Background
Roke Manor Research Limited (“Roke”) is committed to protecting the privacy and security of your personal data. This privacy notice describes how your personal data is collected and processed by us through our website (“website”). For the purpose of this privacy notice, personal data relates to any information which can be used to identify an individual, directly or indirectly.
Roke is the data controller for all personal data collected and we are registered with the Information Commissioner’s Office (“ICO”) and our registration number is ZA493798. Our details are as follows:
Roke Manor Research Limited, Roke Manor Old Salisbury Lane, Romsey, Hampshire, SO51 0ZN
How we collect your information
Website visitors:
The information we hold about you comes from the way you engage with us through our website, such as through direct interactions when you fill in the contact form on our website.
We may collect details of your visits to our website including traffic data, location data, other communications data and the resources that you access.
Job applicants:
As part of a job application, we will process your personal data via a 3rd party data processor (Job Train) in order to progress your application.
B2B contacts:
We will process data through business contracts and via direct contact with you from business cards, phone calls, and email communication.
Business site visitors:
Owing to the nature of Roke’s business, we will also collect limited and specific personal data in order to record you as a visitor if you visit a Roke business site. All visitors on site are required to follow the Roke visitor control process that forms part of the Roke Security Management Framework, which is subject to regular audit.
If visiting the Romsey, Gloucester, or Woking sites, we have security measures in place including the use of CCTV, building access controls and Automatic Number Plate Recognition (ANPR).
Visitors on site shall be recorded on the visitor notification system, in advance, by the Front of House Team who may be supported by the admin team. Prior to a site visit, the host will ensure the visitor has been properly identified and steps have been taken to assure that the visitor is verified as being the individual stated and has the required clearances (if necessary) to visit the site and take part in the agreed agenda.
On arrival to the site, individuals will be appropriately verified as being the visitor for which the visitor process has been completed before they are allowed access to the site. For other sites, local procedures will need to be followed. The host will act as the main conduit of information from the visitor for the visit and will be responsible for contacting the visitor to explain information requirements and ensuring that information is received in a timely and effective manner.
Delivery drivers (Royal Mail, logistics companies such as UPS, Fedex, etc.) are not counted as visitors and shall be managed as defined in Control Room Procedures, shall be allowed access to Stores only, and shall be monitored via CCTV throughout the period present.
Contractors, who are supporting a Roke site with maintenance work will be required to follow the visitor process.
The type of information we process
Personal data, or personal information, means any information about an individual from which that person can be identified. We may collect, use, store and transfer the following different kinds of personal data about you (subject to the consent you give regarding cookies):
- Identity data such as your first name, last name, title, username or similar identifier, date of birth and gender;
- Contact data such as your address, email address, phone number and company name;
- Technical data such as data on the type of your pc/mobile device, internet connection, operating system, web browser and IP address;
- Usage data such as when you log in and out, and which areas of the website you access;
- Location data such as data on your location when using our website;
- Preference data such as the categories of news items you wish to receive alerts for, your preferences in receiving marketing from us, and your communication preferences; and
- Images captured on CCTV footage or via ANPR technology.
Additional information (such as nationality and/or date or birth) may also be requested by your host to obtain the necessary security clearances should you visit a site that requires clearances, and you will be notified by your host prior to your visit regarding what data may be required and why.
How we use your information
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances, and under the given lawful basis:
- Where you submit an enquiry through our website, we rely on your consent which you give when submitting your request.
- Where you submit a job application, we process your information to establish and fulfil a contract of employment.
- Where we have an existing B2B relationship, we may use your information for the legitimate interest of sending you marketing information about our products and services or to invite you to events. We do this as it is necessary that we promote our business to customers and potential customers, but we will always offer you the right to opt-out of future communications. This is done in line with the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). We may use personal data for the legitimate interest of maintaining and using IT systems and administering and managing our website and systems and applications or for maintaining the security at our sites.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation such as providing employee data to HMRC or other Government requirements.
We do use third parties to assist us in this lawful processing.
Who we will share your information with
We may share your personal data with:
- Our service providers including those who provide IT, web, and system administration services
- Job Train (for recruitment services)
- External auditors
Your data may be disclosed to any competent authorities, if and when this is required by law.
We require all third parties to respect the security of your personal data and to treat it in accordance with the applicable law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We may share specific personal data with Chemring Group PLC, the parent company of Roke Manor Research Ltd., when required to do so for reporting and regulatory purposes.
Storing your information
Your personal information will be stored on systems owned or operated by Roke or those of our specific service providers and will only be stored inside the UK or the European Economic Area (EEA). We do not transfer your personal data outside the UK or the EEA.
How we protect your personal data
We have put in place appropriate technical and organisational measures in order to protect your personal data and prevent it from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We limit access to your personal data, only allowing access to those employees, agents, contractors and other third parties where there is a legitimate business need to view it. They will only process your personal data on our instructions and they are subject to a contractual duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and, if applicable, any appropriate regulator, of a breach where we are legally required to do so.
No content on this site may be used to train artificial intelligence systems without permission in writing from Roke Manor Research Ltd.
Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory or other requirements.
Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:
- Request access to, rectification, or erasure of, your personal data (note, however, that we may not always be able to comply with a request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request)
- Obtain restriction of processing or to object to processing of your personal data
- Request the transfer of your personal data to another data controller in certain circumstances
If you are not happy how we are using your information or how we have responded to your request, you have the right to complain to the Information Commissioner’s Office at www.ico.org.co.uk
Use of cookies
When you visit our website, we use cookies, which are small pieces of information that allow us to maintain your connection to our website. Please see our Cookie Policy here.
How we will tell you about future changes to this privacy notice
Any changes we make to our privacy notice will be put on our website. Please check for updates from time to time so you are always fully aware of what information is collected and how it is used.
This notice was last updated in February 2023.
How to contact us
If you have any questions or concerns about our use of your personal information, please contact the Data Protection Manager at [email protected].
February 2023