Third Parties'
Privacy Notice

Information that we collect from children, teenagers, parents and teachers through our initiatives including Pretty Curious/POD and when visiting our sites 

- Your contact details;
- Your parent’s contact details;
- Your email address;
- The name of your school/college or university;
- The address of your school/college or university;
- Your phone number;
- Your date of birth;

- So that  we can send you email communications about attending our programmes, events and initiatives;
- For the purposes of marketing/sending invitations to attend events;
- So that we can invite you to apply for jobs in the future

- We have obtained your consent to use the data in this explicit way and we rely on that consent
- We have a legitimate business interest in  being able to promote diversity in STEM industries by engaging with children and young people

- Identification information such as passports, driving licences etc;
- Your vehicle registration number(s)
- Your contact details;
- The details of your communications with us;
- The details of our messages to you;
- Your marketing preferences;
- Marketing information

- Identifying you
- Answer any issues or concerns;
- Monitor potential stakeholder communications for quality and training purposes;
- Develop new services;
- Improve our services;
- Personalise our service;
- Deal with any complaints;
- For the purposes of marketing/sending invitations to events
- To facilitate work-related travel, including vehicle parking and ensuring only safe and authorised vehicular access to our sites;

- We have a legitimate business interest in:
- understanding public feedback and in responding to communications in a consistent manner;
- ensuring that we are better able to personalise our service to the public;
- Ensuring the safety and security at all of our sites;
- In addition to the above, where we have obtained your consent to use the data in this explicit way, then we can rely on that consent
- For security purposes

- Information presented on our social media or wider media platforms such as Yammer, Facebook or Twitter;
- Information collected by security systems;
- Your name and postcode from publicly available sources like the electoral roll or Royal Mail

- Maintain market awareness;
- Build and maintain social media branding, and our branding in general;
- Deal with complaints received;
- Address subject access requests

- We have a legitimate business interest in:
 - providing security over our business;
   - maintaining a public profile within the media;
 - resolving complaints;
- maintaining the accuracy of the data we hold;
- In addition to the above, where    we have obtained your consent to use the data in this explicit way, then we can rely on that consent

- Potential [stakeholder details, like name and email address, from:
- Publicly available sources such as the electoral roll; Royal Mail 

- Provide our services;
- Manage and administer our systems;
- Statistical analysis and research into our clients

- We have a legitimate business interest in:
- developing and maintaining relationships with third-party partners and other companies and dealing with individuals who work for them;
- conducting research to improve our services
- In addition to the above, where we have obtained your consent to use the data in this explicit way, then we can rely on that consent

Your contact details
- Health and medical data;
- Identification information such as passports, driving licences etc.;
- Curriculum Vitae
- Your gender
- Video and audio recordings

- Report to the Department for Energy Security and Net Zero (DESNZ);
- Respond to requests made by law enforcement or regulatory authorities, bodies or agencies, or in relation to a legal claim
- To ensure personnel are suitably qualified and experienced for the work being carried out
- To ensure specific risks are considered for those women who may be pregnant or breastfeeding

- We need to comply with legal obligations;
- We have a legitimate business interest in:
- resolving any complaints we may receive;
- ensuring that we comply with our regulatory and legislative obligations;
- maintaining appropriate records for in relation to potential legal claims;

- Criminal records information
- Baseline Personnel Security Standard check information;
- National Security Vetting application information;
- Photographs and CCTV footage.

- To complete our security checks
- To comply with our regulatory obligations in relation to Office of Nuclear Regulation
- To assess your suitability to hold a Baseline Personnel Security Standard and/or National Security Vetting Clearance;
- To ensure safety and security of sites and people including e.g. staff, third party contractors and visitors.

- It is necessary for compliance with a legal obligation to which EDF Energy is subject;
- It is necessary for contractors to work on our sites;
- It is necessary for the purposes of the legitimate interests of EDF Energy to:
      - Ensure the safety and security of nuclear power stations and other connected sites;
- Ensure the suitability of contracted staff in relation to relevant roles;
     - To maintain appropriate records in relation to potential legal claims;
- And in all cases is carried out only under the control of an official authority

- Your personal and work contact details including your name, address, email address;
- Your date of birth
- Your benefits’ information

- To contact you;
-To provide you with benefits

- It is necessary to perform our duties under a contract with your employer;
- It is necessary for the purposes of the legitimate interests of EDF Energy to:
- Ensure appropriate records are kept of third parties on site;
 - To maintain appropriate records in relation to potential legal claims

- Your National Insurance number;
- Commercial data from your contracting employer;
- Your training records;
- Which member of EDF Energy staff you report to;
- Your role and employment history;
- Your attendance record;
- Your sickness records
- Skills & Experience

- To evidence your qualifications and capability for carrying out work;
- To manage our workforce and ensure you integrate into the team on the particular project on which you are working
- For medical and health purposes e.g. pregnancy

- It is necessary for the purposes of the legitimate interests of EDF Energy to:
- manage the performance of its contractors;
   - manage contractors’ attendance at work;
   - manage contractors’ health and safety at work;
 - To maintain appropriate records in relation to potential legal claims

- your attendance record;
- your sickness records;
- results of drugs and alcohol testing;
- Display Screen Equipment Assessments;
- Personal Evacuation Plans;
- Information provided to us by your employer regarding your health and/or reasonable adjustments which you need in the workplace

- to assess your fitness for work;
- to provide appropriate support to contractors with health and wellbeing issues;
- to comply with our legal obligations, such as the duty to make reasonable adjustments and provide a safe working environment;
- to manage our workforce if you are sick or not well

- it is necessary for compliance with our legal obligations (such as health and safety obligations);
- it is necessary for the purposes of the legitimate interests of EDF Energy to:
- plan and manage its workforce;
- to maintain appropriate records in relation to potential legal claims
- it is necessary for the purposes of preventive or occupational medicine, for the assessment of your working capacity, medical diagnosis, or the provision of health or social care or treatment

- Your contact details

- Monitoring of our services
- To enable third-party contractors to view active/closed systems and therefore view data held on databases
- To enable third-party contractors to log their work

- We have a legitimate business interest in:
- Providing access to users to systems required for EDF Energy to properly carry out its business

- Your contact details including your name, email address and mobile phone number

- Your employee number or your national insurance number

- the result of each Covid-19 test

- In the event of a positive test:
- your postal address;
- your date of birth;
- your gender; and
- the people you have recently been in contact with or close to.
 

- Contact you to inform you of the results of your test; 

- Assess your fitness for work;

- Fulfil our obligation to report to Public Health for England and/or Public Health for Scotland should you test positive for Covid-19;

- Inform people you have been in contact with or close to, should you test positive for Covid-19;

- Provide a safe working environment by minimising the transmission of Covid-19.
 

- It is necessary for EDF to comply with its legal obligations (such as health and safety obligations);

- It is necessary for the purposes of the legitimate interests of EDF Energy to:
- manage health and safety risks;
- plan and manage its workforce;
- continue to operate its nuclear power stations and other connected sites in the manner required.

- It is necessary for reasons of public interest in the area of public health by helping to minimise the spread of Covid-19.