Privacy policy

UK GDPR

Under UK GDPR, we have a legal duty to protect any personal information we collect from you. We use leading technologies and encryption software to safeguard your data, and keep strict security standards to prevent any unauthorised access to it.

We do not pass on your details to any third party or other government department.

Your rights

Under UK GDPR, you have rights as an individual which you can exercise in relation to the information we hold about you. These are:

• a right of access to a copy of the information comprised in your personal data;
• a right to object to processing that is likely to cause or is causing damage or distress;
• a right to prevent processing for direct marketing;
• a right to object to decisions being taken by automated means;
• a right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed; and
• a right to claim compensation for damages caused by a breach of the Act.

What information do we collect?

Creating your unique DEWi account

The Welsh Government will provide a unique and secure DEWi account for all users in Local Authorities in Wales, upon submission of the new user account request form, which can be used to access DEWi.

The following personal information about you will be provided on the new user account request form in order to create your unique DEWi account:

• Name of Local Authority
• Full name of user
• User Job role
• User email address
• IP Address

Cookies on DEWi

Cookies are files saved on your phone, tablet or computer when you visit a website.

We use cookies to store information about how you use the DEWi website, such as the pages you visit. These cookies are not used to identify you personally.

We only use strictly necessary cookies.

Strictly necessary cookies

These essential cookies do things like:

• remember the notifications you've seen so we do not show them to you again
• remember your progress through a form

These cookies always need to be on.

People who email us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Changes to this Privacy Policy

If this privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.

This privacy policy was last updated on 21 March 2022.

Feedback

We welcome your feedback. If you contact us asking for information, we may need to contact other government departments to find that information. If your question is technical, we may need to pass it to our technology suppliers.

We do not pass on any of your personal information when dealing with your enquiry, unless you have given us permission to do so. Once we have replied to you, we keep a record of your message for audit purposes.

How to contact us

If you want to request information about our privacy policy or you have any further questions about how your data will be used, you can email us at IMS@gov.wales or write to:

Data Protection Officer
Welsh Government
Cathays Park
Cardiff
CF10 3NQ
E-mail:dataprotectionofficer@gov.wales