Enginuity – is a not-for-profit organisation responsible for engineering skills for the future of the UK’s most advanced sectors. Led by employers, our job is to transform the skills and productivity of the people who power our engineering and advanced manufacturing technologies sectors, enabling UK industry to compete on the global stage.
This policy covers who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data, how to contact us and the relevant channels in the event that something goes wrong.
When we ask you to supply us with personal data we will make it clear whether the personal data we are asking for must be supplied, for example, so that we can provide products and services to you, or whether the supply of any personal data we ask for is optional.
Who are we?
For the purposes of Applicable Laws (including the GDPR), Enginuity is the ‘controller’ of the personal data you provide to us or one of our associated companies.
Enginuity’s full details are:
Full name: Science, Engineering and Manufacturing Technologies Alliance trading as Enginuity Limited
Registered number: 2324869
Our email and postal address are below.
If you have any queries about this Policy, the way in which Enginuity processes personal data, or about exercising any of your rights, please contact us via email or write to us at Data Officer, Enginuity Head Office, Unit 2, The Orient Centre, Greycaine Road, Watford, Herts, WD24 7GP
What personal data do we collect?
Personal data means, in summary, any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).We may collect and process the following personal data:
Information you provide to us:
- complete a form on our Website;
• complete a survey;
• correspond with us by phone, e-mail, or in writing;
• report a problem;
• sign up to receive our communications;
• create an account with us;
• enter into a contract with us to receive products and/or services, we may collect identity and contact data, such as your name, personal/work e-mail address, postal address, telephone number and job role (including where relevant the name of your employer).
Information we collect about you
If you visit our Website, we may automatically collect the following information:
- technical information, including the internet protocol (IP) and other security address used to connect your computer to the Internet, login information (such as login, password and other security information), browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
• information about your visit to our Website such as the products and/or services you searched for and view, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Please also see the section below headed ‘Website Cookie Use’.
Information we receive from other sources
We may also receive information about you if you use any of the other websites we operate or the other services we provide.
If you are a tutor, apprentice, or learner, we may also receive information about you from your centre, training provider, or employer when they register to receive products and/or services form us.
Information about other people
If you provide information to us about any person other than yourself, such as your relatives, next of kin, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.
Sensitive personal data
In certain limited cases, we may ask for your consent to collect and process certain sensitive personal data from you (that is, information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, sexual orientation, or details of criminal offences, or genetic or biometric data). Provision of that information is optional, and we will ask for your separate explicit consent before we collect or processed that data.
How do we use your personal data?
Contract performance: we may use your personal data to fulfil a contract, or take steps linked to a contract:
- to provide the products and/or services to you;
• to communicate with you in relation to the provision of the contracted products and services;
• to provide you with administrative support such as account creation, security, and responding to issues; and
• provide you with industry information, surveys, information about our awards and events, offers and promotions, related to the products and/or services.
Legitimate interests: where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests are:
- providing you with newsletters, surveys, information about our awards and events, offers, and promotions, related to products and services offered by Enginuity which may be of interest to you;
• communicating with you in relation to any issues, complaints, or disputes;
• improving the quality of experience when you interact with our products and/or services, including testing the performance and customer experience of our Website;
• performing analytics on sales/marketing data, determining the effectiveness of promotional campaigns.
NOTE: you have the right to object to the processing of your personal data on the basis of legitimate interests as set out below, under the heading Your rights.
Consent: where you have given your express consent to process personal data for any given purpose specified in that consent. For example, you may give consent to receive marketing communications, in which case we may use your personal data to:
- send you newsletters, surveys, information about our awards and events, offers, and promotions, related to products and services offered by Enginuity which may be of interest to you;
• developing, improving, and delivering marketing and advertising for products and services offered by Enginuity.
Please note that any such consent given by you (including consent to receive marketing communications) can be withdrawn at any time.
Marketing Opt Out
Where you have consented to receive marketing communications from us (or a third party), you may change your preferences or unsubscribe from marketing communications at any time by clicking the unsubscribe link in an email from us (or the third party concerned) or by following other marketing preferences/opt outs displayed on our websites (or on the website of the relevant third party).
Where required by law: we may also process your personal data if required by law, including responding to requests by government or law enforcement authorities, or for the prevention of crime or fraud.
Who do we share your personal data with?
We may share your personal data with members of the Enginuity Group (including EAL).
We take all reasonable steps to ensure that our staff protect your personal data and are aware of their information security obligations. We limit access to your personal data to those who have a genuine business need to know it.
We may also share your personal data with trusted third parties including:
- legal and other professional advisers, consultants, and professional experts;
• service providers contracted to us in connection with provision of the products and services such as providers of IT services and customer relationship management services;
• Official bodies who we act on behalf of in relation to the services we provide; and
• analytics and search engine providers that assist us in the improvement and optimisation of our Website.
We will ensure there is a contract in place with the categories of recipients listed above which include obligations in relation to the confidentiality, security, and lawful processing of any personal data shared with them.
