The Advanced Research and Invention Agency (“ARIA”/”we”/”our”/”us”) is committed to protecting the privacy and security of your personal information.
This policy sets out the basis on which we will collect your personal data, and how that data will be used.
This policy applies to personal data we collect when you use our website (the “Website”) or otherwise interact with us.
Please read this privacy policy carefully to understand how we will treat your personal data. We have a duty to process personal data fairly, lawfully and in a manner that you would expect given the nature of our relationship with you. Where we have a legal basis to use your personal data without consent, this policy fulfils that duty by giving you appropriate notice and explanation of the way in which your personal data will be used.
If you have any questions or require any further information regarding our use of your personal data, please contact us using the contact us form.
ARIA is the data controller in respect of your personal data. This means we are responsible for deciding how we hold and use personal data about you.
The information we collect depends on the context of your interactions with us. In this policy, we consider the following groups of people:
You may fall into one or more of these groups, and these categories may change over time. The information we collect, and the way it is used, will depend on which of these groups you fall into. This policy does not apply where you are applying to work for us. Please see our Privacy Policy for Job Applicants for further information on how your personal data will be used during the recruitment process.
The personal data we collect from you as a visitor to the Website includes:
This data is automatically collected and stored in our server logs when you interact with the Website. Collecting this data enables us to improve user experience of the Website, for example to provide you with tailored content. It also helps us to understand how the Website is used, by analysing the traffic we receive, and to maintain and protect the security of the Website and products. Our Cookie Policy explains this in more detail and can be found here.
The legal basis for collecting the information from cookies is your consent to cookie use (other than in respect of strictly necessary cookies in respect of which our legal basis is our legitimate interest in providing the Website to you) and our legitimate interest in improving the Website and protecting our rights.
We may collect the following information when you use our contact form to raise a query with us.
Collecting this data enables us to communicate with you in response to your completion of a contact form.
Our legal basis for collecting this information is to enable us to respond to you, and our legitimate interest in responding to questions in relation to our services and protecting our rights If you sign up to receive updates (i.e. marketing communications) from ARIA our legal basis is with your consent when you sign up.
We may collect or use the following information about you when we interact with you (or the organisation you represent) as a supplier or business contact.
Collecting this data enables us to receive products and/or services from you or the organisation that you represent. Our legal basis for collecting this information is either our legitimate interest to allow us to receive products and/or services from the organisation that you represent or performance of a contract with you.
The legal basis for processing personal data on the Website is your consent when subscribing to our mailing list or accepting the use of cookies on the Website (except strictly necessary cookies) and our legitimate interest in responding to questions in relation to our services, or in relation to our business relationship and protecting our rights.
The data we collect may be shared with our professional advisors and our technology suppliers, for example our hosting provider. We require all our technology suppliers to take appropriate and stringent security measures to protect your personal data in line with our policies. We do not allow our technology suppliers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.
We will share your data if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.
The data we collect with Google Analytics cookies is transferred and stored with Google where we analyse it with Google Analytics software (Universal Analytics). We do not allow Google to use or share this data for their own purposes.
We will not:
We will only retain your personal data for as long as it is needed for the purposes set out in this document or for as long as the law requires us to.
We will:
In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We design, build and run our systems to make sure that your data is as safe as possible at all stages, both while it’s processed and when it’s stored.
The personal data we collect from or about you may be transferred to, processed and stored, at destinations outside the UK (for example, the US).
Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data – for example, we protect your data using varying levels of encryption.
We also make sure that any third parties that we deal with keep all personal data they process on our behalf secure.
The Website may contain links to another website. This policy only applies to the Website so when you follow a link to other websites you should read their own privacy policies.
You will receive updates (i.e. marketing communications) from us if you have requested information from us. You can ask us to stop sending you updates at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.
Where you opt out of receiving these updates, this will not apply to personal data that you otherwise provided to us as part of the contact form.
Under certain circumstances, by law you have the right to:
Most information will be provided free of charge. However, we may charge an administrative fee in some circumstances, for example if:
Any charges we make will be justified, transparent and kept to a minimum.
You should:
We may need request further information from you to help us confirm your identity and ensure your right to exercise any of your rights.
In return we will:
We may also refuse to comply with your request if it is manifestly unfounded or excessive.
If you have any questions about this policy or how we handle your personal data, please contact us or email our Data Compliance Officer at dco@aria.org.uk.
If for any reason you are not happy with the way we have handled your personal data, please contact us via our contact form.
If you are still not happy, you have the right to make a complaint to the Information Commissioner’s Office at: casework@ico.org.uk.
We keep this policy under regular review and will post any updates on the Website.
This policy was last updated in August 2023.