This privacy statement explains why we process, how we collect, handle and ensure protection of personal data collected in the context of the Green Recovery Challenge Fund, under the UK PACT (Partnering for Accelerated Climate Transitions) programme. This programme is commissioned by the UK Department for Business, Energy and Industrial Strategy (BEIS).
As this activity involves the processing of personal data, it is subject to data protection rules as established by European Union: the EU Directive 2002/58/EC and the EU General Data Protection Regulation 2016/679 (GDPR) of the European Parliament, in each case as transposed into domestic legislation of each Member State of the European Economic Area (EEA) and in each case as amended, replaced or superseded from time to time, including any data protection laws substantially amending, replacing or superseding the GDPR following any exit by the United Kingdom from the European Union.
The provision of your consent would form the legal basis that would be used to process your personal data. You can provide your consent for the use of your personal data in this programme by checking the appropriate consent box in the forms sent to you.
2. What is the Purpose of this programme and processing operations?
UK PACT is part of the UK’s Official Development Assistance (ODA) and supports the UK government’s development objectives of alleviating poverty, through the acceleration of climate mitigation, in line with the COP 21 Paris Agreement. The programme is focused on building the capacity of countries to accelerate the implementation of their Nationally Determined Contributions (NDCs) and aims to support partner countries to accelerate their clean growth transitions.
The purpose of collecting and processing any personal data contained within submitted applications is administering the Programme and specifically:
- registering the participant for UK PACT application process
- contacting applicants regarding their grant applications and/or award
- requesting participants for documents submission, and
- monitoring the activities during the programme via monthly reporting, that includes work activities, images from the project and proof expenses
3. What personal data do we collect and through which technical means?
The personal data collected and further processed are: first and last name, organisation name, job title, professional e-mail address, phone number, company website, gender, CVs, website data (online account details, IP address, localisation, and browser generated information), time tracking and labour information.
Above data are collected via Flexi-Grant, which is owned by Fluent Technology Ltd as a sub-processor through registration. This tool is going to be used for grant award registration process and administration, and contacting applicants regarding their grant applications and/or award and the subsequent monitoring.
4. What will happen to your personal data?
The processing of personal data is under the responsibility of BEIS acting as Data Controller.
The following entities process your personal data on behalf of the Data Controller:
- ICF Consulting Services Ltd as Data Processor, and
- its third-party authorised sub-processors:
- Fluent Technology Ltd, used for registration and support activities on behalf of ICF Consulting Services Ltd.
The data controller, data processor or their approved sub-processors will only use your data in the context of this programme, for the purposes outlined in this privacy statement. During the duration of the programme, the data will be held by:
- ICF Consulting Services Ltd located in the EEA. For greater detail, you may also find ICF Consulting Services Ltd privacy statement on ICF’s website: Privacy Statement, and
When submitting your data, you consent that your personal data may be transferred outside the country where you are located and you are consenting to have this data stored, transferred and processed according to this privacy statement.
The Data Controller, Data Processor, and their approved sub-processors will not:
- rent or sell your personal data;
- disclose your data to any party other than mentioned in this privacy statement.
Upon your explicit consent, the participants name and job title list will be distributed electronically to all the participants, as well as the above mentioned pieces of personal data (except phone number, email address and company website).
5. How do we safeguard your personal data?
The Data Controller, Data Processor and their third-party authorised sub-processors will strive to implement commercially reasonable physical, administrative and technical safeguards to help protect the confidentiality, security, and integrity of your personal data and prevent the loss, misuse, unauthorised access, unauthorised interception, or alteration of your information. Your choice to disclose personal data in an email submission or online form is voluntary. Unfortunately, no data transmission over the Internet is 100% secure and we cannot ensure or warrant the security of any such personal data or fully ensure that your private communications and other personal data will not be inadvertently disclosed.
6. How long do we keep your data?
Your data will be kept for a maximum period of twelve months after the UK PACT programme ends on 21/04/2022, subject to extension of the contract between ICF Consulting Ltd. and BEIS. Data will be automatically deleted at the end of this period.
7. How can you verify, modify or delete your information or exercise data subject rights?
By using the below contact information, you may exercise your:
- Right to extensive information
- Right to access data
- Right of rectification or correction.
- Right to erasure/be forgotten.
- Right to withdraw / opt out
- Right to object
- Right to restriction
- Right to data portability
- Rights in relation to automated decision making
- Right to make a complaint
- Right to breach notification
8. International transfers
As your personal data is stored on BEIS and ICF Consulting’s IT infrastructure and shared with our data processors, it may be transferred and stored securely outside the European Economic Area (EEA). Where that is the case it will be subject to equivalent legal protection supplemented by standard contractual clauses.
9. Contact information
In case you wish to verify which pieces of personal data are stored, have them modified, corrected, or deleted, or if you have questions regarding the information processed in the context of this project, or on your rights, feel free to contact the support team of the data processor at firstname.lastname@example.org.
If you have any questions or concerns about how your personal data is being processed, please contact: email@example.com.
If you remain unsatisfied, you may wish to contact relevant Data Protection Authorities:
- European Union – European Commission Client: European Commission’s Data Protection Supervisor at www.edps.europa.eu
- United Kingdom – Information Commissioner’s Office (ICO) at ico.org.uk