This Privacy Notice sets out how Partnership for Observation of the Global Ocean (POGO) uses and protects any information that you give to us when you use any of our websites and during the course of business with us, and is effective from 25 May 2018, when the new General Data Protection Regulation (GDPR) comes into force. Any information you provide, or which we request in order to fulfil legal requirements, will only be used in accordance with this Privacy Notice.
POGO may change this Privacy Notice from time to time by updating this page; any updates to this page take effect immediately. You should therefore check this page periodically for any updates.
Who we are
Partnership for Observation of the Global Ocean is a charitable incorporated organisation registered and regulated by the Charity Commission of England and Wales, No 1171692
Throughout this privacy notice, “we” and “us” means POGO and its brands.
Throughout this notice, “our websites” or “our sites” refer to any websites maintained and updated by the POGO Secretariat. These include, but are not limited to:
Automatic collection of information
Certain information is collected automatically. This includes but may not be limited to:
- the Internet domain or IP address from which you access our websites
- the type of browser and operating system used to access our sites
- the date and time you access our sites
- the pages you visit
This information is used to ensure that content on our site is presented in the most effective manner for you.
Lawful Reasons for Processing
When we collect your personal data. we will make it clear to you which data is necessary in connection with a particular service.
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
In specific situations, we can collect and process your data with your consent, e.g. when you subscribe to our newsletter or make an enquiry.
In certain circumstances we need your personal data to comply with our contractual obligations, e.g. if you are a project partner, grant recipient, member or supplier, we need this data to make payments to you.
If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity to law enforcement.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, where you have provided us with your business card, we may use your address details to send you information on our activities.
Collection of Personal Data
We may collect data in the following circumstances, when you:
- Visit any of our websites
- Receive a travel grant or other type of funding from us
- Attend a meeting with us, or register for or attend an event we organise
- Engage with us during the course of business – in person, by mail, by e-mail, by telephone, and by providing us with your business card
- Engage with us on social media
- Contact us by any means with queries, feedback, requests for information, complaints, etc.
- Fill in forms or applications, e.g. through our websites
- Complete any surveys we send you
- Download data and information from our websites
- Give any third party permission to share personal data they hold about you with us
We may also collect data from publicly available sources, where the information is made public as a matter of law, or when you have given your consent to share information. For example, before we enter into a contract or partnership with you we may need to carry out appropriate due diligence checks.
Examples of Personal Data we collect
We may collect both identifiable and anonymous information, depending on our relationship with you.
- If you subscribe to our newsletter we will collect your name and e-mail address.
- If you fill out and submit an enquiry/feedback form on our websites, we will collect your name, e-mail address and message to respond to your query.
- If you interact with us via social media we will use your contact details to help us respond to your comments, questions or feedback.
- If we are involved in a project, or pre-project discussions, we may collect notes from our conversations and any correspondence between us.
- If we are arranging travel for you as a grant recipient, we may require details such as your full name, address, date of birth, your passport details, driving licence details, etc., which may be passed to third parties, e.g. travel agents, for processing purposes.
- As a candidate for a vacancy (employment or studentship) we will ask you to provide certain personal information. The information you supply is collected solely to allow us to process and respond to your application for a vacancy.
How and Why We Use Your Personal Data
We may use your personal data for the following purposes:
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us
- To respond to your enquiry to us or contact with us. We may also retain a record of your enquiry and our response to inform any future communication with you/us. We may do this on the basis of contractual obligations to you, our legal obligations, or our legitimate interests in providing you with the best service, and understanding how we can improve our service.
- To protect both you and our business from fraud and other illegal activities. This may include using your personal data to maintain, update and safeguard the information we hold about you. We will also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites. We will do all of this as part of our legitimate interest.
- To comply with our contractual or legal obligations to share data with law enforcement.
- To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice, or legally required information.
How we protect your personal data
We are committed to ensuring that your personal data is secure. To prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal data we collect.
How long will we keep your personal data?
Whenever we collect or process your personal data, we will only keep it for as long as is necessary for the purpose for which it was collected unless we need to keep it longer to comply with our legal obligations.
At the end of that period your data will either be deleted completely or anonymised e.g. by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
With whom do we share your personal data?
We may share your personal data with any member of our group, which means our subsidiaries, as defined in section 1159 of, and Schedule 6 to, the Companies Act 2006(3) with the substitution, in relation to CIOs, of references to charity trustees for references to directors.
The information you supply is collected solely to allow us to respond your enquiry, or request, or to conduct our business. We will not sell, license or trade your personal information to any third party. We would only share your personal information where required by law or to respond to a legal process, or where necessary in order to undertake our business, e.g. selected third parties who we use to provide services, such as travel agents, banks, couriers, etc.
In all cases, we ensure that third party companies only receive the minimum information necessary, and ensure that:
- Your data is only used for the exact purposes specified in our contract with them.
- Your privacy is always maintained.
- Your personal data is kept securely.
- Any data held by them will either be deleted or rendered anonymous when we stop using their services.
- Your data is always processed legally under the terms of the GDPR.
Where your personal data may be processed
Sometimes we will need to share your personal data with third parties and suppliers outside the European Economic Area (EEA).
If you are based outside the UK, where necessary, we will transfer the personal data that we collect from you to the UK.
The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. We may transfer personal data that we collect from you to third-party data processors in countries that are outside the EEA. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times. If you wish for more information about these contracts please contact us.
Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.
What are your rights over your personal data?
You have the right to request:
- Access to the personal data we hold about you.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent based processing of your personal data after you withdraw that consent.
- Review of any decision made based solely on automatic processing of your data (i.e. where no human has yet reviewed the outcome and criteria for the decision).
You have the right to request a copy of any information about you that we hold at any time and also to have that information corrected if it is inaccurate. To ask for a copy of your information or to ask for your information to be updated, please write to us, or contact us by email at firstname.lastname@example.org
. If we choose not to action your request we will explain to you the reasons for our refusal.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
How can you stop us contacting you?
- Click the “unsubscribe” link in any e-mail communication that we send you.
- Reply to any direct email and request that you are not contacted.
- Email us at email@example.com
- Write to us at: POGO Secretariat, Plymouth Marine Laboratory, Prospect Place, The Hoe, Plymouth, PL1 3DH, UK
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated. You may also still receive communication from us if we are required to contact you for contractual or legal purposes.
If you wish to complain about how POGO has handled your personal data then in the first instance you can make a complaint to the Executive Director via firstname.lastname@example.org
. If we are unable to satisfy your concerns, then under the General Data Protection Regulation you have a right to complain to the Information Commissioner’s Office at:
Information Governance Department
Information Commissioner’s Office
Links to other sites
We may from time to time establish relationships with other companies that will enable you to access the websites of such companies directly from our site. Each individual company operates its own policy regarding the use of personal data. If you have a particular interest or concern regarding the way your data will be used then you are advised to read the Privacy Notice on the relevant site.
We will try to provide you with links to high quality, reputable sites which we believe will be of interest and relevant to you, but please note that such third party sites are not under our control and we do not contribute to the content of such websites. When you click through to these sites you leave the area controlled by us. We cannot accept responsibility for any issues arising in connection with either the third party’s use of your data, the site content or the services offered to you by these sites.