HOME Privacy TOS Contact Charter VPLO Cookies

1. Introduction

Purpose of Policy

This Privacy Policy outlines how Clerkwell Standards in Government, Leadership & Oversight (CSGLO) collects, processes, and protects personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. As a coalition dedicated to advancing social justice, accountability, and institutional reform, we are committed to upholding the highest standards of privacy and data security.


Our goal is to maintain transparency, ethical stewardship, and respect for all individuals whose data we process. This Policy demonstrates our commitment to safeguarding personal data while fulfilling our mission to address public complaints, promote institutional accountability, and champion vulnerable individuals.


Scope of Policy

This Policy applies to all personal data collected, used, and stored by CSGLO as part of:

  1. Navigating complaints and disputes between individuals and public institutions.
  2. Investigative journalism to uncover systemic failures, corruption, and institutional bias.
  3. Facilitating communication between individuals, organisations, and institutions for accountability and resolution.
  4. Supporting vulnerable individuals through the guidance of our Vulnerable Persons Liaison Officer (VPLO).
  5. Engaging with the public via educational resources, advocacy initiatives, and community outreach programmes.

It encompasses data collected directly through our website, contact forms, email correspondence, or as part of our investigative and advocacy efforts.


Alignment with Our Values

At CSGLO, our core values drive every action we take. These values include:

  1. Social Justice: Advocating for fairness, equity, and the rights of disempowered individuals.
  2. Accountability: Holding institutions and systems responsible for their actions or inactions.
  3. Transparency: Ensuring openness in how we operate and how we process personal data.
  4. Respect: Upholding the dignity and confidentiality of every individual we interact with.

By aligning our data practices with these values, we ensure that our approach to data protection reflects our broader commitment to ethical responsibility and public trust.



2. Data Collection

Types of Data Collected


At Clerkwell Standards in Government, Leadership & Oversight (CSGLO), we process the following types of data:


  1. Personal Data:
  2. Names, email addresses, phone numbers, and other contact details.
  3. Correspondence content, such as emails, complaint details, and submitted documents.
  4. Sensitive Data:
  5. Information about institutional failures, discrimination, or corruption, often tied to individual or systemic complaints.
  6. Details related to vulnerable individuals handled through our Vulnerable Persons Liaison Officer (VPLO), including case-specific and potentially distressing information.
  7. Technical Data:
  8. Website interaction data, including cookies, IP addresses, and user analytics for improving our online services.
  9. Secure communication metadata, such as timestamps or encryption details, but excluding content.


Sources of Data


Data processed by CSGLO originates from the following sources:


  1. Directly Provided by Users:
  2. Complaints, queries, or other submissions through our website forms, emails, or correspondence.
  3. Documentation submitted by complainants for investigative purposes.
  4. Investigative Activities:
  5. Data gathered from whistleblowers, public records, or third parties during investigative reporting.
  6. Supplementary context obtained through research, interviews, or related public-interest inquiries.
  7. Technical Sources:
  8. Data collected through our web infrastructure, such as cookies and logs, to ensure secure and efficient services.

3. Purpose of Data Processing

Handling and Responding to Complaints


At Clerkwell Standards in Government, Leadership & Oversight (CSGLO), processing personal data is essential for addressing and resolving complaints about public institutions. We collect and analyse complaint details to:

  1. Evaluate concerns for public interest and potential systemic failures.
  2. Facilitate communication with institutions and ensure accountability.
  3. Provide complainants with clear, actionable outcomes or further support.

Conducting Investigations

CSGLO undertakes investigative journalism to promote transparency and accountability. Personal and sensitive data are processed to:

  1. Uncover institutional shortcomings, corruption, or negligence.
  2. Develop detailed, evidence-based reports that highlight systemic issues.
  3. Ensure accurate and unbiased representation of facts while protecting source confidentiality​​.

Supporting Vulnerable Individuals

Through our dedicated Vulnerable Persons Liaison Officer (VPLO), we manage sensitive data to:

  1. Address the needs of individuals who face systemic harm or institutional barriers.
  2. Advocate for those who require tailored solutions due to vulnerability factors, including trauma, social isolation, or health concerns.
  3. Maintain a confidential and sensitive approach to communication​​.

Engaging with Users and Providing Educational Resources

We process data to:

  1. Engage audiences through workshops, educational content, and community outreach.
  2. Provide resources that empower individuals with knowledge and practical tools for addressing systemic challenges.
  3. Facilitate dialogues that foster understanding of institutional responsibilities and public rights​​.

Improving Services Through Audience Feedback

Feedback from users is integral to refining our processes and outputs. We use personal data to:

  1. Measure the impact of our investigative efforts and identify areas for improvement.
  2. Adapt services to better meet the needs of the communities we serve.
  3. Enhance the accessibility and relevance of our reports and educational programmes​​.

