Trade Development Services privacy notice

This notice explains what personal data (information) we hold about you, how we collect, how we use and may share information about you.  We are required to give you this information under data protection law.

Who we are

We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws. Our Data Protection Officer is Benjamin Watts.

The Trade Development Team within our Economic Development Division provides a range of information and services which aim to help Kent businesses to access opportunities in overseas markets. We work closely with external partner organisations locally, nationally and internationally to implement these activities. In order to carry out this work, we need to communicate with Kent businesses about the projects, programmes, events and activities that we and our partners deliver which help companies to export.

For information, in addition to ‘personal data’ covered by the General Data Protection Regulation and explained below, we may also collect commercial information about the businesses participating in our projects such as the annual turnover, number of employees, company description etc, to help with the implementation of our projects including capturing results and impacts.

Personal information we collect and use

Information collected by us

In the course of our activities designed to help Kent businesses with international trade KCC’s Economic Development team collects the following personal information when you provide it to us:

  • names, job roles, contact details (email, phone and postal address) of representatives of Kent businesses

Within our statutory obligation to ensure that our services are delivered in line with equalities and diversity legislation, you may also choose to provide information about the nine protected characteristics (age, disability, gender reassignment, marriage and civil partnerships, pregnancy and maternity, race, religion and belief, sex, sexual orientation) but any such information is immediately anonymised and is not attributable to any individual.

In addition to the above, if you attend an overseas business event with us, we would also request the following which we would store for use during future overseas events unless you ask us to delete it on completion of the trip:

  • emergency contact details, a mobile phone number
  • ‘Advance Passenger Information’ (API) required for travelling abroad such as passport numbers and expiry date, nationality, car registration numbers and date of birth where applicable.

We may also need to request special category sensitive information as follows to ensure your wellbeing during the trip:

  • special dietary requirements
  • details of any health issues that could affect you during a visit

How we use your personal information

We use your personal information to:

  • contact you about events and business support activities which may be of interest
  • enable you to benefit from business support programmes and project activities (such as trade show visits, networking events or workshops)
  • keep records about companies which have participated in business support programmes to satisfy the requirements of external funding bodies

Any special category sensitive information that we collect about you is used to ensure your wellbeing during overseas and UK events. We may need to share this information electronically with selected partner organisations or external suppliers (such as caterers or airlines) within the European Union to make sure that any special requirements you have are taken into account.

How long your personal data will be kept

We will hold your personal information:

  • until the end of December 2026 for activities funded by our European projects (ISE and Boost4Health) as this is the required retention period for documentation evidencing the implementation of these business support projects as set out in the grant offer letters in place between the managing authority of these programmes and ourselves
  • until you or your company notifies us that you wish us to delete your personal data

Reasons we can collect and use your personal information

We rely on you providing consent as the lawful basis on which we collect and use your personal data. You may withdraw your consent at any time. If you do withdraw your consent no further personal information will be collected and the existing personal information shall only be retained in accordance with our data protection policy. If you do withdraw your consent you will no longer be able to be kept informed about business support programmes and activities which may benefit your company.

We rely on you providing explicit consent as the lawful basis on which we collect and use your special category personal data. You may from time to time provide us with information about your physical health, for example you may wish us to know about a health issue or disability you may have for the purpose of allowing us, our managers or our partner organisations to make adjustments to ensure your wellbeing during an overseas trip or UK event. If you provide us with this information we will only process it (including sharing the information with our partners) to the extent that it is necessary for that purpose.

Who we share your personal information with

We may share your data with other business support providers involved in a particular business support programme, activity or event in which you participate with your consent. This would include the following types of data:

  • name, contact details and role within your company
  • your health or special dietary requirements, to the extent it is necessary, with our officers or partner organisations who are responsible for the overseas trips/ events in which you participate.

For details of our business support partners please contact international.affairs@kent.gov.uk. This data sharing enables us to identify overseas contacts for your business through our networks and partnerships.

We will share personal information with law enforcement or other authorities if required by applicable law.

Your rights

Under GDPR you have rights which you can exercise free of charge which allow you to:

  • withdraw your consent at any time
  • know what we are doing with your information and why we are doing it
  • ask to see what information we hold about you (subject access request)
  • ask us to correct any mistakes in the information we hold about you
  • object to direct marketing
  • make a complaint to the Information Commissioner’s Office

Depending on our reason for using your information you may also be entitled to:

  • ask us to delete information we hold about you
  • have your information transferred electronically to yourself or to another organisation
  • object to decisions being made that significantly affect you
  • object to how we are using your information
  • stop us using your information in certain ways

We will always seek to comply with your request however we may be required to hold or use your information to comply with legal duties. Please note that your request may delay or prevent us delivering Inside Track to you.

For further information about your rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under GDPR.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Contact

Please contact the Information Resilience and Transparency Team at data.protection@kent.gov.uk to exercise any of your rights, or if you have a complaint about why your information has been collected, how it has been used or how long we have kept it for.

You can contact our Data Protection Officer, Benjamin Watts, at dpo@kent.gov.uk, or write to: Data Protection Officer, Sessions House, Maidstone, Kent ME14 1XQ.

GDPR also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted on 03031 231113.

Read our corporate privacy statement.