. Where personal data is transferred outside the UK, we require that appropriate safeguards are in place.

‍

7. How do we protect your personal data?

We have put in place measures to protect the security of your information. Details of these measures are available upon request.  

We have also put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Where we engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

‍

8. For how long do we keep your personal data?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.  After this period, we will securely destroy your personal information in accordance with applicable laws.

In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

‍

9. What are your rights?

Under certain circumstances, by law you have the right to:

• ‍Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;‍
• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;‍
• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);‍
• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes;‍
• Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; and‍
• Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us at info@newtoneurope.com.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

If you believe that we have not complied with your data protection rights, you can complain to the Information Commissioner.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

‍

10. Automated decision-making

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. 

We do not envisage that any decisions will be taken about you using automated means, however we will notify you in writing if this position changes.

‍

11. Changes to this Privacy Notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.