- What kind of information do we collect?
Sign-up details: If you sign up to our newsletters or publications on the site, we will ask you for personal information such as your name and email address.
Feedback and surveys: We may also ask you for feedback about Nesta or to complete surveys.
Your posts and communications: If you post content or communicate via the site, we may also ask for your name and email address. We also store and monitor your content and communications.
Purchase of Publications: If you purchase publications via the website we will collect your name, organisation details, email and postal address, telephone number and payment details.
- What do we do with information we collect and what is our legal basis for this?
Third party processors: As is indicated below, we may use third party platforms and processors to deliver newsletters, process publication sales, payments, surveys, and any request to update your data contact preferences. In using these third parties we are pursuing our legitimate interest to use third party technology to achieve greater efficiency within our organisation. To balance our interests against yours, we have taken steps to ensure these third parties maintain appropriate technical and organisational measures to keep your personal information secure.
Sign-up details: If you sign-up for us to send you newsletters, (see “Marketing” section below), we will use your personal information to send these to you. Our legal basis for doing this is your consent. You have the right to withdraw this consent at any time, as explained in the “Marketing” section below. If you are given the opportunity to sign-up, register for an event, or programme, or to create a personal profile through Facebook or Twitter, Facebook and Twitter will make your email address registered to your Facebook or Twitter account available to Nesta, and Nesta will use the email address to enable you to log in to the particular platform. Our legitimate interest in doing this is the use of third party platforms for business efficiency and ease of registration for users.
Feedback and surveys: If you agree to give us feedback or complete a survey, we will use the information to improve our work and activities. We usually use Surveygizmo to process surveys, and they only process your information on our instructions. Surveygizmo operate in the US and comply with the EU-U.S. Privacy Shield Framework. For more information see https://www.surveygizmo.com/privacy/. If you agree to participate in any survey that will form part of any research project, we will tell you at the time you take part how your information will be used for the particular research project or programme, and how long it will be kept for.
Online activity: The information that we obtain about your device helps us to monitor the website and keep it secure. The cookies we use tell us how you use the site and what pages you have visited. In pursuing these activities, we use our legitimate interest of monitoring and improving the performance of the site and its security, and to help us understand more about our customer’s interests and preferences, and to inform our marketing strategy. Some of these cookies are used for remarketing purposes and, if you agree, will be used to send you tailored advertisements. For more information, see “Cookies” below.
Posts and Communications: If you post any comments on the website, any personal information you agree to provide will be displayed publicly on the website along with your comments.
Purchase of publications: If you purchase publications via this website we will use the information provided to fulfil your order. We use third-party systems to process your purchase and take payment. The payment processing organisation will be the data controller of your information for the purpose of processing the transaction, and may process your information outside of the EEA. Please read the terms and conditions before completing your purchase and making payment.
If you wish to purchase Nesta publications you will be directed to a link to Nesta’s Shopify shop, Please see https://www.shopify.com/legal/privacy for more information.
Social media interaction: We use a third party providers to check whether the people whose contact email addresses we have collected have registered with those email accounts on social media platforms, such as Facebook or Twitter. We currently use 89up Limited, who provide us with statistical information about how many of our contacts are on Facebook. We do not receive any information as to who is on Facebook. 89up Limited also provides us with the Twitter handle for our contacts who are on Twitter. We use this information to follow our contacts on Twitter. In pursuing these activities, we are pursuing our legitimate interests to understand more about our contacts’ use of social media and this will then inform our marketing strategy. We have an appropriate contract in place with to ensure the security and protection of the data.
For all kinds of information collected: Please make sure that any personal details you provide are accurate and up to date, and let us know about any changes. Please get consent first before giving us anyone else’s information.
The nature of Nesta’s work means we often work in partnership with other organisations, however, we will not share your information with any other organisation unless we have your permission first, unless we have a legitimate interest to do so (see section 5 below).
We may also use your information to carry out analysis and research to improve our publications, events and activities, customise our website and its content to your particular preferences, notify you of any changes to our website or to our activities that may affect you, to prevent and detect fraud and abuse, and to protect other users.
However you choose to engage with or support Nesta, we may retain your information for our own legitimate business interests for statistical analysis purposes, in order to review, develop and improve our business activities. In this situation, we will only keep any personal information if it is necessary to do so, and will always put in place appropriate safeguards, including where possible anonymising or minimising the data retained.
We use a third party to provide cloud based data security, storage and disaster recovery service to backup data that we hold, we currently use Barracuda Networks lncorporated. Baraccuda are a company based in the U.S. and store your Data outside the EEA. Barracuda complies with the EU-U.S. Privacy Shield Framework. https://www.barracuda.com/company/legal/privacy
- How long will we keep your information for?
General principle: We will only keep any personal information that you provide to us for as long as is necessary to fulfil the purpose for which you gave us the information and we will securely delete information when it is no longer needed for that purpose, as explained in more detail below.
