Privacy and cookies
This information charter sets out the standards you can expect from the Department for Digital, Culture, Media and Sport when we collect, hold or use your personal information.
Personal data charter and privacy notice
The data controller
The Department for Digital, Culture, Media & Sport (DCMS) is the "data controller". This means that we are responsible for any of your personal data that we collect or use. We will ensure that we will treat all personal information in accordance with data protection legislation, including the General Data Protection Regulation and Data Protection Act 2018.
When the DCMS or its agencies collects, holds, uses or processes in any way your personal data, you are entitled to be told:
- the purpose for which the data is being used, and our lawful basis for processing it
- how long we will keep your data, who we will share it with
- whether it will be transferred or accessed outside the UK or EU, and what legal safeguards are in place to protect it
- about any rights you may have, including the right to access your information, or to object to its being used
- about your right to complain to the Information Commissioner if you feel that your personal information has been mishandled
- about the identity of our Data Protection Officer (an independent advisor on data protection matters)
Why we collect the data
When we ask for your personal data, we promise only to ask for what we need, and to make sure you know why we need it. If it includes contact details, we will also tell you anything else that we may use it to contact you about and whether you can say no. If you do say yes to us contacting you about other things, you can withdraw your consent at any time.
Why we are legally allowed to process your data
The reasons that we can use to collect or use your personal data are set out in law. Most of the time, this will be because it is necessary for us in our work as a public body (Article 6(1)(e) of the General Data Protection Regulation, the law which applies to personal data).
When we collect or use your personal data under any other lawful basis we will let you know which part of the law we are using.
Sharing your data
We will let you know if we are going to share your personal data with other organisations – and whether you can say no. You can ask us for details of agreements we have with other organisations for sharing your information.
If you write to us on a subject that is not our policy area, and the response needs to come from another government department, we will transfer your correspondence, including the personal data, to that department.
You can also ask us for details of any circumstances in which we can pass on your personal data without telling you. This might be, for example, to prevent and detect crime or to produce anonymised statistics.
We won't make your personal data available for commercial use without your specific permission.
Keeping your data
We will only keep your personal data as long as we continue to have a lawful basis to do so. This will usually mean that it is still necessary for our work as a public body. This will be decided by our ongoing business need and any laws or government policies that affect how long we keep it. We have a "retention schedule" that sets out how long we will keep different types of information for.
The data we are collecting is your personal data, and you have rights that affect what happens to it. You have the right to:
(a) know that we are using your personal data
(b) see what data we have about you
(c) ask to have your data corrected, and to ask how we check the information we hold is accurate
(d) ask to have your data deleted
(e) complain to the Information Commissioner's Office (see below)
In some circumstances you may also have the right to withdraw your consent to us having or using your data, to have all data about you deleted, or to object to particularly types of use of your data. We will tell you when these rights apply.
You can also make a complaint to the Information Commissioner, who is an independent regulator:
Sending data overseas
We will not usually send your data overseas. If we need to do so, we will let you know.
Automated decision making
We will not normally use your data for any automated decision making. If we need to do so, we will let you know.
Storage, security and data management
Your personal data will be stored securely and will be protected to make sure nobody has access to it who shouldn't.
You can ask us for details of our instructions to staff on how to collect, use and delete your personal data.
What we ask of you
So that we can keep your personal data reliable and up to date, please:
give us accurate information tell us as soon as possible if there are any changes, such as a new address
How to access your personal information
If you would like a copy of any personal information that we hold about you, please contact the relevant team or agency in the DCMS. We will require proof of ID.
If you do not know who holds your information, or you do not know who to ask, please contact the general contact address and provide as much information as possible about what information you think we hold.
Data Protection Officer
If you have any concerns about how the department is handling your personal data, you may contact the department's Data Protection Officer (DPO).
The DPO provides independent advice and monitoring of DCMS's use of personal information. They can be contacted at the following postal and email addresses:
Department for Digital, Culture, Media & Sport
100 Parliament Street
Site usage tracking
To make this site simpler, we sometimes place small data files on your computer. These are known as cookies. Most big websites do this too.
They improve things by:
- remembering settings, so you don't have to keep re-entering them whenever you visit a new page e.g. your details when commenting on posts
- remembering information you've given (eg your postcode) so you don't need to keep entering it
- measuring how you use the website so we can make sure it meets your needs
Our cookies aren't used to identify you personally. They're just here to make the site work better for you. Indeed, you can manage and/or delete these small files as you wish.
To learn more about cookies and how to manage them, visit AboutCookies.org
We use Google Analytics to collect information about how people use this site. We do this to make sure it's meeting its users' needs and to understand how we could do it better.
Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. We do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are. We do not allow Google to use or share our analytics data.
Analytics data is anonymised at the point of collection.
The following cookies are set by Google Analytics:
|__utma||randomly generated number||2 years|
|__utmb||randomly generated number||30 minutes|
|__utmc||randomly generated number||when you close your browser|
|__utmx||randomly generated number||2 years|
|__utmxx||randomly generated number||2 years|
|__utmz||randomly generated number and information on how the site was reached (e.g. direct or via a link, organic search or paid search)||6 months|
|_qavs_session||randomly generated string||when you close your browser|
|_ga||used to distinguish users||2 years|
|_gid||used to distinguish users||24 hours|
|_gat||used to throttle request rate||1 minute|
For further details on the cookies set by Google Analytics, please refer to the Google Analytics documentation.
ii) Log files
Log files allow us to record visitors' use of the site. These logs are automatically generated from all our visitors, which we use to make improvements to the layout of the site and to the information in it, based on the way that visitors move around it. Log files do not contain any personal information about you.