FCDO Services »Privacy notice

Privacy notice

The personal information we collect, how we routinely use it and who we may share it with

This privacy notice provides an overview of the types of personal information we collect, how we routinely use it and who we may share it with. Within this notice we also explain the security measures we take to protect personal information, and how you can contact us to answer any questions you might have about our privacy practices. It particularly applies to information we collect about:

Six principles of good data privacy

Within FCDO Services, the lifecycle of data usage shadows that of the data Privacy Principles, which are that personal data:

  • should be fairly and lawfully processed and should be done so in a transparent manner, ensuring that you are aware of both what and why we are processing your data
  • should be processed for limited purposes and the purpose must be specified
  • shall be adequate, relevant and not excessive, meaning we will only collect as much as we need to carry out our essential processing
  • should be accurate and up to date: if it is not, we will correct it within 1 month of receiving the request to correct
  • should not be kept longer than necessary. To ensure this we observe an information retention policy
  • must be secure. FCDO Services has in place appropriate technical and organisational measures to prevent accidental or deliberate loss, destruction or damage

Visitors to our website

When someone visits www.fcdoservices.gov.uk, we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those who visit our website.

If we do want to collect personally identifiable information through our website, we will be transparent about this, by means of an information notice at the point of collection of the data. We will make it clear when we collect personal information and will explain what we intend to do with it.

Information collected by automated means

We collect certain information by automated means when you visit our sites, such as how many users visit our sites and the pages accessed. By collecting this information, we learn how to best tailor the sites to our visitors. We collect this information through various means such as ‘cookies’, ‘web beacons’ and IP addresses, as explained below.

Cookies are bits of text that are placed on your computer’s hard drive when you visit certain websites. Cookies are useful because they allow a website to recognise a user’s device for example, whether you have visited us before or if you are a new visitor. Cookies may also enhance your online experience by saving your preferences. You can choose to refuse cookies or tell your browser to let you know each time that a website tries to set a cookie. For detailed information on the cookies we use and the purposes for which we use them see our cookies page.

Search engine

Our website search is powered by WordPress. We use Google Analytics to monitor search activity. No user-specific data is collected. These reports collate, for example, how many users visited our sites, what pages have been browsed, and the geographic location of the users. The information collected through the use of analytics may include, for example, your IP address, the website from which you visited us, the type of device you used and your search query that led you to the sites. Your IP address is masked on our systems and will only be used on a need-to-know basis to resolve technical issues, to administer our sites and to understand visitor preferences.

Personal data that you provide to us

You may choose to provide personal information (such as your name, address, telephone number and email address) on our sites. Here are the ways you may provide the information and the types of information you may submit:

  • if you communicate with us through the contact us page, we may ask you for information such as your name, email address and telephone number so we can respond to your questions and comments
  • if you communicate with us via an external customer / supplier survey, we may ask you for information such as your name and business contact details (company postal address, email address, telephone number), so that we can respond to your comments
  • if you interact with FCDO Services in order to access services that may be provided to an organisation, we may ask you for information such as your name and business contact details (company postal address, email address, telephone number), so that we can respond to your request
  • any email sent to us, including any attachments, is monitored for malicious content
  • when we receive an information request, such as a Freedom of Information Request, comments, compliments or complaints, we may generate a file – this normally contains the identity of the requester or complainant

FCDO Services will only use the personal information collected to process the matter and to check on the level of service provided. We do compile and publish Freedom of Information responses but not in a form which identifies anyone.

Personal information contained in these files will be kept in line with the FCDO Services information retention policy. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

Customers and suppliers

FCDO Services routinely exchanges business critical information, such as contact names, phone numbers and email addresses of our clients and suppliers. The information obtained is used for:

  • routine communication
  • customer satisfaction surveys
  • collection or delivery of goods and services

We may opt to use an external collaboration tool to exchange documents and information. This is subject to agreed data sharing and code of conduct arrangements. All traffic passed through this tool may be subject to monitoring and/or recording.

Observing the below legislation, FCDO Services reserves the right to access any private information that is processed on the external collaboration tool without first obtaining the user’s consent:

  • UK Data Protection Act 2018 and EU/UK General Data Protection Regulation 2018
  • Freedom of Information Act 2000
  • Human Rights Act 1998
  • Computer Misuse Act 1990
  • The Communications Act 2003
  • Regulation of Investigatory Powers Act 2000
  • Privacy and Electronic Communications Regulation 2003
  • Official Secrets Act 1989

All such conduct is undertaken in accordance with and for purposes permitted under the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000.

Visitors to site

When working on site, either as a contractor providing delivery of goods only or goods and services, or visiting the site for meetings or training, your personal information is used only for the purpose of fulfilling the appropriate task, meeting or training, including information for access to site and any dietary requirements. The exception would be in the event of an unforeseen incident or other such issue arising. When visiting FCDO premises, visitor information is processed in accordance with the FCDO Privacy Notice for Visitors to our UK Estates.

