Privacy policy

This website belongs to Nesta – you can find our full details below. This privacy policy explains how Nesta uses personal information we collect via this site. We are committed to protecting your privacy and we take all reasonable precautions to safeguard personal information.  This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

 

  1. What kind of information do we collect?

Sign-up details: If you sign up to our newsletters or publications on the site, we will ask you for personal information such as your name and email address.

Feedback and surveys: We may also ask you for feedback about Nesta or to complete surveys.

Online activity: We record your activity and preferences when visiting the sites through the use of cookies (see “Cookies”, below).

Your posts and communications: If you post content or communicate via the site, we may also ask for your name and email address. We also store and monitor your content and communications.

 

  1.  What do we do with information we collect and what is our legal basis for this?

Third party processors: As is indicated below, we may use third party platforms and processors to deliver newsletters, process applications, event registrations, process payments, process surveys, and process any request to update your data contact preferences. In using these third parties we are pursuing our legitimate interest to use third party technology to achieve greater efficiency within our organisation. To balance our interests against yours, we have taken steps to ensure these third parties maintain appropriate technical and organisational measures to keep your personal information secure.

Sign-up details: If you sign-up for us to send you newsletters, (see “Marketing” section below), we will use your personal information to send these to you.  Our legal basis for doing this is your consent.  You have the right to withdraw this consent at any time, as explained in the “Marketing” section below. If you are given the opportunity to sign-up, register for an event, or programme, or to create a personal profile through Facebook or Twitter, Facebook and Twitter will make your email address registered to your Facebook or Twitter account available to Nesta, and Nesta will use the email address to enable you to log in to the particular platform. Our legitimate interest in doing this is the use of third party platforms for business efficiency and ease of registration for users.

Feedback and surveys: If you agree to give us feedback or complete a survey, we will use the information to improve our work and activities. We usually use Surveygizmo to process surveys, and they only process your information on our instructions. Surveygizmo operate in the US and comply with the EU-U.S. Privacy Shield Framework. For more information see https://www.surveygizmo.com/privacy/. If you agree to participate in any survey that will form part of any research project, we will tell you at the time you take part how your information will be used for the particular research project or programme, and how long it will be kept for.

Online activity: The cookies we use tell us how you use the site and what pages you have visited. In pursuing this activity, we use our legitimate interest of improving the performance of the site, and to help us understand more about our customer’s interests and preferences, and to inform our marketing strategy.  For more information, see “Cookies”

Posts and Communications: If you post any comments on the website, any personal information you agree to provide will be displayed publicly on the website along with your comments.

Social media interaction: We use a third party providers to check whether the people whose contact email addresses we have collected have registered with those email accounts on social media platforms, such as Facebook or Twitter. We currently use 89up Limited, who provide us with statistical information about how many of our contacts are on Facebook. We do not receive any information as to who is on Facebook.  89up Limited also provides us with the Twitter handle for our contacts who are on Twitter.  We use this information to follow our contacts on Twitter.  In pursuing these activities, we are pursuing our legitimate interests to understand more about our contacts’ use of social media and this will then inform our marketing strategy.  We have an appropriate contract in place with to ensure the security and protection of the data.

 

For all kinds of information collected: Please make sure that any personal details you provide are accurate and up to date, and let us know about any changes. Please get consent first before giving us anyone else’s information.

The nature of Nesta’s work means we often work in partnership with other organisations, however, we will not share your information with any other organisation unless we have your permission first, unless we have a legitimate interest to do so (see section 5 below).

We may also use your information to carry out analysis and research to improve our publications, events and activities, customise our website and its content to your particular preferences, notify you of any changes to our website or to our activities that may affect you, to prevent and detect fraud and abuse, and to protect other users.

However you choose to engage with or support Nesta, we may retain your information for our own legitimate business interests for statistical analysis purposes, in order to review, develop and improve our business activities.  In this situation, we will only keep any personal information if it is necessary to do so, and will always put in place appropriate safeguards, including where possible anonymising or minimising the data retained.

We use a third party to provide cloud based data security, storage and disaster recovery service to backup data that we hold, we currently use Baraccuda Networks lncorporated. Baraccuda are a company based in the U.S. and store your Data outside the EEA. Baraccuda complies with the EU-U.S. Privacy Shield Framework.  https://www.barracuda.com/company/legal/privacy

 

  1. How long will we keep your information for?

General principle: We will only keep any personal information that you provide to us for as long as is necessary to fulfil the purpose for which you gave us the information and we will securely delete information when it is no longer needed for that purpose, as explained in more detail below.

Consent: We keep records of consent, and any withdrawal of consent, on our files for as long as your personal information is being used in-line with that consent and for a period of 6 years after the consent is withdrawn (unless otherwise requested by you).

Posts and communications: any information that you post on the website shall only be kept and displayed for such time as the subject matter to which is relates is publicly displayed.

