Home » Get Involved » Privacy Statement for Engagement

Privacy Statement for Engagement

Privacy statement

This privacy statement sets out how we look after people’s personal information. It was last updated on 01/02/2022.

Who we are?

Our Engagement team are committed to ensuring that the views of patients, carers, stakeholders, partner organisations and the wider community are represented in decisions about how services are proposed, planned and delivered, and how they can be improved. Visit our webpage: Get Involved – NHS Nottingham and Nottinghamshire ICB  page to find out more.


In line with the EU’s General Data Protection Regulations (GDPR) we explain how we collect and treat any personal information you give us. We’ve tried to keep the wording in this statement easy to read and understand.

If you have any questions or concerns, please contact us: nnicb-nn.igteam@nhs.net

Our commitment to you

The Engagement Team is committed to looking after your personal data. We will:

  • Comply with our legal obligations on data protection.
  • Carefully look after any personal data that we hold or use.
  • Be open and transparent about how we do this.

Types of data we collect on our website


Like most websites, we use cookies to collect information. Cookies are small data files which are placed on your computer or other devices (such as smartphones or tablets) as you browse this website. They are used to ‘remember’ when your computer or device accesses our website. Cookies are essential for the effective operation of our website and are used by services we make use of to provide a better experience to you when using our site.

The services that we use that place their own cookies on our site are provided by:

  • Google LLC – The cookies that are in place from Google are used for the analytics data and the anti-spam measures we have in place on our contact and newsletter subscription forms.

Google Analytics

Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.

Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. We send a partial record of your IP address to GA with the last few characters or “octet” removed, this reduces the ability for anyone to use this to identify an individual.

GA makes use of cookies, details of which can be found on Google’s developer guides.

Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.

If you opt-in to receive communications from us…

We will ask for your name and email address, so we can personalise the newsletter and send it to you. We store your personal data in our ICB online system/secure database. You can unsubscribe at any time using the link in each newsletter email.

As part of the registration process for our regular e-newsletter, we only collect your name and email address. We only send you our newsletter with your consent.

The email address that you submit will not be stored in any of our internal computer systems. We don’t rent or trade email lists with other organisations and businesses.

We gather statistics around newsletter opening and clicks using industry standard technologies to help us monitor and improve our newsletter.

You can unsubscribe from our newsletter at any time of the day or night by contacting the engagement team via nnicb-nn.engagement@nhs.net

Types of data we collect elsewhere

Members of the public we work with on projects

If we are working with you on a project, we will give you full details about how we will use and look after your personal data and ensure we receive consent from you before your engagement with us.

Behind the scenes

We have a comprehensive Confidentiality and Data Protection Policy to ensure that we comply with the UK’s General Data Protection Regulation (GDPR) and Data Protection Act 2018. Staff received training on confidentiality and data protection, we undertake data reviews, so that we know what personal data we hold, and process and we’ve documented our lawful bases for processing personal data. We have also checked that our online systems and databases are GDPR-compliant, and we’ve reviewed the security of our different storage systems. We review these arrangements regularly.

About your data

What information we collect, where we store it and what we do with it.

If you contact us by email…

The email will contain your name and email address. The email message may contain other personal information if you’ve provided it. We use this information to respond to your enquiry. We keep a copy of emails, including your name and email address in our email platform, Microsoft Outlook.

If you contact us via a form on our website…

The form will send an email to us, as detailed above. We do not store a copy of the emails in our website content management system.

If you contact us through social media…

The message will contain your name and social media username. The message may contain other personal information, if you’ve provided it. We use this information to respond to your enquiry. We keep a copy of messages in the social media app.

Citizen relationship & project management tools

We also use a citizen relationship management (CRM) tool to keep a record of your information and our conversations in once place.

Who has access to your information?

Our ICB management team have access to everything you’ve provided. Individual employees only have access to what they need to do their job.

We will not share your information with anyone outside of our organisation, unless required to do so by law.

How we keep your information private

Your information is stored on our internal network and/or third-party services online. These network services are secured by password-protection, and where available, two-factor authentication. To access your information, we use computers protected by password and two-factor authentication.

Any questions?

If you have any concerns about the information we store, you can contact us: nnicb-nn.engagement@nhs.net

Your legal rights

You have rights under data protection laws in relation to your personal information. These include the right to:

  • request access to your personal data
  • request correction to your personal data
  • request removal of your personal data
  • object to processing of your personal data
  • withdraw consent to processing of your personal data
  • complain about the way we handle your data

If you would like to action any of your legal data protection rights, please contact us: nnicb-nn.igteam@nhs.net

If you need further information or if you have a complaint

If you have any questions about how we look after people’s personal information, or if you have a complaint about how we are handling your data, please get in touch with us at: nnicb-nn.igteam@nhs.net

 We will try our best to answer your questions or resolve your complaint.

You can also make a complaint to the Information Commissioner, who is the official data protection regulator in the UK. Their contact information can be found on their website at www.ico.org.uk.

Changes to this privacy statement

This privacy statement may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any changes.