Data protection legislation applies to all data controllers regardless of whether they are charities or small organisations. Data protection legislation is the UK General Data Protection Regulations (GDPR), the Data Protection Act 2018 (DPA 2018) to the extent that it relates to processing of personal data and privacy; and all applicable laws and guidance issued by any relevant regulator about the processing of personal data and privacy.
Please note that this Policy only covers how the British Academy processes your data a part of this Portal. There may be instances where our website links to other websites which aren’t under our control. Therefore, when following external links it is best to check third party privacy policies to be clear on their collection, processing and use of your information.
‘We’ means The British Academy.
‘ICO’ is the Information Commissioner’s Office, the body responsible for enforcing data protection legislation within the UK and the regulatory authority for the purposes of the GDPR.
‘Personal data’ means any information about an identified or identifiable person. Some categories of personal data are recognised as being particularly sensitive (“special category data”).
‘Processing’ means all aspects of handling personal data, for example collecting, recording, keeping, storing, sharing, archiving, deleting and destroying it.
‘Data Controller’ means anyone (a person, people, public authority, agency or any other body) which, on its own or with others, decides the purposes and methods of processing personal data. We are a data controller insofar as we process personal data in the ways described in this policy.
‘Data processor’ means anyone who processes personal data under the data controller’s instructions, for example a service provider. We act as a data processor in certain circumstances.
‘Subject Access Request’ is a request for personal data that an organisation may hold about an individual. This request can be extended to include the deletion, rectification and restriction of processing.
The British Academy is the UK’s national body for the humanities and social sciences. Founded in 1902, we have three principal roles: as an independent fellowship of world-leading scholars and researchers; a funding body that supports new research nationally and internationally; and as a forum for debate and engagement.
The British Academy is a registered charity in England and Wales (charity number 233176). It has one wholly-owned trading subsidiary (Clio Enterprises Limited, company number 07595846). The registered address of the British Academy and its subsidiary is 10-11 Carlton House Terrace, London, SW1Y 5AH.
Users of the Portal have the ability to interacts with the content and engage with the British Academy via its Contact us forms. The types of personal data collected, and the reasons can be found below:
Disclosing and sharing your personal data
We will never sell your personal data.
We host the Portal with a trusted third party who has been subject to our Third Party Policy and the necessary due diligence.
We employ a variety of physical and technical measures to protect information we hold and to prevent unauthorised access to or use or disclosure of your personal data.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Staff receive data protection training and we maintain a set of data protection procedures which our staff are required to follow when handling personal data.
Storing your personal data
We are wholly based in the UK and store data within the European Economic Area.
We will only retain your personal data for as long as it is required for the purposes for which we collected it (e.g. we have a genuine and legitimate reason and we’re not harming any of your rights and interests). This will depend on our legal obligations and the nature and type of information and the reason for which we collected it. For example, when you provide our personal details through the Portal Contact us form, we will retain the data for 2 years after the last interaction with yourself to manage the relationship and any queries you may have.
We continually review what information we hold and will delete personal data which is no longer required.
We want to ensure you remain in control of your personal data and that you understand your legal rights, which are:
There are some exceptions to the rights above and, although we will always try to respond to any instructions you may give us about our handling of your personal information, there may be situations where we are unable to meet your requirements in full.
If you would like further information on your rights or wish to exercise them, please contact our Data Protection Officer at the address below.
Should you wish to make a subject access request, we can provide you with a template form which includes guidance on how to do this. Please contact us for a copy of the template for a subject access request by emailing here: DPO@thebritishacademy.ac.uk.
Should you have a complaint about how we have used (‘processed’) your personal data, you can complain to us directly by contacting our Data Protection Officer (DPO@thebritishacademy.ac.uk) in the first instance.
You also have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:
Information Commissioner’s Office
Telephone: 0303 123 1113 (local rate) or 01625 545 745