Skip to main content

Procurement Privacy Notice

Our core data protection obligations and commitments are set out in the organisation’s primary privacy notice.

This notice provides additional privacy information for: individuals whose personal data is part of a tendering submission, and people whose data we hold for the performance of contracts we have let.


Purposes

We collect [or obtain] your personal information for the following purpose(s):

  • Procuring goods, services and works for the delivery of TfGM organisational activities

Categories of personal data

In order to carry out these purposes we collect and obtain:

  • Personal details;
  • Business activities of individuals;
  • Licenses, permits or certificates held;
  • Financial details;
  • Goods and services provided;
  • Visual images, personal appearance and behaviour;
  • Details of complaints;
  • Employment and education details;
  • Incident and accident details;

We do not collect, store or use any special category personal information except as follows on an occasional basis:

  • Criminal Offence data

Legal basis for processing

The legal basis we rely on for processing your personal information is:

  • The processing is necessary for the performance of a contract; and/or
  • The processing is necessary for the performance of a task carried out in the public interest.

The legal bases we rely on for processing criminal offence data is:

  • The processing is necessary for reasons of substantial public interest namely for the purpose of complying with the regulatory requirements relating to unlawful acts under the Rehabilitation of Offenders of Act 1974.

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you, or enter into a contract with you in the first instance. For example, we will not be able to communicate with your business during a tendering exercise.


Information sharing recipients

We may share personal information about you with the following types of organisations:

  • Banks – for the operation of Procurement Cards.
  • Other participating authorities – if a framework agreement can be used by other public sector bodies

Sources of personal data other than the data subject

As well as information directly collected from you, we also collect or receive information from:

  • Tendering organisations/Suppliers – In order for us to contact the organisation in relation to the contract you wish to enter into with us, or have entered into with us.

Automated decisions

For this processing, all the decisions we make about you involve human intervention


Data retention criteria

Our Retention Schedule outlines how long we retain certain types of information.


Rights of individuals

You have a right to be informed about how and why your personal information is being processed. This notice fulfils that obligation. You also have a number of other rights.

Information about the following rights is available in our Guide to Exercising Your Rights:

  • Contacting our Data Protection Officer;
  • Raising a concern with us; and/or
  • Making a compliant to the Information Commissioner

Updates

We may update or revise this Privacy Notice from time to time and provide supplementary privacy information as is necessary to TfGM’s current workforce.