Privacy Notice

Your information will be held by The Radioactive Materials Transport Users Committee (RAMTUC) CLG, a company limited by guarantee, company registration number 8607169, formed to represent companies and organisations concerned in the safe transportation of radioactive materials.

RAMTUC (also referred to as “we”, “us” or “our” in this Privacy Notice) is committed to protecting and respecting your privacy. We collect, use and are responsible for certain personal data about you. When we do so we are regulated under EC Regulation 2016/679, the General Data Protection Regulation (“GDPR”), which applies across the European Union and in the United Kingdom through the UK GDPR and the Data Privacy Act 2018 (collectively referred to as “Data Protection Legislation”) and we are responsible as “data controller” of that personal information. If the UK amends its Data Protection Legislation in consequence of its departure from the European Union this Privacy Notice will be updated appropriately to reflect any such changes.

We will only use your personal information in accordance with GDPR, Data Protection Legislation and this Privacy Notice. This notice explains what we do with your personal data, why we want to use it, how we protect it, and what rights you have to control our use of your personal data.

What information we collect and why we collect it

This Privacy Notice applies to personal information that we process through interactions with individuals in the course of running RAMTUC and delivering our services to Members; this will include employees, contractors and representatives of member organisations, suppliers, website visitors and industry contacts.

The RAMTUC website collects names and contact details for the purpose of allowing Members to access the website. RAMTUC also holds names and contact details, including email addresses, and telephone numbers within a distribution list, designed to be an easy point of reference, listing the current representatives in each RAMTUC member organisation. To document decisions being made, RAMTUC may also record contact details in minutes and other records. These documents are not circulated outside of RAMTUC.

How we use that information

At RAMTUC we are committed to protecting and respecting your privacy and we will only use your personal information:

• to manage our relationship with you including providing services to members and their representatives;
• to provide and improve our services to you, including our website services;
• to ensure that content from our site is presented in the most effective manner for you and your computing device;
• to provide you with information, or services that you request from us or which we may feel may be of interest to you;
• to compile anonymised statistics, for example, website usage statistics;
• to inform you about our seminars and events and efficiently run those seminars and events
• to process and respond to inquiries and
• issuing and payment of invoices.

Our legal basis for processing

Whenever personal data is to be processed, a data controller must be able to demonstrate one of the 6 lawful bases for processing that are detailed in Article 6 of the GDPR. All personal data processed by RAMTUC relies on one or more of the following relevant lawful bases from Article 6 of GDPR :

Consent

where you have given your consent to for your personal data to be processed for a specific purpose;

Legal obligation

the processing is necessary for RAMTUC to comply with the law, not including contractual obligations and

Legitimate Interests

the processing is necessary for RAMTUC’s legitimate interests, or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data that overrides these legitimate interests. A legitimate interest is when we have a business or commercial reason to process your information. But, even in these circumstances it must not unfairly be contrary to what is right and best for you. Our legitimate interests are as follows:

• to effectively run and manage the business of a trade association for the industry;
• to provide our membership offering to member companies, prospective members and their employees;
• to provide the services available throughout our website;
• to promote the development of services offered to industry and further improve those services;
• promote, manage and run events and
• to promote and circulate information and news about nuclear regulation relevant to transport to members and industry stakeholders.

Who we share our personal information with and why

Please note that we may share your information with third parties who provide services to us on our behalf including but not limited to document storage facilities, IT service providers such as cloud providers of software and companies who help us manage our electronic communications with you. We may also share personal information with professional advisors such as lawyers, accountants or auditors in order to provide legal, accounting or auditing services.

The company which maintains and operates RAMTUC’s website currently only processes and stores personal data in the UK only. However to deliver services to you, it may necessary for us now or in the future to share your personal information outside the European Economic Area (EEA), for example with service providers who may be located, or who store data outside the EEA or if you or one or more of our members or members’ affiliates are based outside the EEA. Such countries, including the United States, do not have the same data protection laws as the United Kingdom and EEA, and any transfer of your personal information will be subject to appropriate safeguards in accordance with GDPR and Data Protection Legislation.

