Privacy Notice
LRA (Labour Relations Agency) Privacy Policy
Part 1 - Website
Introduction
This Section of Privacy Policy covers the LRA website which can be accessed via, www.lra.org.uk (the "Website") and the Services provided through it. It describes how we collect, process, protect and use the information we receive from Website visitors and how we plan to use that information. The data controller for the Website is the Labour Relations Agency ("We", "Us", "Our", "Agency" or "LRA") whose head office is at The Labour Relations Agency, 2-16 Gordon Street, Belfast, BT1 2LG. The Agency is registered with the Information Commissioners Office as a Data Controller: Registration Number Z1971953.
From 25 May 2018 the EU General Data Protection Regulation (GDPR) replaces existing UK and EU data protection regulations. It is designed to harmonise data privacy laws across Europe, to protect and empower all citizens’ data privacy and to reshape the way organisations across the region approach data privacy. For more information you can refer to the Information Commissioner’s Office: ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
As someone who has engaged with the LRA, and about whom we hold any personal data, you are a Data Subject. The Labour Relations Agency is a Data Controller, because we determine how and why personal data is processed. We are also a Data Processor, in that we process personal data in order to administer a service.
The LRA is committed to upholding the principles of the GDPR when processing personal data. According to Article 5 of the GDPR, personal data shall be:
- processed lawfully, fairly and transparently
- collected for specified purposes, and not processed for other purposes
- “just the right amount” of data for the task at hand – not too much, but enough to do the task accurately
- accurate and up to date
- kept no longer than necessary
- processed securely
The Agency has security and confidentiality policies in place that all staff adhere to, as well as an internal Code of Conduct. We are regularly audited and subject to independent, external scrutiny in order to evidence adherence to the highest standards of data and information management. To this end we have achieved certified accreditation against the internationally recognised standard for Information Security Management, ISO 27001:2013, so demonstrating commitment to and ongoing compliance with accepted good practice in the handling of personal data.
Information we collect
We collect several kinds of information, depending on the part of the Website being visited. We also collect personal information from you when you register for an event (Seminars, Workshops and Briefings), provide feedback, complete the Contact Form, send email enquiries, download publications, submit online forms (Data Protection Act Subject Access Requests, Freedom of Information Requests and Customer Complaints) and participate in other parts of the Website.
We may ask you for personal information such as your name, email address, postal address, postcode, job title, daytime and/or mobile phone number, and information about your workplace and the nature of your business. You must also provide us with personal information when you create a user name and password required to book events though the website’s online booking portal. You may also voluntarily provide the Agency with personal information about any additional requirements you may have so that we can try to ensure our services meet your needs (for example, reasonable adjustments to overcome the effect of a disability).
If you wish to make a complaint about the Agency or any of our services, we will collect relevant information including personal information in order to assist you. This information will also help us to monitor quality of service delivery and to produce anonymised statistics. The information we collect in this context may be disclosed to the Department for the Economy (DfE) to assist in research into the use and effectiveness of the Labour Relations Agency.
If you wish to make either a Subject Access Request or Freedom of Information Request we may ask for additional personal information pertinent to the request - for instance the date of birth of the person making the request. Full details relating to each of these processes, including what information can be requested and statutory response times, can be found on the relevant Website page: https://www.lra.org.uk/data-protection or https://www.lra.org.uk//freedom-of-information.
You may, however, visit most of the Website anonymously and without registering. If you choose not to register you may not be able to use the Website and its features to their fullest extent. For example, you will be unable to book LRA events online.
Use of personal information
We use the personal information collected via the Website for the purposes of:
- providing, developing, improving and personalising our Services, the Website and Mobile App
- providing you with information about our Services
- dealing with your inquiries and requests
- administering event bookings relating to our customers
- administering user accounts
- generating anonymous reports about use of the Website, its features and associated Mobile App
The LRA may use the personal information collected via the Website to provide you with LRA emails for marketing purposes, to inform you of upcoming events or changes to our Services. If you register on the Website we may use the personal information collected to send you information about the Agency’s events and Services by email. You may opt out of receiving information about our Services by selecting the relevant option on our Website or by sending us an email at webadmin@lra.org.uk.
Security and confidentiality
The Labour Relations Agency safeguards the security of the personal information you provide to us with physical, electronic and managerial procedures. We use industry-standard Secure Sockets Layer (SSL) encryption on all pages where we collect personal information.
Any personal information you provide will be held securely and your personal information will not be sold, traded or otherwise made available to third parties. In some circumstances we may need to disclose your personal information (i) to a third party to provide a service you have requested, (ii) to fulfil a request for information, (iii) to comply with a legal requirement or request from a competent court, regulator or other authority, or (iv) if we believe that there has been a violation of our rights or the rights of any third party. Any information about you that we pass to a third party service provider will be held securely by that party and used only to provide the services or information you have requested.