Processing for statistical analysis purposes: This type of processing will only be undertaken whilst we retain your personal information in line with the principles explained above.

 

  1. Marketing

If you sign up to our mailing list we will use your details to keep you informed about latest news, blogs and research, and may request feedback.

We use third party providers, Mailchimp and Salesforce to deliver our e-newsletters.  We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. Please note that Mailchimp and Salesforce use servers hosted in the USA, but do comply with the EU-U.S. Privacy Shield. If you want to know more about how your information will be stored and processed see, https://www.salesforce.com/company/privacy/full_privacy/ https://mailchimp.com/legal/privacy/ If we use any other providers we will let you know when you subscribe.

If you no longer want to receive marketing communications from us, you can unsubscribe from our mailing list at any time by please clicking the unsubscribe link, at the bottom of our emails or by emailing information@nesta.org.uk detailing your name and email address. If you are given the opportunity to update your contact preferences in any email from us, this will link to a Surveygizmo form. If this function is not made available, please email us at the above address with your preference updates.

 

  1. Who else has access to your information?

We may share your information within the Nesta group of companies, for the purposes of managing the event, grant or activity. Nesta currently provides all support and services for its subsidiary companies, therefore, our legal basis for sharing your information is to pursue the legitimate interests of shared resources and management reporting between the companies within the group. Our group companies will not process your data outside the EEA unless we notify you otherwise. Details of our group companies can be found here. https://www.nesta.org.uk/nesta-group-companies

Comments, blogs and other information which you post on the site are displayed publicly and can be viewed by other users. Please be careful when disclosing personal information which may identify you or anyone else. We are not responsible for the protection or security of information which you post in public areas.

District Design Group, the developer of this website, will have access to personal information that you provide, including your name, solely for the purpose of the administration and maintenance of the website. Nesta has an appropriate agreement in place with District Design Group to ensure the security of your personal information.

We may disclose your personal information to law enforcement agencies if required by law (in which case our legal basis for doing this is for compliance with a legal obligation), or to protect or defend ourselves or others against illegal or harmful activities (in which case, our legal basis for doing this is the pursuit of these legitimate interests).

 

  1. Cookies

This site contains cookies. Cookies are small text files that are placed on your computer by websites you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to site owners. Most web browsers allow some control of most cookies through browser settings.

This site uses cookies that are strictly necessary to enable you to move around the site or to provide certain basic features, such as logging into secure areas.

The site also uses performance cookies which collect information about how you use the site, such as how you are referred to it and how long you stay on certain pages. This information is aggregated and therefore anonymous and is used to improve the performance of the site. If you want, you can block cookies by changing the settings on your browser.  Please note that some of the features of the site may not work if you choose to block cookies.

 

  1. Security

We take steps to protect your personal information and follow procedures designed to minimise unauthorised access or disclosure of your information. If you have a password for an account on this site, please keep this safe and do not share it with anyone else. You are responsible for all activity on your account and must contact us immediately if you are aware of any unauthorised use of your password or other security breach.

 

  1. Contacting us, exercising your rights and complaints

You are legally entitled to know what personal information we hold about you and how that information is processed, which includes the right to:

  • know what information we hold about you
  • ask us to correct any mistakes in your information which we hold
  • ask us to delete your personal information
  • ask us to stop using your personal information or restrict how we can use it, for example if you feel it is inaccurate or no longer needs to be used by Nesta
  • to object to us using of your personal information
  • to object to any automated decision making that we may do using your personal information

If you wish to know what information we hold about you, or wish to exercise any of your other rights as detailed above, or have any complaint about how we are using your personal information, then please email us using info@diytoolkit.org or write to us at 58 Victoria Embankment London EC4Y 0DS UK and provide enough information to identify yourself (e.g. name and address or any registration details).

If our information is incorrect or out of date, please provide us with information to update it. If you want us to delete, restrict or stop using any information we hold about you, please explain the reasons why you are asking this. If you are unhappy with how we are using your information, again please explain to us the reasons and we will investigate the matter.

You can also write to the same address if you have a complaint about this policy.

If you are unhappy with how any data rights request or complaint has dealt with you have the right to complain to the Information Commissioner at Wycliff House, Water Lane, Wilmslow, Cheshire SK9 5AF or the following linkhttps://ico.org.uk/concerns or helpline: 0303 123 1113.

 

  1. Changes to the privacy policy

We may change this privacy policy from time to time.  We will notify you of any changes that relate to information we already hold about you, where practicable. You should check this policy occasionally to ensure you are aware of the most recent version that will apply each time you access this website.

 

Nesta, a company limited by guarantee registered in England and Wales with company number 7706036 and charity number 1144091.

Registered as a charity in Scotland number SC042833.

Registered office: 58 Victoria Embankment, London, EC4Y 0DS

Email: information@nesta.org.uk