Privacy Policy

1.  About this privacy code    

Thisprivacycode provides an overview of how we comply with dataprotectionlegislation to protect the rights of the individuals we dealwith. Itsets out:

  • Who we are and what we do
  • How we collect personal information
  • What personal information we collect, and why
  • How we safeguard personal information
  • With whom we share personal information, and why
  • How we handle transfers of personal information to countries outside Europe
  • Your rights under data protection legislation
  • How to make a complaint
  • How to find out more


2.  Who we are and what we do

OneNorthEastis the Regional Development Agency for the North East ofEngland,covering Northumberland, Tyne & Wear, Durham and the TeesValley(the ‘Region’). Our contact details are set out on the frontpage of ourwebsite. Our activities are particularly wide-ranging butmay be summedup in our five main statutory purposes:

  • To further economic development and the regeneration of the Region;
  • To promote business efficiency, investment and competitiveness in the Region;
  • To generate employment;
  • To encourage and enhance the development and application of relevant work skills of the people living here; and in doing so...
  • To contribute to the overall sustainability of the economy in the UK as a whole.
  • Wemainlyneed personal information so that we can provide grant fundingand tointroduce businesses to each other. You can find out more aboutus, andour role in the Region, including copies of our RegionalEconomicStrategy and our Corporate Plan, on our website.


3.  How we collect personal information

3.1By the use of “cookies” on our website  - cookies are small textfilesor variables which enable a website to “remember” who you are.Mostbrowsers are automatically set to accept cookies but if you areusingMicrosoft’s Internet Explorer or Netscape Navigator, you should beableto configure your browser to restrict cookies or block all cookiesifyou wish. This will however, affect your ability to log into andusethe knowledge-exchange areas, e-tendering opportunities area, themediacentre, and any other restricted areas of our website.Browser-specificinstructions on how to restrict or block cookies may befound on theIAB’s website.
We use session cookies (which aretemporarycookies) to maintain your session with the server in the areasof oursite that are available to registered users. Our session cookiesstorea unique identifier to allow the server to distinguishbetweenindividual users' sessions. Session cookies are deleted when youcloseyour browser.  We sometimes use persistent cookies to enablepop-upadvertisements and to prevent the server from displaying thepop-upadvertisement more than once. Persistent cookies remain on yourharddisk until you delete them. No cookies on our site are served orusedby third parties.

3.2  Through completion of online formsonour website - We collect information about you when you register tousethe knowledge-exchange areas, e-tendering opportunities area, themediacentre, and any other restricted areas of our website. Wecollectinformation about you if you complete any of the various formson oursite to contact us, make enquiries, apply to us, respond tosurveys orgive us feedback. We need you to give us certain information,whichwill be indicated on the form. It would help us if you give usanyother information we ask for that you think might be relevant butyouare under no obligation to do so.

3.3  Through websitestatistics - We do keep a record of traffic data which isloggedautomatically by our server, such as your IP address, the URLyouvisited before ours, the URL you visit after leaving our site andwhichpages you visit. We also collect some site statistics such as pagehitsand page views. We are not readily able to identify any individualfromtraffic data or site statistics.

3.4  By you contacting usbyother methods other than the website - The website providesvarioustelephone and fax numbers and email addresses for you to contactus. Wewill collect information from you through any of these methods.We mayalso collect other information you supply to us after yourinitialcontact with us.

4.  What personal information we collect, and why

Theinformationwe collect about you will depend on the nature of yourbusiness with usbut will be used for one or more of our five statutorypurposes referredto above in who we are and what we do. Here is abrief description ofthe information we collect and how we use it.

4.1 Informationyou give us on your own initiative - We will use thedetails you give usto provide information you ask for or to put you incontact with otherorganisations that may be able to help, process anyapplication you makeand review and improve our services.