The LRA is also accredited and holds certification against ISO27001:2013, the recognised Information Security Management System Standard.
Cookies
Cookies are small pieces of data sent to your computer when you visit the Website and which enable us to collect information about you. They are stored in the cookie directory of your hard-drive, and do not necessarily expire at the end of your session although session cookies are automatically deleted when you close your browser. The information we collect in this way may include data about how you use the Website, information about your computer (including your IP address, operating system and browser type), demographic data and, if you visited the Website by clicking on a link from a different website, the URL of that website. We may also collect information about your online activity, such as the pages you have viewed, downloads you have made and any online forms submitted.
Although your browser may be set up to allow the receipt of cookies, you can specify that you wish to be prompted before a website puts a cookie on your hard drive, so that you can decide whether to allow it or not. Alternatively, you can set your computer not to accept any cookies. Please refer to your browser instructions or help screen for information about how to do this. If you disable cookies, you may not have access to certain features that make your experience of the Website more efficient and some of Our Services may not function properly, such as booking a place on one of our events. Visitors who disable cookies can still book places over the telephone and by email.
Access to your information and contacting the Labour Relations Agency
You have the right to request a copy of the personal information the LRA holds about you (through a Data Protection Act/GDPR Subject Access Request), to have any inaccuracies corrected and where applicable to have your information deleted. This request can be made on line at https://www.lra.org.uk/data-protection or by post to the following address (with a return email address where possible):
The Compliance Officer
The Labour Relations Agency
James House
2-4 Cromac Avenue
Belfast
BT7 2JA
Email: compliance@lra.org.uk
If you have a query or complaint about this section of the Privacy Policy or about the Website, you can contact us at webadmin@lra.org.uk.
Note that we cannot answer personal situations or employment related queries by email. You should call the Agency’s dedicated Enquiry Point telephone number on 02890 321442 for free confidential help and information on work issues.
Links to external sites from the Website
The Website contains links to other websites, mainly government departments, employer organisations and trade unions, but also to those of other third parties. These websites are not covered by this Privacy Policy and the LRA is not responsible for the privacy practices within any of these other website environments. You should be aware of this when you leave our Website and we encourage you to carefully read the privacy statements of other websites.
Internet based transfers
Given that the Internet is a global environment, using the Internet to collect and process personal information necessarily involves the transmission of data on an international basis. Territories outside the European Economic Area ("EEA") may not have laws which provide the same level of protection for personal information as those inside the EEA. Currently the LRA does not use servers or employ third party service providers based in such territories to process and store your personal information. We will notify any changes to this position through amendments to this Privacy Policy should this become necessary.
Changes to this privacy Policy
If this Privacy Policy changes in any way, we will place an updated version on this webpage. If you do not agree with any resulting changes made by us, please do not continue to use the Website. Regularly reviewing this webpage ensures you are always aware of what information we collect, how we process and use it and under what circumstances, if any, we will share it with other parties.
Complaints
If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:
Information Commissioner's Office, Northern Ireland
3rd Floor
14 Cromac Place
Belfast
County Antrim
BT7 2JB
E-mail: ni@ico.org.uk
Telephone: 02890 278757 / 0303 123 1114
Part 2 – Employment Relations Services
Introduction
Part 2 of the Privacy Policy covers the impartial and confidential employment relations service in Northern Ireland to those engaged in industry, commerce, public services and the voluntary sector.
Individual services include:
- Dispute resolution through conciliation, collective conciliation, mediation and arbitration
- Provision of advice on good employment practices
- Assistance with the development and implementation of employment policies and procedures
- Telephone Enquiry Point available to employers, employees, trade unions and others.
This Section of the Policy describes how we collect, process, protect and use the information we receive from individual customers of the Labour Relations Agency. It also sets out the standards you can expect from the LRA when we request or hold information about you during your dealings with us, so that we can provide better services for you. It also sets out how you can help us make sure the information we hold about you is accurate.
The Agency knows how important it is to protect customers’ privacy and to comply with data protection legislation (the EU General Data Protection Regulation from 25 May 2018). As such, we will not give your information to anyone, including government departments and their agencies, local authorities, the police or any other public, private or voluntary sector bodies, unless we have lawful authority to do so.
As someone who has engaged with the LRA, and about whom we hold any personal data, you are a Data Subject. The Labour Relations Agency is a Data Controller, because we determine how and why personal data is processed. We are also a Data Processor, in that we process personal data in order to administer a service. The Agency is registered with the Information Commissioners Office as a Data Controller: Registration Number Z1971953.
The LRA is committed to upholding the principles of the GDPR when processing personal data. According to Article 5 of the GDPR, personal data shall be:
- processed lawfully, fairly and transparently
- collected for specified purposes, and not processed for other purposes
- “just the right amount” of data for the task at hand – not too much, but enough to do the task accurately
- accurate and up to date
- kept no longer than necessary
- processed securely
Information we collect
We collect, process and store personal information about you to help us:
- Manage Individual Conciliation cases between employees and employers.
