Most of the personal information we process is provided to us directly by you for one of the following reasons:
- You have made a complaint or enquiry to us.
- You have made an information request to us.
- You wish to attend, or have attended, an event.
- You subscribe to our e-newsletter.
- You have applied for a job or secondment with us.
- You are representing your organisation.
We also receive personal information indirectly, in the following scenarios:
- We have contacted an organisation about a complaint you have made and it gives us your personal information in its response.
- Your personal information is contained in reports of breaches of data protection law (‘breach reports’) given to us by organisations.
- A complainant refers to you in their complaint correspondence.
- Whistleblowers include information about you in their reporting to us.
- We have seized personal information as part of an investigation.
- From other regulators or law enforcement bodies.
- An employee of ours gives your contact details as an emergency contact or a referee.
If it is not disproportionate or prejudical, we’ll contact you to let you know we are processing your personal information.