FCDO Services must record all accident reports, asbestos reports and near-miss episodes as well as data and security incidents and business continuity incidents, all of which are kept in accordance with legal requirements, either manually or in suitable, approved software. These incidents may necessitate an internal investigation and may require the sharing of your data or sensitive personal data as well as associated documentation that is essential to the purpose of the legal requirement to the relevant authorities including (but not limited to):

  • Health and Safety Executive
  • the Information Commissioner
  • the police or other investigatory authorities
  • emergency services
  • other government departments
  • legal process such as solicitors and courts
  • estate owners and appointed contractors

Job applicants, current and former FCDO Services employees

Information you provide during the recruitment process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

FCDO Services use an online recruitment system managed by a third-party processor, People Solutions.

Personal information may be shared with our internal resources team, the hiring managers and the interview panel. When individuals apply to work at FCDO Services, we will only use the information they supply to us to process their application and to monitor recruitment statistics.

You may be asked to participate in assessment days, complete job-specific tests or complete occupational personality profile questionnaires as well as attend a face-to-face interview. The information generated during the process, such as completed tests and interview notes, will be held by FCDO Services.

To assist us in making recruitment selection decisions about candidates, we may invite you to complete a task based psychometric assessment. This will be carried out using the services of an external third-party supplier; Arctic Shores. See Arctic Shores Privacy Policy for further information.

If you are unsuccessful following assessment for the position you have applied for, we may ask if you would like your details to be retained in our talent pool for a period of 6 months. If you say yes, we would proactively contact you should any further suitable vacancies arise.

If a conditional offer of employment is made we will be expected to carry out checks that ensure eligibility to work and identity. We will also contact the referees provided to verify the dates and job titles as detailed in your application. In addition, we will require completed questionnaires about your health and a criminal records declaration. Security clearance requires that you submit information via the United Kingdom Security Vetting process. All employment references that we receive or that we provide are given in confidence.

Once you have taken up employment with FCDO Services, we will compile a file relating to your employment. The information contained in this will be kept within a secure location and will only be used for purposes directly relevant to your employment. We will also require your bank details, emergency contact details and – if relevant – details about you current Civil Service pension scheme.

Personal information about unsuccessful candidates will be held on file for 24 months. After the recruitment exercise has been completed, it will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.

Your personal information may be shared with third parties as part of your employment within the civil service, including but not limited to:

  • Civil Service Learning
  • HMRC
  • other government departments for the purposes of a secondment / progression through graduate recruitment training, and / or the Civil Service Fast Stream
  • pension administrators
  • professional groups, such as the Government Legal Profession
  • IT software providers for the purposes of sending electronic communications to staff, for example staff updates for business continuity purposes, training information and surveys sent via app technology
  • training providers
  • The National Archives
  • external auditors

Once employment with FCDO Services has ended, we will retain the file in accordance with the requirements of our data retention policy, which is based on legal requirements.

FCDO Services is transitioning to a new recruitment platform during Q4 24/25. Up until end March 2025, FCDO Services will use an online recruitment system managed by a third-party processor; Avantus People Solutions. Once you click ‘apply now’ you will be taken to the People Solutions’ website and they will hold the information you submit, allowing FCDO Services access to it.

During Q4 24/25, FCDO Services will cease using Avantus People Solutions and will commence using the Civil Service Jobs platform for all recruitment. This platform is managed by the Cabinet Office – the privacy notice can be found here; Civil Service Jobs Privacy Notice – Civil Service Jobs – GOV.UK

You will be asked for your personal details including name and contact details. You will also be asked about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.

You will also be asked to provide equal opportunities information. This is not mandatory information – if you do not provide it, it will not affect your application. This information will not be made available to any staff outside of our recruitment team, including hiring managers, in a way which can identify you. Any information you do provide, will be used only to produce and monitor equal opportunities statistics.

See People Solutions’ Privacy Policy.

Reporting – FCDO Services are obliged to report statistics.

All processing in relation to job applicants, current and former employees is processed in line with the Data Protection Act 2018 and UK GDPR.

Information rights

We are obliged to provide information about your rights in relation to the data collected. You are entitled to:

  • be informed about how we use your data through provision of information notices
  • know how long we will keep your data, either for legal or procedural periods
  • be advised of our reason for processing the data
  • be provided with a copy of the information held, if required
  • have any information held corrected, if what we hold is wrong
  • ask us to no longer process your information
  • have data erased if no longer relevant, if not subject to overriding law
  • complain about how we use your data to the Information Commissioner’s Office
  • object to automated decision-making and profiling

The Data Controller for all information collected is FCDO Services.

The Data Protection Officer is Jane Tink. Please see contact details below.

Coronavirus update

FCDO Services continues to operate within the law and abide by all constraints under the current pandemic. This means that face to face meetings, training and recruitment exercises are now taking place virtually. The purpose and use of personal data has not changed; however the method of collection may change due to the use of virtual meeting facilities. This information update will be reviewed on a regular basis.

General information

This privacy notice does not cover the links within this site linking to other websites.

We keep our privacy notice under regular review. This privacy notice was last updated on 10 December 2024.

Contact

Jane Tink – Data Protection Officer (DPO)
Email: FCDOServices.DataProtectionOfficer@fcdo.gov.uk