Privacy Policy

This privacy notice relates to the personal data processed by the Office of Rory Stewart, Member of Parliament for Penrith and The Border, in relation to casework and policy queries.

Who is the Data Controller?

The Data Controller is Rory Stewart, Member of Parliament for Penrith and The Border.

What does the Office do?

The office discharges the duties and functions of an elected Member of Parliament. As part of this work, we conduct constituency casework and respond to policy queries, for which we must process personal data of our constituents.

How do we process data?

This Office processes constituents’ data under the lawful basis of public task. In instances where this lawful basis is not sufficient and explicit consent is required, a member of the office will contact you to establish your consent. In rare cases, we may also process data under the lawful basis of legitimate interest.

In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.

Will we share your data to anyone else?

We may pass your personal data on to a third-party in the course of dealing with you, such as local authorities, government agencies, public bodies, health trusts, regulators, and so on. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the basis upon which they were originally intended. When they no longer need your data to fulfil this service, they will dispose of the details in line with our procedures.

We will not use your personal data in a way that goes beyond your reasonable expectations in contacting us.

For how long will you keep my personal data?

Casework and policy queries are revisited repeatedly. It is therefore in the interests of both our office and our constituents to retain data related to these functions until its disposal is requested.

What rights do I have to my personal data?

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing, such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: if our office refuses your request under rights of access, we will provide you with a reason why. You have the right to complain.