This notice sets out how we will use your personal data, and your rights. It is made under Articles 13 and/or 14 of the General Data Protection Regulation (GDPR).
The Group of Seven (G7) is a multilateral organisation whose membership comprises some of the largest advanced economies in the world: Canada, France, Germany, Italy, Japan, the United Kingdom and the United States. The Presidency rotates on a yearly basis amongst the G7 members, and the UK will hold the Presidency in 2021.
The Presidency spans the entire year with multiple Ministerial and Senior Officials meetings, as well as a host of working groups taking place. The centrepiece will be a Leaders’ Summit, hosted by the Prime Minister and attended by member states, in summer 2021.
The purposes for which we are processing your personal data are:
- to organise, hold and promote the G7 Presidency and various events including the Leaders’ Summit.
- to operate our accreditation portal. This will be used across all of the Presidency events to accredit delegations, members of the media, external stakeholders and HMG staff. For physical in person events pass production will take place and access passes issued to accredited individuals.
- to operate our Virtual Events Platform. This enables G7 working groups, engagement groups and ministers’ meetings to take place virtually.
- to monitor media coverage, contact interested journalists, and to record media inquiries and our responses to them. We will track and capture media coverage of the G7 that will inform our strategic communications handling, and to support logistical operations by recording journalistic interest, with a view to assembling a list of media we wish to invite to the G7 Leaders’ Summit.
- to share data with law enforcement agencies where necessary in relation to the security of the events.
- to deal with any legal claims arising out of the event.
We will process the following personal data:
For the accreditation portal: prefix , full name, gender, full address, date of birth, mobile telephone number, personal email address, work email address, mobile number, company name, company address, fax number, twitter and other social media handles, educational history, employment history, photo, job title, passport number, passport expiry date, nationality, country of birth, city of birth, date of birth, educational history, employment history, and a declaration about
any criminal convictions. The site will also collect IP addresses and web analytics data.
For the virtual events portal: name, email addresses, employer, job title. The site will also collect IP addresses and web analytics data.
For catering purposes: dietary requirements to ensure there are no issues for those with certain food allergies or cultural/dietary requirements.
For making reasonable adjustments for those with disabilities: details of the disability and adjustments required.
Media database: name, employer, contact details, number of social media followers, publicly available social media content, contact preferences, preferred subject matters, articles published about influences, target groups.
Any data we hold may be provided to law enforcement agencies where relevant to the security of the events.
Legal basis of processing
The legal basis for processing your web analytics and criminal convictions personal data is because you consent to us doing so.
The legal basis for processing all other data is that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. In this case that is holding the G7 Presidency.
Sensitive personal data is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s
sex life or sexual orientation.
The legal basis for processing your sensitive personal data about dietary requirements and reasonable adjustments/disabilities is that processing is necessary for reasons of substantial public interest for the exercise of a function of the Crown, a Minister of the Crown, or a government department (paragraph 6, schedule 1, DPA 2018).
The legal basis for processing your criminal convictions sensitive personal data is because you consent to us doing so (paragraph 29, schedule 1, DPA 2018).
Your personal data will be shared by us with our IT suppliers who provide the accreditation portal, virtual events portal, our website, and web hosting.
As your personal data will be stored on our IT infrastructure it will also be shared with our data processors who provide email, and document management and storage services.
Your data may be shared with venue providers for holding events and allowing visitors access, making reasonable adjustments, and catering.
Your data may be shared with law enforcement agencies where necessary for security purposes, or with a court or legal advisors where necessary to deal with legal claims.
Your personal data will be kept by us until all the events have taken place and then destroyed by December 2021.
You have the right to request information about how your personal data are processed, and to request a copy of that personal data.
You have the right to request that any inaccuracies in your personal data are rectified without delay.
You have the right to request that any incomplete personal data are completed, including by means of a supplementary statement.
You have the right to request that your personal data are erased if there is no longer a justification for them to be processed.
You have the right in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted.
You have the right to object to the processing of your personal data.
For criminal convictions data and web analytics data:
You have the right to withdraw consent to the processing of your personal data at any time.
As your personal data is stored on our IT infrastructure, and shared with our data processors, it may be transferred and stored securely outside the UK. Where that is the case it will be subject to equivalent legal protection through an adequacy decision or the use of Model Contract Clauses.
If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9
5AF, or 0303 123 1113, or email@example.com. Any complaint to the
Information Commissioner is without prejudice to your right to seek redress through the courts.
The data controller for your personal data is the Cabinet Office. The contact details for the data controller are: Cabinet Office, 70 Whitehall, London, SW1A 2AS, or 0207 276 1234, or firstname.lastname@example.org.
The contact details for the data controller’s Data Protection Officer are: Stephen Jones, Data Protection Officer, Cabinet Office, 70 Whitehall, London, SW1A 2AS, or email@example.com.
The Data Protection Officer provides independent advice and monitoring of Cabinet Office’s use of personal information.