Consent: We keep records of consent, and any withdrawal of consent, on our files for as long as your personal information is being used in-line with that consent and for a period of 6 years after the consent is withdrawn (unless otherwise requested by you).
Posts and communications: any information that you post on the website shall only be kept and displayed for such time as the subject matter to which is relates is publicly displayed.
Purchase of Publications: If you purchase publications via this site, we will keep your information on our customer database and to tell you about other publications available for sale. If you do not wish us to contact you about other publications available for sale please let us know by writing to us or emailing us at the at the contact details below.
Processing for statistical analysis purposes: This type of processing will only be undertaken whilst we retain your personal information in line with the principles explained above.
If you sign up to our mailing list we will use your details to keep you informed about latest news, blogs and research, and may request feedback.
We use third party providers to deliver our e-newsletters. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. We currently use Mailchimp, Salesforce and Cvent whose servers are hosted in the USA, but do comply with the EU-U.S. Privacy Shield. If you want to know more about how your information will be stored and processed see, https://www.salesforce.com/company/privacy/full_privacy/ https://mailchimp.com/legal/privacy/ https://www.shopify.com/legal/privacy If we use any other providers we will let you know when you subscribe.
If you no longer want to receive marketing communications from us, you can unsubscribe from our mailing list at any time by please clicking the unsubscribe link, at the bottom of our emails or by emailing firstname.lastname@example.org detailing your name and email address. If you are given the opportunity to update your contact preferences in any email from us, this will link to a form hosted by Surveygizmo. If this function is not made available, please email us at the above address with your preference updates.
- Who else has access to your information?
We may share your information within the Nesta group of companies, for the purposes of managing the event, grant or activity. Nesta currently provides all support and services for its subsidiary companies, therefore, our legal basis for sharing your information is to pursue the legitimate interests of shared resources and management reporting between the companies within the group. Our group companies will not process your data outside the EEA unless we notify you otherwise. Details of our group companies can be found here. https://www.nesta.org.uk/nesta-group-companies
Comments, blogs and other information which you post on the site are displayed publicly and can be viewed by other users. Please be careful when disclosing personal information which may identify you or anyone else. We are not responsible for the protection or security of information which you post in public areas.
District Design Group, the developer of this website, will have access to personal information that you provide, including your name, solely for the purpose of the administration and maintenance of the website. Nesta has an appropriate agreement in place with District Design Group to ensure the security of your personal information.
We may disclose your personal information to law enforcement agencies if required by law (in which case our legal basis for doing this is for compliance with a legal obligation), or to protect or defend ourselves or others against illegal or harmful activities (in which case, our legal basis for doing this is the pursuit of these legitimate interests).
This site contains cookies. Cookies are small text files that are placed on your computer by websites you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to site owners. Most web browsers allow some control of most cookies through browser settings.
The site also uses performance cookies which collect information about how you use the site, such as how you are referred to it and how long you stay on certain pages. This information is aggregated and therefore anonymous and is used to improve the performance of the site. If you want, you can block cookies by changing the settings on your browser. Please note that some of the features of the site may not work if you choose to block cookies.
We take steps to protect your personal information and follow procedures designed to minimise unauthorised access or disclosure of your information. If you have a password for an account on this site, please keep this safe and do not share it with anyone else. You are responsible for all activity on your account and must contact us immediately if you are aware of any unauthorised use of your password or other security breach.
- Contacting us, exercising your rights and complaints
You are legally entitled to know what personal information we hold about you and how that information is processed, which includes the right to:
- know what information we hold about you
- ask us to correct any mistakes in your information which we hold
- ask us to delete your personal information
- ask us to stop using your personal information or restrict how we can use it, for example if you feel it is inaccurate or no longer needs to be used by Nesta
- to object to us using of your personal information
- to object to any automated decision making that we may do using your personal information
If you wish to know what information we hold about you, or wish to exercise any of your other rights as detailed above, or have any complaint about how we are using your personal information, then please email us using email@example.com or write to us at 58 Victoria Embankment London EC4Y 0DS UK and provide enough information to identify yourself (e.g. name and address or any registration details).
If our information is incorrect or out of date, please provide us with information to update it. If you want us to delete, restrict or stop using any information we hold about you, please explain the reasons why you are asking this. If you are unhappy with how we are using your information, again please explain to us the reasons and we will investigate the matter.
You can also write to the same address if you have a complaint about this policy.
If you are unhappy with how any data rights request or complaint has dealt with you have the right to complain to the Information Commissioner at Wycliff House, Water Lane, Wilmslow, Cheshire SK9 5AF or the following linkhttps://ico.org.uk/concerns or helpline: 0303 123 1113.
Nesta, a company limited by guarantee registered in England and Wales with company number 7706036 and charity number 1144091.
Registered as a charity in Scotland number SC042833.
Registered office: 58 Victoria Embankment, London, EC4Y 0DS