YTKO Group is committed to ensuring that your privacy is protected and our company is registered on the Data Protection Public Register of the Information Commissioner’s Office (ICO). Should we ask you to provide certain information by which you can be identified when using this website or via our support services contractual terms, then you can be assured that it will only be used in accordance with this privacy statement.
YTKO Group may change this policy from time to time by updating this page. This policy is effective from May 2018.
What we collect
We may collect some or all of the following information, depending on which of our services you use:
- name, company name and job title
- contact information including email address and telephone number
- demographic information such as postcode, city and areas of interest
- personal information such as education, disability, ethnicity, skills, experience
- other information relevant to customer surveys and/or offers.
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping for candidate assessment, recruitment, staff HR and payroll
- Business Support Project reporting and supply of selected data to the Ministry of Housing, Communities and Local Government (MHCLG) (who manage European funds on behalf of the UK, see “ERDF funded projects” below) and our Contract Lead Accountable Partner (if applicable).
- If you have consented for us to do so, we may periodically send you an e-newsletter from the designated project/service or YTKO Group with new or complementary YTKO Group products, special offers or other information which we think you may find interesting using the email address which you have provided. We can remove this email address at any time on request.
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
- We use a number of carefully chosen companies who could also have a copy of some of your data:
- Backblaze (for backups)
- Basecamp (for project management)
- DigitalOcean (for backups)
- Eventbrite (for event registration)
- Formsite (for online forms)
- Google (for email & documents)
- Instiller (for email newsletters)
- MailChimp (for email)
- MythicBeasts (for data hosting)
- Tractivity (for client recording)
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online or via our paper forms. We also regularly train and update our staff around the required provisions of GDPR regulation. The US companies we use are all covered by Privacy Shield.
We are obliged to retain your personal data for the duration of all of our EU/government funded business support service contracts and for longer for auditing and compliance purposes.
Using our websites
Our websites collect the following (non-identifying) information (via Google Analytics):
- the internet domain and IP addresses from which you access the website
- the type of browser (for example Internet Explorer or Firefox)
- the operating system you use (for example, Windows, Macintosh)
- the date and time of your visit
- the pages you access
which will also set some cookies:
If there is a YouTube video embedded on any of the pages, that too will set cookies:
The Information Commissioner’s Office has information about disabling cookies and/or opting-out of Google Analytics.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
ERDF funded projects
The EU Common Provisions Regulations (CPR), in particular Articles 27.4, 54, 56 of the CPR, and Article 6 of the European Regional Development Fund (ERDF) regulation require the Ministry for Communities and Local Government (MHCLG), as the managing authority for the ERDF programme, to monitor and evaluate all ERDF-funded activities. In order to conduct monitoring and evaluation individual participant data is required.
For the purposes of the Data Protection Act 1998, MHCLG is the data controller in respect of information processed which relates to your participation in the project funded by the European Regional Development Fund. We are the lead contractor for some of our business support projects, and therefore the data processor; whilst in others we are a delivery partner and another organisation is the lead contractor and data processor. Each of our projects lists this information on their website.
Depending on the nature of activities of the ERDF-funded project and the indicators listed under each activity, the following information for each beneficiary or indirect beneficiary where these are individuals may be required to be supplied:
Name of contact point within a business (in some cases property owner) engaged with or individual engaged with:
- Phone number
- Email address
- Labour market status prior to receiving support and 6 months after receiving support
- Duration of support
- Intensity of support
Your details will be stored securely and retained in compliance with the Data Protection Act 1998 and GDPR requirements. The information will also be used to evaluate this project and to report to MHCLG and the European Regional Development Fund for monitoring and evaluation purposes.
Your details will be used to support the ERDF programme research and evaluation activities. MHCLG will need to share all or some of your data with the national evaluator of the ERDF programme. In some cases, the national evaluator, i.e. independent external contractors commissioned by MHCLG, may use the contact details to contact a sample of direct for the purpose of the National Evaluation of the programme. It is likely that the survey methodology will need to incorporate a variety of approaches in order to maximise the survey response rate (for example, telephone survey, written survey, and e-mail survey) ‐ hence the need for a variety of contact details required for each participant. MHCLG may also need to share with other government departments and the European Commission where this is necessary to test the robustness of the data gathered or to inform the National Evaluation.
MHCLG will not give any personal data to any other organisation unless needed for the purpose of the evaluation and will instruct them not to use it to contact individuals for any reasons not connected with the purpose of the National Evaluation of the ERDF programme 2014-2020 or other matters directly relating to the evaluation. If MHCLG has to pass on the data, it will only provide what is needed, and if possible will remove the details that might identify individuals personally.
MHCLG will not keep your personal data for longer than it needs but as a minimum, will retain data for two years after the closure of the 2014-2020 ERDF programme.
The data collected is your personal data, and you have the right, subject to lawful data requirements:
- to see what data we have about you;
- to ask us to stop using your data;
- to ask us to delete or correct your data;
- to lodge a complaint with the independent Information Commissioner (ICO) if you think we are not handling your data fairly or in accordance with the law. You can contact the ICO, or telephone 0303 123 1113.
For any information on the above, you can contact MHCLG’s Data Protection Officer at MHCLGkia@icasework.fcos.gsi.gov.uk or by telephone 030 3444 0000.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- Whenever you are asked to fill in a paper or electronic form, please check the provisions of the consent wording to ensure that you are happy with how your personal information will be used.
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by emailing us at email@example.com or directly to any of the designated project teams.
- Alternatively, please write to us at YTKO Ltd, WeWork Aldgate Tower, 2 Leman Street, London E1 8FA
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you give us consent that you are happy for this to happen.
You may request details of personal information which we hold about you (a GDPR “Subject Access Request”) or ask us to delete it (a GDPR “Request for erasure”). If either case, please contact one of the designated project teams or email firstname.lastname@example.org
If you believe that your information we are holding is incorrect or incomplete, let us know (a GDPR “Request for rectification”) at the above addresses or to any of the designated project teams. We will promptly correct any information found to be incorrect.