4.2 Business informationthat we set out to collect - We actively seekinformation frombusinesses from both inside and outside the Region(including thoseoutside of the UK) so that we can build up profiles ofbusinesses andbuild relationships between them. We obtain thisinformation bothdirectly from businesses, through face-to-facemeetings, telephonecalls, or through our website, and indirectly fromsuppliers of businessinformation. Most of this information will relateto the business itselfand will not be “personal”. However insofar asthis information containscontact details from which individuals may beidentified, or relates tosole traders or partnerships, it will usuallyconsist of personalinformation that is protected by data protectionlegislation. Thepersonal information we hold is very valuable, as itenables us to makepersonal introductions between businesses and alsoprovides a centralpoint of contact for us.

4.3  Informationrequired for fundingapplications - We also collect information from abusiness when itapplies to us for funding. Details are given tobusinesses before theyapply to us, and on the actual applicationforms. We need thisinformation so that we can appraise projects anddecide whether or notto fund them. If a business receives funding, wewill collect furtherinformation so we can monitor how the funding isspent, and thereforeshow we are delivering the outputs the fundersrequire us to. The typeof information we collect, and with whom weshare information we collectdepends on the funding package.

4.4 Direct marketing preferencesWhen you give us your contact details, wemay ask you whether or not youwould like to receive furtherinformation from us about inwardinvestment opportunities, businessdevelopment and fundingopportunities. This may be our own informationor that produced by oursubsidiaries or by other organisations. We maysend this information toyou by a variety of means, including email,fax and post. If you doagree, you can change your mind at any time andask us not to send youfurther information (see your rights under dataprotection legislationbelow). We may also ask you if you would like usto pass on your detailsto other organisations in the local businessnetwork including thebusiness links, enterprise agencies, Chamber ofCommerce, LearningSkills Council and other similar organisations sothey can inform you ofbusiness events and opportunities and offer youopportunities to developand advance your business. If you agree butthen change your mind, youwill need to contact these organisationsdirect to ask to be removedfrom their lists.

4.5  Researchstatistics - We anonymise theinformation we collect and then use it toproduce and publish regionalstatistics. We will always ensure thestatutory safeguards forstatistical research are in place. So we willnever use personalinformation in the course of this research tosupport measures ordecisions with respect to particular individuals orin such a way thatis likely to cause substantial damage or substantialdistress to anyindividual. Any resulting research statistics will notbe made availablein a form which identifies individuals, unless thoseindividuals haveagreed to be identified.

5.  How we safeguard personal information

Werecognisethat you retain rights in the personal information we holdabout you. Wewill keep that information secure, and use it only forspecificlegitimate purposes.

5.1  We have obligations to keeppersonalinformation secure, which we take seriously - We will keeppersonalinformation secure by taking appropriate technical and staffmeasuresagainst the unauthorised or unlawful processing of thatinformation andagainst its accidental loss, destruction or damage.

TheDirectorof Corporate Resources has overall responsibility forimplementation ofsecurity procedures. We take steps to ensure thepersonal information wehave is high quality. However we cannot do thiswithout your help! Soplease ensure you give us accurate information,tell us as soon aspossible of any changes, and tell us as soon aspossible if you noticemistakes in the information we hold about you asthis helps us to keepour information reliable and up-to-date. We willalso contact you fromtime to time to check whether the information wehave on you is stillaccurate and up to date. We will keep personalinformation until youinform us you no longer wish us to.

Information relating to funding is kept for as long as is required by the funders.

5.2We keep confidential information confidential - Please note that underafreedom of information code of practice, we are not permitted toclassas “confidential” information that is not actually confidentialinreality, even if it is marked confidential. However in respect ofanyinformation we receive from you that is truly confidential, we willtakesteps to ensure it remains confidential. Unauthorised disclosureormisuse of personal information by staff will lead to disciplinaryaction.

5.3 We review our policies and audit our proceduresregularly - We reviewthis code and our other data protection policiesregularly to make surethey are appropriate and up to date. We alsocarry out regular audits tomonitor our security policies andprocedures and revise them ifnecessary.

6.  With whom we share personal information, and why

Ifyouhave applied to us for funding, then your information has to besharedwith various government authorities and auditors for the purposeofavoiding any financial irregularity. If we hold your information foranyother reason, then almost all our sharing of your information willbe atyour specific request. So most of the time, information is sharedon acase-by-case basis. If we do enter into any "block" sharing ofyourinformation with other organisations in the business supportnetwork, itwill be strictly for the purposes specified above in who weare and whatwe do and done only with your consent, or as permitted bylaw. From 1January 2005, we may be required to disclose informationabout yourbusiness in response to an access request under the FreedomofInformation Act 2000, unless an exemption applies.

