The National Leadership Centre, as part of the Cabinet Office, was created by HM Government in 2018 to deliver the recommendations of the Public Services Leadership Taskforce.

This notice sets out how we will use your personal data, and your rights. It is made under Articles 13 and 14 of the General Data Protection Regulation (GDPR).

The purpose of processing your data

The purposes for which we are processing your personal data are to manage all aspects of our relationship with our network of senior public service leaders.

The processing will also allow the network to contact and interact with each other in line with our strategic objective of helping the country’s most senior public service leaders develop the skills, knowledge and networks required to address society’s most complex strategic challenges.

Specifically, we will use personal data to:

  • organise and hold events for senior public service leaders
  • carry out research and experimental pilots aiming to build the evidence base around leadership and its impact on public services
  • conduct surveys of the network
  • gather your opinions on your role as a public sector leader
  • deliver leadership programmes and residential courses
  • use data to understand and map the connections and relationships between senior public sector individuals and organisations

We will also use diversity data to:

  • assess our own diversity and inclusion statistics for our network and programme audience of senior public service leaders
  • for reasonable adjustments for disabilities: for example, at senior leadership events and at programme residential courses

What data we will process

We will process the following personal data:

  • First Name
  • Last Name
  • Email
  • Phone number
  • Work Address
  • Business-facing social media account handles
  • Job Title
  • Sector (for example: Local Government, Police, Fire)
  • Opinions
  • Links to other public sector leaders

We will also collect the following diversity data:

  • Age
  • Gender
  • Ethnicity
  • Disability
  • Sexual orientation

Legal basis of processing

The legal basis for processing your personal data is it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. In this case that is to carry out our functions of establishing and operating the National Leadership Centre.

Sensitive personal data is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Our lawful basis for processing your sensitive personal data is as below.

In relation to diversity monitoring, processing is necessary for reasons of substantial public interest for the exercise of a function of the Crown, a Minister of the Crown, or a government department.

In relation to using disability data for reasonable adjustments, it is necessary for the purposes of performing or exercising our obligations or rights as the controller, or your obligations or rights as the data subject, under employment law, social security law or the law relating to social protection.

Recipients of your data

Senior public service leader contact details may be shared with other senior leaders by the National Leadership Centre. This will only happen where the National Leadership Centre can 1) verify the recipient’s details as legitimate, and 2) sharing the data is in aid of the purposes set out above.

Personal data collected in relation to events, surveys, research, and leadership programmes will be shared securely by the NLC with key suppliers and researchers. In particular it will be shared with Salesforce, Sendgrid, CrowdCompass Cvent, Korn Ferry Hay Group, and Ipsos Mori.

As your personal data will be stored on our IT infrastructure it will also be shared with our data processors who provide email, and document management and storage services.

Your diversity data will not be shared, except if we need to share it with a venue or supplier in order that reasonable adjustments for disability can be made.

Retention

Your personal data will be retained by us for as long as you meet the following criteria:

  • you occupy a role in the public sector at the level of seniority required to belong to the National Leadership Centre’s network e.g. Chief Executive or equivalent
  • you have recently left a post as defined above or have asked to remain part of the “network alumni” group
  • you have not informed us that you no longer want us to process your personal data for the purposes of our work at the National Leadership Centre

All personal data will be reviewed at least every 12 months (and in practice closer to every 3 months) to ensure that it is relevant and up to date. The National Leadership Centre will delete any stored personal data that we hold on individuals who no longer meet the above criteria.

Your rights

You have the right to object to the processing of your personal data.

You have the right to request information about how your personal data are processed, and to request a copy of that personal data.

You have the right to request that any inaccuracies in your personal data are rectified without delay.

You have the right to request that any incomplete personal data are completed, including by means of a supplementary statement.

You have the right to request that your personal data are erased if there is no longer a justification for them to be processed.

You have the right in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted.

You have the right to object to the processing of your personal data where it is processed for direct marketing purposes.

International transfers

As your personal data is stored on our IT infrastructure, and shared with our data processors, it may be transferred and stored securely outside the European Union. Where that is the case it will be subject to equivalent legal protection through the use of Model Contract Clauses.

As your personal data is shared with our IT suppliers, it may be transferred and stored securely in the United States of America. Where that is the case it will be subject to equivalent legal protection through the supplier’s membership of the Privacy Shield scheme.

Contact Details

The data controller for your personal data is the Cabinet Office. The contact details for the data controller are: Cabinet Office, 70 Whitehall, London, SW1A 2AS, or 0207 276 1234, publiccorrespondence@cabinetoffice.gov.uk.

The contact details for the data controller’s Data Protection Officer are: Stephen Jones, Data Protection Officer, Cabinet Office, 70 Whitehall, London, SW1A 2AS, dpo@cabinetoffice.gov.uk.

The Data Protection Officer provides independent advice and monitoring of Cabinet Office’s use of personal information.

Complaints

If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator.

The Information Commissioner can be contacted at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, or 0303 123 1113, casework@ico.org.uk

Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.


Last updated: 29 January, 2021.