- Manage Collective Conciliation cases in order to facilitate negotiations between employers and employees (normally via trade unions).
- Manage Mediation cases in which a neutral LRA mediator assists parties involved in a workplace dispute reach a satisfactory solution to workplace disputes.
- Manage Arbitration and Independent Appeals cases involving disputes between employers, trade unions and individuals.
- Manage Arbitration Scheme cases as an alternative approach to dispute resolution for claims that could be the subject of proceedings before an Industrial Tribunal and/or the Fair Employment Tribunal. The scheme was established by means of legislation.
- Deliver a Good Employment Practice service to achieve outcomes and solutions between employers and employees.
- Provide a Document Vetting service to assist in reviewing employment related documentation.
- Deliver and manage a telephone based helpline enquiry point available to employers, employees, trade unions and others.
How we use your information
We may use the information we hold about you:
- for one or more of our lawful functions
- to check that your existing information is accurate
- to help us authenticate your identity
- to send email and text alerts to customers who request them
- gather feedback to improve our services, for example our events programme
- respond to any feedback you send us
Information we may give to others
If the law allows, we may give information about you to:
- The Office of Industrial Tribunals and Fair Employment Tribunal (OITFET)
- Claimant (Employees) Representatives
- Respondent (Employers) Representatives
- Claimants (Employees)
- Respondents (Employers)
- Employers
- Trade Unions
- Employer Organisations
- Arbitrators and Independent Panel Members
Access to your information and contacting the Labour Relations Agency
You have the right to request a copy of the personal information the LRA holds about you (through a Data Protection Act/GDPR Subject Access Request), to have any inaccuracies corrected and where applicable to have your information deleted. This request can be made on line at https://www.lra.org.uk/data-protection or by post to the following address (with a return email address where possible):
The Compliance Officer
The Labour Relations Agency
James House
2-4 Cromac Avenue
Belfast
BT7 2JA
Email: compliance@lra.org.uk
If you have a query or complaint about this section of the Privacy Policy, you can contact us at compliance@lra.org.uk.
Changes to this Privacy Policy
If this Privacy Policy changes in any way, we will place an updated version on the Agency website www.lra.org.uk . Regularly reviewing the website ensures you are always aware of what information we collect, how we process and use it and under what circumstances, if any, we will share it with other parties.
Part 3 – Recruitment
Introduction
Part 3 of the Privacy Policy covers the process of Selection and Recruitment for vacant posts within the Labour Relations Agency via the online recruitment portal.
This Section of the Policy describes how we collect, process, protect and use the information we receive from individual customers of the Labour Relation Agency. It also sets out the standards you can expect from the LRA when we request or hold information about you during your dealings with us, so that we can provide better services for you. It also sets out how you can help us make sure the information we hold about you is accurate.
The Agency knows how important it is to protect customers’ privacy and to comply with data protection legislation (the EU General Data Protection Regulation from 25 May 2018). As such, we will not give your information to anyone, including government departments and their agencies, local authorities, the police or any other public, private or voluntary sector bodies, unless we have lawful authority to do so.
The LRA is committed to upholding the principles of the GDPR when processing personal data. According to Article 5 of the GDPR, personal data shall be:
- processed lawfully, fairly and transparently
- collected for specified purposes, and not processed for other purposes
- “just the right amount” of data for the task at hand – not too much, but enough to do the task accurately
- accurate and up to date
- kept no longer than necessary
- processed securely
Information we collect
We collect, process and store personal information about you to help us:
- Select and recruit candidates for vacant posts within the Labour Relations Agency.
- Comply with statutory equal opportunities monitoring and reporting requirements.
How we use your information
We may use the information we hold about you:
- for one or more of our lawful functions
- to help us authenticate your identity
- to verify employment rights that you may have
- to monitor and report on the Agency’s statutory equality obligations
Information we may give to others
If the law allows, we may give information about you to:
- Your Current employer
- Nominated References/Referees
Access to your information and contacting the Labour Relations Agency
You have the right to request a copy of the personal information the LRA holds about you (through a Data Protection Act/GDPR Subject Access Request), to have any inaccuracies corrected and where applicable to have your information deleted. This request can be made on line at https://www.lra.org.uk/data-protection or by post to the following address (with a return email address where possible):
The Compliance Officer
The Labour Relations Agency
James House
2-4 Cromac Avenue
Belfast
BT1 2JA
Email: compliance@lra.org.uk
If you have a query or complaint about this section of the Privacy Policy or about the online recruitment portal, you can contact us at compliance@lra.org.uk.
Changes to this Privacy Policy
If this Privacy Policy changes in any way, we will place an updated version on the Agency website www.lra.org.uk . Regularly reviewing the website ensures you are always aware of what information we collect, how we process and use it and under what circumstances, if any, we will share it with other parties.