RAMTUC has entered into a Data Privacy Agreement (DPA) with its member companies and also with each of its suppliers of services to ensure that personal data is processed and transferred in accordance with GDPR and Data Protection legislation. These agreements oblige member companies to execute what are known as Standard Contractual Clauses (SCCs) which are mandated by the European Commission. The UK’s Information Commissioner’s Office (ICO) has issued what is known as the Approved Addendum setting out amendments to the SCC that will be applied in the UK. The SCCs and the Approved Addendum include what is known as a Restricted Transfer Addendum to cover transfers of personal data to “Restricted Countries” which essentially means all countries outside the European Economic Area (EEA) and a small number of other countries which the European Commission has determined to have “adequate” data protection.

RAMTUC does not directly transfer any of your personal data outside the EEA. However, an individual member company of RAMTUC may transfer personal data to its parent company, subsidiary or affiliate outside the EEA but only if the relevant member has put in place a Restricted Transfer Addendum with that parent company, subsidiary or affiliate.
We will share personal information with law enforcement or other authorities only if required by applicable law.

Except for the third parties identified above, we will not share your information with any other third party.

How long we hold personal data

We will keep your data only for as long as it is necessary for the particular purpose or purposes for which we hold it unless there are any legal or operational reasons to hold it for a longer period in accordance with our internal retention procedures. Limited amounts of personal data, including names and contact details, may be retained in meeting minutes, past editions of RAMTUC governance documents and archived communications. This is for archiving purposes in the public interest and in support of the work which RAMTUC undertakes. At the end of that period, the data that we hold will be securely destroyed.

Your rights in relation to your information

You have rights under GDPR to exercise one or more of the following:

• the right to request a copy of all personal data we hold relating to you;
• the right to require us to correct any mistakes in the personal data we hold relating to you;
• where we are processing your data based on your consent you can withdraw that consent at any time and we must immediately stop processing your data. Please note that up to that point, we’re acting lawfully with your consent, withdrawal of consent cannot be backdated.
• where we process your data based on a “legitimate interest” you still have the right to object to our processing of that data if you feel it impacts on your fundamental rights and freedoms. From the point that you make your objection known to us, we must stop processing your data until we have determined whether your rights override our interests;
• in certain situations, you have the right to require us to erase personal data where there is no good reason for us continuing to process it. However, note that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
• the right to request us to restrict our processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
  • if you want us to establish the data’s accuracy;
  • where our use of the data is unlawful, but you do not want us to erase it and
  • where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.

For further information on each of these rights, including the circumstances in which they apply, see the Guidance from the ICO on individuals’ rights under the General Data Protection Regulation at www.ICO.org.uk

Cookies

We may also store information about you using cookies, which we can access when you visit our site in future. Cookies are small files, which are sent by us to your computer or other access device, that track, save and store information about your interactions and usage of our website. Cookies help us provide you with a better service by enabling us to monitor which pages you find useful and which you do not.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Information on deleting or controlling cookies is available at http://www.allaboutcookies.org

Deleting or disabling cookies may prevent you from taking full advantage of our website and services.

Our website and any documents which we may publish from time to time may contain links to other websites of interest, including but not limited to The Nuclear Institute, the Safety Directors Forum, TCSC, WNTI, Society for Radiological protection and ONR. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Changes to this privacy notice

We may update this privacy notice from time to time. This privacy notice was last updated on 13th June 2022

How to contact us

If you have any queries about how we use your personal data, you can write to us at the following address, or contact us by email or telephone as follows:

T Grange, Tel – 07709480248 email – [email protected]

If you are not satisfied with our response to any complaint, or if you believe our processing of your information does not comply with data protection law, you can make a complaint to the ICO at the following address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Telephone 0303 123 1113.