4. Legal Basis for Processing

Consent


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) processes personal data on the basis of consent for data submitted voluntarily. This applies when individuals:

  1. Submit complaints, queries, or other communications via web forms, email, or other means.
  2. Provide explicit consent for the handling of sensitive personal data, especially in cases involving vulnerable individuals or whistleblower communications​​.

Legitimate Interests

We process personal data under the legal basis of legitimate interests when pursuing activities that align with our organisational mission, such as:

  1. Investigative journalism and reporting to uncover systemic failures, misconduct, or injustice.
  2. Complaint handling and mediation between individuals and public institutions to ensure transparency and accountability.
  3. Advocating for the rights of vulnerable individuals, particularly in cases where systemic barriers or institutional negligence are at play​​.

Legal Obligations

In some cases, processing personal data is necessary to comply with legal obligations, including:

  1. Retaining data for regulatory or compliance purposes, such as addressing public inquiries or institutional disputes.
  2. Safeguarding sensitive information submitted by whistleblowers in compliance with applicable confidentiality and anti-retaliation laws.
  3. Providing data to law enforcement or regulatory bodies when required by statutory or judicial processes​​.

5. Data Sharing and Disclosure

Internal Sharing


Personal data processed by Clerkwell Standards in Government, Leadership & Oversight (CSGLO) is accessible only to authorised personnel, including:

  1. Vulnerable Persons Liaison Officer (VPLO): Handles sensitive case-specific data related to vulnerable individuals.
  2. Investigative Journalists: Access complaint details and supporting documentation as necessary for conducting in-depth investigations.
  3. Editorial and Governance Teams: Review and oversee content for compliance with ethical and legal standards before publication​​.


External Sharing

In specific circumstances, personal data may be shared with trusted third parties to fulfil our organisational mission:

  1. Legal Advisors: For cases requiring legal compliance or advice.
  2. Whistleblower Protection Channels: To safeguard individuals reporting institutional misconduct.
  3. Regulatory or Law Enforcement Agencies: If required by law or to address serious public safety concerns​​.

Safeguards for sharing data include:

  1. Ensuring external parties comply with GDPR or equivalent data protection standards.
  2. Limiting data access strictly to the information necessary for the task at hand​.


International Data Transfers

Currently, CSGLO does not engage in regular international data transfers. If international sharing becomes necessary, it will be conducted under GDPR-compliant safeguards, such as Standard Contractual Clauses or adequacy decisions​​.


Whistleblower Protection

We take rigorous steps to protect whistleblowers and sensitive sources:

  1. Confidentiality Protocols: Whistleblower identities are safeguarded through anonymisation and secure communication channels.
  2. Ethical Oversight: All investigative activities involving whistleblowers are reviewed by the editorial and ethics teams to ensure compliance with legal and moral standards​​.

6. Data Retention

Retention Periods and Justifications


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) retains personal data in line with our mission and GDPR principles. Specifically:

  1. Complaint and Investigative Records:
  2. Retained indefinitely when necessary to ensure accountability, maintain continuity in resolving systemic complaints, and provide evidence for dispute resolution or public accountability. This aligns with our commitment to transparency and justice​​.
  3. Records undergo regular reviews to ensure ongoing relevance, and non-essential materials are securely deleted.
  4. General Communications:
  5. Retained for a standard period of six months unless flagged for legal or operational purposes. This allows for responsive communication while protecting user privacy​​.


Periodic Review and Secure Deletion

  1. Review Process:
  2. Investigative materials and communication records are periodically evaluated by authorised personnel to assess relevance and compliance with organisational goals and legal standards​​.
  3. Secure Deletion:
  4. Data deemed unnecessary is securely deleted using methods that prevent recovery. Investigative materials no longer required may be anonymised where appropriate to balance archival needs and privacy concerns​​.

7. Data Security

Technical and Organisational Measures


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) takes extensive measures to ensure the security and confidentiality of personal data. Key measures include:

  1. Encryption:
  2. All data transmissions between users and our servers are encrypted using SSL/TLS protocols to prevent unauthorised interception during communication​​.
  3. Sensitive documents and communications are stored using end-to-end encryption when shared between staff or stakeholders.
  4. Restricted Access:
  5. Access to sensitive data is limited strictly to authorised personnel, such as investigative journalists, editorial managers, and the Vulnerable Persons Liaison Officer (VPLO).
  6. All personnel are trained in data protection principles and GDPR compliance to ensure ethical handling of information​​.
  7. Secure Communication and Storage:
  8. Investigative materials, including whistleblower information, are stored on encrypted platforms to ensure confidentiality.
  9. Regular audits and system checks are performed to identify and mitigate potential vulnerabilities​​.