Some of the third parties with whom we may share your data (as referred to above) may be based outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. We are also registered under Privacy Shield on a voluntary basis.
Please get in touch if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We will share personal data with law enforcement or other authorities if required by applicable law.
How long will we keep your personal data?
Where there is a contract between us, we will retain your personal data for the duration of the contract, and for a period of 7 years following its termination or expiry, to ensure we are able to comply with any contractual, legal, audit and other regulatory requirements, or any orders from competent courts or authorities.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we can use this information indefinitely without further notice to you.
Subject to the above, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
How and where do we store your personal data and how is it protected?
We can store personal data in paper or electronic format. We take reasonable steps to protect your personal data from loss or destruction. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Where you have a username or password (or other identification information) which enables you to access certain services or parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Under the GDPR, you have various rights with respect to our use of your personal data. We have summarised theses rights below. To exercise any of these rights, please contact us using our email or postal address given below under the heading ‘Contact’.
Right to Access
You have the right to request a copy of the personal data that we hold about you and to check that we are processing it lawfully. Please include with your request information that will enable us to verify your identity. We will respond within 30 days of request. Please note that there are exceptions to this right. We may be unable to make all information available to you if, for example, making the information available to you would adversely affect the rights and freedoms of others.
Right to rectification
We aim to keep your personal data accurate and complete. You have the right to require us to rectify/complete any inaccurate or incomplete personal data we hold about you. We encourage you to contact us to let us know if any of your personal data is not accurate, is incomplete or changes, so that we can keep your personal data up-to-date.
Right to erasure
You have the right to request the deletion of your personal data where, for example, the personal data are no longer necessary for the purposes for which they were collected, where you withdraw your consent to processing, where there is no overriding legitimate interest for us to continue to process your personal data, or your personal data has been unlawfully processed or to comply with the law. Please note that these are exceptions to this right (e.g. compliance with law); if any such exception applies, we will inform you when you make your request to us.
Right to object
In certain circumstances, you have the right to object to the processing of your personal data where, for example, your personal data is being processed on the basis of legitimate interests (of us or a third party) or for the performance of a task in the public interest and there are no compelling overriding legitimate grounds for us to continue to process your personal data.
You also have a separate right to object to the processing of your personal data for direct marketing.
Right to restrict processing
In certain circumstances, you have the right to request that we restrict the further processing of your personal data. This right arises where, for example, you have contested the accuracy of the personal data we hold about you and we are verifying the information, you have objected to processing (see above, right to object) and we are considering whether there are any overriding legitimate interests, or the processing is unlawful and you elect that processing is restricted rather than deleted or we no longer need the personal data for the purposes of processing, but you require the data in connection with legal claims.
Right to data portability
In certain circumstances, you have the right to request that your personal data is provided to you, and/or to another data controller, in a structured, commonly used, machine-readable format. This right only arises where you have provided your personal data to us, the processing is based on consent or the performance of a contract, and processing is carried out by automated means. Please note that the GDPR sets out exceptions to the above rights. If we are unable to comply with your request due to an exception, we will explain this to you in our response.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
If you have any queries about this Policy, the way in which we process personal data, or about exercising any of your rights, please send an email or write to Data Officer, Enginuity Head Office, Unit 2, The Orient Centre, Greycaine Road, Watford, Herts, WD24 7GP
If you believe that your data protection rights may have been breached, you may lodge a complaint with the Information Commissioner’s Office or to seek a remedy through the courts.
Please visit https://ico.org.uk/concerns/ for more information on how to report a concern to the Information Commissioner’s Office.
Although, you do have the right to complain as above, we would appreciate the chance to deal with any concerns you may have before you approach the Information Commissioner’s Office; accordingly, we would ask that you contact us in the first instance to deal with any concerns.
Changes to our Policy
Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Policy. We will also provide you an archived version for reference.
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Terms of website use
These terms and conditions of website use apply to your use of this site. The site is operated by Enginuity.
- Personal information
- Accessing the sites
a. We may suspend, amend, or withdraw any service or content provided on or through the sites without notice.
b. We may restrict access to the sites (in whole or part) to users who have registered with us.
c. If you choose, or are provided with, a username, password or other piece of security information, you must treat such information as confidential. We may disable any username or password at any time if, in our reasonable opinion, you are in breach of these Terms.
- Intellectual Property Rights
a. We are the owner, or authorised licensee, of all intellectual property rights in the sites and the content within them. Such works are protected by copyright law and treaties throughout the world. All such rights are reserved.
b. Content available on the sites may be viewed, listened to, downloaded, and printed for your own personal, non-commercial, use only.
c. You may not use any content available on the sites for any other purpose, and in particular no commercial purpose, without first obtaining written consent from us to do so.
d. If you wish to enquire about using any content on the site, please contact [email protected]
– Enginuity is a currently applying for a registered trademark and may not be used, in any way, without first obtaining a written trademark licence from us. If you wish to enquire about using a trademark owned by us, please contact [email protected]
- Linking to the site
You may link to a site home page, provided you do not do so in a way that suggests any form of association, approval, or endorsement by us, or any Company within the Enginuity where none exists. The site may not be framed on any other website.
