What and why
We collect and use the following information to provide, improve, and protect our Services:
User information. You provide us with information when you apply to our programmes, use our software tools or agree to support our activities in some capacity (such as reviewing or mentoring). This information is usually limited to your name, email address, and other contact details.
Business information. If you are applying to one of our programmes or are a participant in one of our programmes you may also provide details of your business project and bank details.
Usage information. We collect information related to how you use the Services through standard analytics tools such as Google Analytics. We use this information to improve our Services, develop new services and features. These reports contain aggregated usage information that we don’t routinely match to User information, although it may be possible that a single visit from a single geo location might be identifiable by reference to IP Address matching with (for example) form submission we don’t seek to collect or use such individual information.
Device information. We also collect aggregate information from and about the devices you use to access the Services. This includes things like IP addresses, the type of browser and device you use, the web page you visited before coming to our sites, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Services. We use this aggregate information to protect against fraud, improve our Services and develop new services and features.
Cookies and other technologies. We use technologies like cookies and pixel tags to provide, improve, protect, and promote our Services. For example, cookies help us with things like remembering your identity for your next visit to an online form, understanding how you are interacting with our Services, and improving them based on that information. You can set your browser to not accept cookies, but this may limit your ability to use the Services.
Disseminating news and information. If you use our Services, we will, from time to time, send you news and other programme information. Users who receive such news and information can opt out at any time. If you do not want to receive such communications from us, simply click the ‘unsubscribe’ link in any email.
We sometimes contact people in advance of their first contact with us. This could be via an introduction from a third party or following a face to face meeting at a networking event. If you receive such an email and no longer wish to be contacted by UKGTF, you can unsubscribe by replying to the UKGTF sender and requesting no further contact.
Lawful basis for processing your data. We ask for your consent in advance of processing your User, Business and Team information in order to form a lawful basis for data processing. We collect and use the personal data described above in order to provide you with the Services in a reliable and secure manner. We also collect and use personal data for our legitimate business needs and to comply with requirements from our public funder.
We may share information as discussed below, but we won’t sell it to advertisers or other third parties.
Other users. To deliver our Services we sometimes share the data we collect with reviewers, advisory board members and mentors who are under contract to us or event co-promoters (e.g. DC Thomson are our co-promoters for the UK Games Fund Awards) and Tranzfuser Local Hubs. Their contract requires them to keep all information confidential and observe good housekeeping practice in their data housekeeping and cyber-security.
Other disclosure. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to: (a) comply with any applicable law, regulation, legal process, or appropriate government request; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of our Services or our users; (d) protect UKGTF’s rights, property, safety, or interest; or (e) perform a task carried out in the public interest. In any and all such events, we’ll be inspecting the Privacy Policies of the third party concerned to satisfy ourselves regarding their data use.
Security. We employ reasonable cyber-security practices to protect information we collect in the context of being a non-profit SME. In some cases we rely on third party services such as cloud service providers and although we are diligent in our procurement of such services we do not represent ourselves as sector experts in cyber-security procurement and as such place some reliance on their assurances and reputation. Please contact us if you have any concerns about the trusted third parties we have listed above in the context of us using their services in conjunction with your information, though rest assured that the responsibility for use of your data remains with us. Where you’ve provided bank details we’ll only use that information for trade credit references and making payments of grant to you.
Retention. We’ll retain information you provide us with for ten years or as long as we are required to do so by our public funders or to comply with our legal obligations, resolve disputes or enforce agreements. After an application round is completed or after a project we have funded you for is completed we’ll anonymise your Business information on request.
Location of data storage. To provide you with the Services, we may store, process, and transmit information in Europe and the United States. Like many users of cloud services this means that we rely on the suppliers’ privacy policies and their compliance with EU-US Privacy Shield compliance. If this approach provides you with any concerns, please let us know. We use our best endeavours to follow good housekeeping and accepted practice in this regard.
If we are involved in a reorganisation, merger, acquisition, or sale of our assets, your information may be transferred as part of that activity. In our case, all such matters are subject to the oversight of the Registrar of Community Interest Companies. We will notify you (for example, via a message to the email address associated with you) of any such activity and outline your choices in that event.
Your right to control and access your information
You have control over your personal information and how it is collected, used, and shared. For example, you have a right to ask us for a copy of data you provided to us.
For more information on your right to control and access your personal information, contact us as below.
Contact our Data Protection Officer at firstname.lastname@example.org. If we can’t answer your question to your satisfaction, you have the right to contact the Information Commissioner’s Office www.ico.org.uk.