Platform-Specific Security


  1. Website and Email Systems:
  2. Data submitted via web forms is securely transmitted and hosted on GDPR-compliant servers managed by trusted third-party providers.
  3. Browser-based email portals are accessed via SSL-protected connections, ensuring the integrity and privacy of transmitted messages​​.
  4. Operational Controls:
  5. Staff devices used to access email systems are required to implement robust security measures, including firewalls, password protection, and regular updates​.

8. User Rights

Right to Access


You have the right to request access to any personal data that Clerkwell Standards in Government, Leadership & Oversight (CSGLO) holds about you. This includes:

  1. Information about the categories of data collected, the purposes of processing, and the retention periods.
  2. Copies of specific data held about you​​.

To make an access request, please contact our Data Protection Officer at data-request@csglo.org.



Right to Rectification

If you believe that any data we hold about you is inaccurate or incomplete, you have the right to request corrections. We will make necessary amendments promptly after verification​​.



Right to Erasure

You may request the deletion of your personal data under certain circumstances, including:

  1. If the data is no longer necessary for the purposes for which it was collected.
  2. If you withdraw consent and no other legal basis for processing applies​​.

Requests for erasure will be considered in line with legal obligations, such as requirements to retain data for complaint handling or investigatory purposes.



Right to Restrict Processing

You have the right to request that we restrict the processing of your data if:

  1. You contest the accuracy of the data.
  2. The processing is unlawful, but you oppose erasure​​.


Right to Object

You may object to the processing of your personal data on grounds relating to your particular situation. This applies especially in cases where data is processed for legitimate interests, such as investigative journalism or public-interest reporting​​.



Right to Data Portability

Where applicable, you may request to receive your personal data in a structured, commonly used, and machine-readable format to transfer it to another organisation​​.



Right to Lodge Complaints

If you have concerns about how your data is being handled, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). Contact details are as follows:

  1. Website: https://ico.org.uk
  2. Phone: 0303 123 1113
  3. Postal Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF​​.

For organisations in Scotland, you may wish to contact the ICO’s Scotland office:


ICO Scotland Office

Bridgeside House, 99 McDonald Road, Edinburgh, EH7 4NS

Phone: 0303 123 1115 (same general helpline)

Email: scotland@ico.org.uk


9. Cookie and Tracking Policy

Use of Cookies and Tracking Technologies


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) employs cookies and similar tracking technologies on its website to:

  1. Enhance website functionality, such as maintaining user sessions and preferences.
  2. Improve user experience by tailoring website content based on user behaviour.
  3. Collect analytical data to monitor website performance and optimise resources.

Cookies are used solely for these purposes and do not include intrusive or unnecessary tracking​.


Types of Cookies

  1. Essential Cookies:
  2. Necessary for website functionality, such as enabling access to secure areas and managing user authentication.
  3. Performance Cookies:
  4. Used for analytical purposes to improve user experience and monitor traffic without identifying individual users.
  5. Preference Cookies:
  6. Store user preferences to provide a customised browsing experience.


Managing Cookie Preferences


Users can manage their cookie preferences by:

  1. Adjusting their browser settings to accept, block, or delete cookies.
  2. Using the cookie management tools available on our website.

More details on managing cookies and their usage can be found in our dedicated Cookie Policy.



Data Collected by Tracking Technologies


Tracking technologies may collect:

  1. Device information, such as browser type and operating system.
  2. User interaction data, including page views and session duration.
  3. Anonymised data to analyse website performance and detect errors​.

10. Data Transfers

International Data Transfers


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) does not routinely transfer personal data outside the UK or European Economic Area (EEA). If such transfers become necessary to achieve our organisational objectives, we ensure that:

  1. Transfers are made only to countries with data protection laws that have been deemed adequate by the UK government or European Commission.
  2. Where adequacy decisions do not apply, we use Standard Contractual Clauses (SCCs) or other approved mechanisms to provide equivalent protections​​.


Third-Party Service Providers

CSGLO engages with third-party service providers to manage secure data hosting, email communications, and investigative tools. These providers:

  1. Are contractually bound to process personal data only as instructed by us and in compliance with GDPR.
  2. Implement security measures, such as encryption and access controls, to safeguard data against unauthorised access​​.


Compliance and Transparency

  1. Compliance: All international transfers and collaborations are carefully assessed for GDPR compliance to ensure the rights of data subjects are upheld.
  2. Transparency: If an international data transfer is required, we will inform the data subject about the purpose, the destination country, and the safeguards in place​​.

11. Complaint Handling and Investigations

Sensitivity and Confidentiality


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) ensures all data submitted via complaints is handled with utmost care. Our protocols include:

  1. Confidential Handling: Data related to complaints and investigations is anonymised wherever possible to protect individuals’ identities.
  2. Restricted Access: Only authorised personnel, such as investigative staff and the Vulnerable Persons Liaison Officer (VPLO), have access to sensitive information​​.
  3. Secure Storage: Documents and communications are stored securely on encrypted platforms to prevent unauthorised access​​.