- Links from the site
Links from the site to third party websites are provided for reference only. We have no control over the contents or availability of those websites and accept no responsibility for them.
- Our Liability
- The content available on the site is provided for your general information purposes only and to inform you about us, our products and services, news, features, services and other websites that may be of interest. It does not constitute technical, financial or legal advice or any other type of advice and should not be relied on for any purposes.
b. To the extent permitted by law, we expressly exclude:
i. all conditions, warranties, and all other term which might otherwise be implied by statute, common law, or the law of equity;
ii. any liability for any direct, indirect, or consequential loss or damage incurred by any user in connection with the sites and/or in connection with the use, or inability to use, the site, including (without limitation) any liability for loss of: income or revenue; business; profit; contracts; anticipated savings; data; goodwill; management or office time; and for any other loss or damage of any kind, however arising and whether caused by tort (including negligence), breach of contract or otherwise, even if foreseeable.
This provision does not affect our liability for death or personal injury caused by our negligence, liability for misrepresentation or fraudulent misrepresentation; or any other liability which cannot be excluded or limited under applicable law.
a. You must not misuse the site by knowingly introducing computer viruses or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to the site, the server on which the Sites are stored, or any server, computer or database connected to the site.
b. We will not be liable for any loss or damage caused by any virus or other malicious or technologically harmful material that may infect your computer equipment due to your use of the site or to your downloading of any material posted on it, or on any website linked to it.
We may vary these Terms from time to time. Please ensure that you review these Terms regularly as you will be deemed to have accepted a variation if you continue to use the site after any variation has been posted.
- Contacting Us
If you have any concerns about content which appears on the site, please contact [email protected]
- Applicable Law
These Terms and any dispute or claim arising out of or in connection with them or their subject matter shall be governed by and construed in accordance with the law of England and Wales.
Website cookie use
This page tells you what you need to know about the cookies we use, mainly for our portals, why we use them, and what that means. All these cookies are important for our websites and portals to function properly and for us to supply the service you expect.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive. They may be used to help the site recognise your computer the next time you visit. Some cookies also help us monitor how well our site is performing and collect information about our visitors to help us to improve the services that we can offer to you and to improve your user experience within our site.
Cookies we use
We use a number of cookies, the most important of which are the forms authentication cookie (created when a user logs in) and the portal roles cookie, which stores what roles a user has access to in the current portal.
The forms authentication cookie are by default temporary (session) cookies and not persistent cookies, however users can make them persistent by checking the “remember me” checkbox on the login control. This can be removed via the UI or a setting in the browser you are using.
The portals role cookie is persistent, but it only exists for 1 minute – and its contents are encrypted as well as containing a porta lid to make sure that they only apply for that portal. We use the expiry here as we want to be sure to refresh the user’s portal roles to pick up any alterations that may have occurred e.g. if an admin has added the user to new roles.
Other cookies in our portals
As well as these two, if you are using one of our portals, you may also see one other cookie if you choose to install and use the users online module as it creates cookies to track when an anonymous user logs in so that it does not miscount active users. To avoid this cookie, log in as host and go to host->host settings and ensure “enable users online” is unchecked (this is the default).
A cookie is created called “language” to store the current language – in a monolingual install this is simply the browser default language, but if the site supports multiple languages then this may be different based on the language selected by clicking in the languages skin object.
A cookie with the name “.ASPXANONYMOUS” is also created by asp.net anonymous authentication. This can be disabled by setting enabled=false in the anonymousIdentification node in web.config.
If you are using the mobile redirection capabilities (added in 6.1.0 for PE/EE, and 6.1.5 for all editions), two optional cookies may be created. The cookies are called “disablemobileredirect” (which disables redirects when a mobile device is detected) and “disableredirectpresist” which stores a cookie with a lifetime of 20 minutes to indicate that redirects are not allowed.
The DNN Personalisation cookie is used to store personalisation data (such as tab expansion) for anonymous users. Authenticated user’s personalisation data is stored in their profile.
Can website users choose to block cookies?
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
If you have any questions or concerns, please contact us at [email protected]
We want to make sure that everybody can use the sites easily, so we try and build them with accessibility in mind. Broadly, we aim to comply with WCAG 2 (http://www.w3.org/WAI/WCAG20/glance/). We are working to ensure all older sites and content are made compliant with these accessibility standards and will build these in for any future web sites and portals we implement.
Examples of what we do are:
- The standard font used throughout the site is sans serif for easy legibility.
• Wherever possible, we use live text instead of graphics to reduce the download time of pages and let screen readers access the copy. And where possible, images, have an alternative text attribute associated to them.
• Some users might find the site easier to read by increasing the size at which text is displayed. To do this you can adjust your browser’s settings by going to the View menu, then select ‘text size’ or ‘text zoom’ or ‘zoom’ and increase the size of the text.
Problems accessing the site
If you have difficulty accessing the site or have any comments or feedback on how we can improve your online experience, please contact [email protected]