The personal information we collect when you interact with us via this website includes:

Website technical information

Through your internet browser or electronic device, certain information is collected by most websites, such as your IP address (your computer’s address on the internet), screen resolution, operating system type (Windows or Mac) and version, internet browser type and version, electronic device manufacturer and model, language, time of the visit and pages visited.

Through cookies, it’s possible for us to recognise your device and collect information such as IP address, internet browser type, time spent using the website and the pages visited.

Website usage data

By collecting website usage data, we gain an insight into how you use our website.

Your personal information may be used by us and disclosed to third parties when there is a legal basis for us to do so. Most commonly, we will use personal data that we collect, as outlined above, to improve our website, marketing, and customer experiences.

Legal basis: For our legitimate interests (namely developing and delivering our services, keeping our websites updated and relevant, developing our business and informing our marketing strategy).

We may share your personal information with:

• members of the Rail Industry Suicide Stakeholder Group (RISSG)
• trusted third parties, such as:
• our agents and suppliers, including those who provide us with technology services such as data analytics, hosting and technical support;
• our professional advisors, auditors and business partners;
• regulators, governments and law enforcement authorities; and
• other third parties in connection with re-organising all or any part of our business.

In these instances, we will make sure that we transfer the minimum amount of personal information possible and that your personal information is protected by applicable data protection law.

We have taken technical and organisational security measures to prevent your personal information from being accidentally lost, altered, used, disclosed or accessed in an unauthorised way.

In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need for access, and who are subject to a duty of confidentiality. In the case of third-party data processors, they will only process your personal information on our instructions and within the legal framework of data protection law.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We will only retain your personal information to fulfil the purpose of its collection. For research and statistical purposes, we may anonymise your personal information so that it can no longer be associated with you. In this instance, we may use this information indefinitely without further notice to you.

Data privacy laws provide you with a number of rights over your personal information.

You may be entitled to;

• ask the data processor for access to the personal information it holds about you;
• request the correction or deletion of your personal information;
• object to, or request the restriction of, the processing of your personal information;
• withdraw your consent (if expressly given) to the processing of your personal information;
• request for the receipt or transfer to another organization, in a machine-readable form, of the personal information you have provided; and
• complain to your local data protection authority if your privacy rights are violated, or if you have suffered as a result of unlawful processing of your personal information.

A cookie is a small text file that’s stored on your computer or mobile device when you visit a website. We use cookies to:

• Remember your preferences.
• Tailor our sites and services to your interests.

You can set your browser not to accept cookies. However, in a few cases some of our website features may not function as a result.

Information about deleting and controlling cookies can be found at www.aboutcookies.org

This Privacy Policy governs the manner in which Rail Industry Suicide Prevention Stakeholder Groupcollects, uses, maintains and discloses information collected from users (each, a “User”) of the www.railsuicideprevention.co.ukwebsite (“Site”). This privacy policy applies to the Site and all products and services offered by Rail Industry Suicide Stakeholder Group. This site and the Learning Tool films are for the sole use of the UK railway industry only and not intended for the general public.

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate:

• Name
• Email address/mailing address (business or personal)
• Organisation
• Job title
• Completion of suicide prevention training

We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.

We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.

Our Site may use “cookies” to enhance User experience. User’s web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly.

To improve our Site
We may use feedback you provide to improve our products and services.

To send periodic emails
We may use email addresses to respond to inquiries, questions, and/or other requests. By providing email address Users have consented to this. If at any time the User would like to unsubscribe from receiving future emails, we include a detailed unsubscribe instructions at the bottom of each email or Users may contact us on suicideprevention@raildeliverygroup.com to opt out.

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.

Sensitive and private data exchange between the Site and its Users happens over an SSL secured communication channel and is encrypted and protected with digital signatures.

• Users submit details as part of the registration and authentication process. This will be retained for six years after employment ceases, along with profile information, unless the users request their personal data to be removed.
• Users can update/amend their personal contact details via their profile page.

We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.

Users will not find any commercial advertising on this website. Users may find links to the sites and services of our partners, suppliers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.

Rail Industry Suicide Stakeholder Group has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page and send you an email. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

The data protection laws give you certain rights over your personal information and how we use it. These include:

• the right to access a copy of the information we hold about you;
• the right to ask us to correct inaccurate information we hold about you
• the right, in certain circumstances to object to specific uses of your data; and
• the right, in certain circumstances to request the information we hold about you to be deleted

If you wish to exercise any of these rights, please contact: suicideprevention@raildeliverygroup.com

Any reference to Network Rail in this privacy policy means Network Rail Infrastructure Limited.

Network Rail Infrastructure Ltd
1 Eversholt Street
London NW1 2DN

UK Dedicated Servers Limited
Unit 21 West Park
211 Torrington Avenue
Coventry
West Midlands
CV4 9AP

The personal information we collect from you will be held on the RSP database which will be stored on secure servers located with UK Dedicated Servers Limited. These servers will be physically located within the European Economic Area (EEA). We will take all reasonable steps to ensure that your personal data is treated securely and in accordance with this privacy policy.

If you have any questions about the Privacy Policies, the practices of this site, or your dealings with this site, please contact us at:

Rail Industry Suicide Stakeholder Group
The Quadrant
Elder Gate
Milton Keynes
MK9 1EN
suicideprevention@raildeliverygroup.com

This document was last updated on August 28, 2019

Questions, comments and requests regarding data protection matters are welcomed and should be addressed to the Data Protection Officer (data.protection@networkrail.co.uk).

Data Protection Officer Network Rail
The Quadrant
Elder Gate
Milton Keynes
MK9 1EN