Safeguarding Complainants and Whistleblowers

  1. Protection of Whistleblowers:
  2. Dedicated channels ensure whistleblowers can submit information securely and anonymously if required.
  3. Strict confidentiality protocols are in place to safeguard against retaliation​​.
  4. Complainant Support:
  5. Initial inquiries are evaluated for public interest and potential risks.
  6. The complainant’s perspective is central to our investigations, and their experiences are documented sensitively​​.
  7. Legal and Ethical Safeguards:
  8. Our processes are aligned with GDPR and ethical reporting standards to protect individuals' privacy while ensuring accountability​​.


12. Children’s Privacy

Data Protection Measures for Children


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) does not primarily target or provide services to individuals under the age of 18. However, in cases where data involving minors is processed, we adhere to strict safeguards to ensure their protection:

  1. Minimisation of Data: Only data strictly necessary for addressing complaints or investigations involving minors is collected.
  2. Confidential Handling: Data related to minors is anonymised wherever possible and stored securely to prevent unauthorised access.
  3. Consent Requirements: In accordance with GDPR regulations, parental or guardian consent is required before processing data directly provided by individuals under 16 years of age. For minors who are subjects of investigations or complaints, explicit efforts are made to involve guardians when appropriate and safe to do so. Parental or guardian consent is required before processing data directly provided by individuals under 16 years of age.

13. Updates to Privacy Policy

Notification of Updates


Clerkwell Standards in Government, Leadership & Oversight (CSGLO) is committed to maintaining transparency and accountability in how we manage personal data. To ensure users are informed about any changes to our Privacy Policy:


  1. Website Updates: Updates to the Privacy Policy will be published on our website. Where significant changes occur, a notice may be displayed prominently for a limited time to ensure visibility.
  2. Direct Communication: Individuals whose data is actively processed will be notified directly if changes materially impact their rights or how their data is processed.
  3. Version Control: Each update to the Privacy Policy will include a version number and date to facilitate tracking of amendments.
  4. Archived Versions: Previous versions of the Privacy Policy are available upon request to maintain transparency.


User Rights and Consent

  1. For material changes that require renewed consent (e.g., changes in how personal data is processed), we will provide a mechanism to obtain updated consent from users.
  2. Users are encouraged to review the Privacy Policy periodically to stay informed of how we protect their data.

14. Contact Information

Data Protection Contact


For any queries or concerns regarding data protection, including exercising your rights under GDPR, please contact:

  1. Data Protection and Information Governance Office
  2. Email: depts@csglo.org
  3. Subject Line: Include "Data Protection and Information Governance Office: GDPR Question" to ensure your request is directed to the appropriate team​.


General Queries

For general inquiries about our services, organisational policies, or support:

  1. Public Engagement and Support Services
  2. Email: depts@csglo.org
  3. Subject Line: Include "Public Engagement and Support Services: Request for Information"​.


Postal Address

For written correspondence: Clerkwell Standards in Government, Leadership & Oversight

[Relevant Department Name]

Caswell Science & Technology Park

Caswell, Towcester

NN12 8EQ​




15. Additions and Points of Interest

A. Investigative Reporting Safeguards

  1. Protections for Sources and Whistleblowers:
  2. Clerkwell Standards in Government, Leadership & Oversight (CSGLO) implements strict confidentiality protocols to safeguard the identities of sources and whistleblowers. This includes:
  3. Use of encrypted communication tools for secure submissions.
  4. Anonymisation of data to protect individuals from retaliation​​.
  5. Legal support is provided for whistleblowers in high-risk cases to address retaliation concerns​​.
  6. Secure Management of Investigative Information:
  7. All sensitive information is stored on encrypted platforms, with access limited to authorised personnel only.
  8. Investigative materials undergo a rigorous review to ensure they are securely retained and disposed of when no longer needed​​.


B. Transparency and Feedback

  1. Audience Engagement:
  2. CSGLO actively solicits feedback from its audience to shape governance and practices. Mechanisms include:
  3. Open forums for public discussion on investigative findings.
  4. Periodic surveys to gauge audience concerns and priorities​​.
  5. Impact on Governance:
  6. Insights from audience feedback are integrated into organisational decision-making, ensuring accountability and continuous improvement in services​​.


C. Ethics in Data Handling

  1. Commitment to Ethical Standards:
  2. CSGLO is dedicated to upholding the highest ethical standards in handling personal and sensitive data. This includes:
  3. Ensuring that all data collection, storage, and use align with GDPR requirements.
  4. Establishing an ethics oversight committee to review complex data handling cases​​.
  5. Ongoing Training:
  6. Regular training sessions for staff focus on ethical journalism, secure data handling, and addressing conflicts of interest​​.