7.  How we handle transfers of personal information to countries outside Europe

7.1Data protection laws globally - Although we have laws within Europethatprotect personal information, most other countries outside Europedonot. By ‘Europe’ we mean the European Economic Area, which comprisestheEU member states, Norway, Iceland and Liechtenstein. Europeandataprotection legislation prohibits the transfer of personalinformationto any country outside Europe, unless that country providesadequateprotection.

7.2  Why we need to transfer personalinformation- We need to transfer personal information for two mainreasons. First,because part of our work is to help inward investorsfind businesspartners within the Region, so we may need to give contactdetails ofindividuals in the UK to an overseas business. Secondly, weuse anetwork of overseas offices to support our inwardinvestmentactivities, to attract new investment to the North East ofEngland andto raise the region's profile on a global basis. Thoseoffices arebased in Europe, Asia and the United States, and you canfind furtherdetails of where they are on our website. One NorthEastand/or otherRegional Development Agencies ("RDAs") operate the overseasoffices. Wemay need to pass contact details of individuals in the UK tothoseoffices so that they can provide assistance.

7.3  Howwetransfer personal information overseas - Data protectionlegislationallows us to transfer your personal information outsideEurope if yougive us your unambiguous consent. By ‘consent’ we mean afreely given,specific and informed indication of your wishes. So wewill ask youspecifically whether you would like us to pass on yourdetails to aninward investor, or to one of our overseas offices, whenwe collectyour information, and before we hand over your details wherereasonablypracticable.

8.  Your rights under data protection legislation

You have various rights. You are most likely to want to exercise the following ones.

Yourrightto see a copy of the information we hold about you, on payment ofastatutory fee which is currently £10. Before we agree to this, youmustprovide with sufficient evidence of your identity and sufficientdetailsof the information you wish to see to enable us to locate it. If youwould like to see a copy of the information we hold about you,pleasedownload, print and complete our Subject Access Request Form.

Yourrightto be removed from our mailing lists. Instructions on how tostopfurther mailings will usually be contained in any directmarketingmaterial we send you. Otherwise please contact our DataProtectionOfficer.
Your right to correct any errors in informationwe holdabout you, and to change or correct any details you have alreadygivenus. Please inform us about changes to your details so that we cankeepour records accurate and up to date.

For further information, please contact our Data Protection Officer.

9.  How to make a complaint

Anycomplaintsabout our handling of personal information should beaddressed to Headof Legal Services, at the address on the homepage. Ifyour complaintrelates to the handling of your personal information byan organisationwith which we share information, then please let usknow that. We aim torespond to your complaint within 20 days ofreceiving it. You have aright of appeal in relation to any decision wemake, which we will tellyou about when we respond to your complaint.We will always review ourpolicy and procedure in line with anyjustified complaints.

10.  How to find out more

10.1 Data Protection Officer - If you want to know more aboutwhatinformation we have about you, or the way we use your information,youcan contact our Data Protection Officer.

10.2  DataProtectionRegister - When we ask you for information, we will complywith thelaw, including the Data Protection Act 1998. We are a datacontrollerfor the purposes of that Act. Our entry in the register ofdatacontrollers is Z8473392. In brief, our register entry describes:

  • the personal information processed by us or on our behalf and the category or categories of individuals to which they relate
  • the purpose or purposes for which personal information is processed
  • the recipients to whom we intend to disclose personal information, and
  • any countries or territories outside the European Economic Area to which we transfer personal information.


10.3Information Commissioner - For independent advice about freedomofinformation, data protection, privacy and data-sharing issues, youcancontact the Information Commissioner at:

Wycliffe House,
Water Lane,
Wilmslow,
Cheshire,
SK9 5AF,

Tel: 01625 545745
Fax: 01625 524510

e-mail: mail@ico.gsi.gov.uk
Website: http://www.informationcommissioner.gov.uk