Access key links:

CIC website will be moving to GOV.UK this Thursday (28 November) at 9am

Privacy and data protection

We are strongly committed to protecting the privacy of users of our digital services, and do all that we can to protect information about participants. The following information applies to the Office of the Regulator of Community Interest Companies

Data protection

Any information you provide will be held securely and in accordance with the Data Protection Act 1998. Your personal details will not normally be disclosed to third parties. In some circumstances however we may need to disclose your personal details to a third party so that they can provide a service you have requested, or fulfil a request for information. Any information about you that we pass to a third party will be held securely by that party, in accordance with the Data Protection Act 1998, and used only to provide the services or information you have requested.

You have a right to request a copy of your personal details at any time to check the accuracy of the information held. If you want to ask whether the Office of the Regulator of Community Interest Companies holds any personal data relating to you, please write to us at:

Data Protection Officer
Information Rights Unit
Department for Business, Innovation and Skills
Orchard 3, 1st Floor
1 Victoria Street,
London SW1H OET

Alternatively you can email your request to

Proof of identity

Before we can act on your request, you will need to supply proof of your identity. This should include a photocopy of the identification pages of your current passport or of a current photo driving licence; and the original of a current utilities bill (for example, gas or electricity), or credit card or bank statement, which includes your name and current address. This can be returned to you if required.

If you do not have any of these forms of identification, please contact the Data Protection Officer, who will assist you.

Information we collect from visitors

We collect several kinds of information depending on the part of the site being visited: feedback, email enquiries, email addresses, site usage information and, in a few cases, personal details such as your name and postal details if you order publications.

1. Feedback
If you provide feedback about the website through our email address we will only use this information to develop and improve the site.

2. Comments and questions
If you send an enquiry by email it may not always be possible for the Office of the Regulator of Community Interest Companies to provide the information requested directly. In such circumstances we may pass your enquiry to another government department so that they can fulfil your information request.

3. Email alerts and interactive services
If you sign up to receive email alerts, submit comments or use any of our other interactive services we will use the information you give us to provide the service(s) you have requested only. We may occasionally contact email alert subscribers to help us evaluate and improve the service that we offer. If you have used an online form to sign up for a service, you can correct, update or remove any personally identifiable information directly, via our contact form. We will hold the information you have provided for as long as you require access to the service requested. If you inform us that you wish to cancel your details will be deleted from our records.

4. Cookies
When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small files known as cookies. They cannot be used to identify you personally.

These pieces of information are used to improve services for you through, for example:

  • enabling a service to recognise your device so you don't have to give the same information several times during one task
  • recognising that you may already have given a username and password so you don't need to do it for every web page requested
  • measuring how many people are using services, so they can be made easier to use and there's enough capacity to ensure they are fast

    You can manage these small files yourself and learn more about them through Internet browser cookies - what they are and how to manage them

    Our sites use two types of Cookies: 'Session' and 'Persistent'.

    Session cookies: A session cookie lasts only for the duration of your visit to the website. It will expire when you close your browser, or if you haven't visited the site for certain period of time (called session idle timeout, in which case, the site will expire/invalidate the user session).

    Persistent cookies: A persistent cookie will outlast user sessions. If a persistent cookie has its Max-Age set to 1 year, then, within the year, the initial value set in that cookie would be sent back to site every time the user visits the site. This could be used to record a vital piece of information such as how you initially came to the website. For this reason, persistent cookies are also called tracking cookies.

    Cookies for improving service
    Our font scale cookie enables the website to remember whether you have chosen to change the size of font by using the smaller/larger links at the top of each page.

    Name: BIScookie-fontscale
    Typical content: a number from 0 (smallest) to 4 (largest)
    Expires: when user exits browser

    Our alert box cookie enables the website to remember that you've chosen to hide the alert box, whether on the BIS website or one of our partner sites.

    Name: BIScookie-Website-alert
    Typical content: VersionToHide=10
    Expires: 1 year

    The e-commerce section of the BIS publications database is hosted by a third party, EC Group. In addition to the BIS font scale cookie and the Google Analytics cookies, these pages use the following cookie to enable smooth progress through the ordering process.

    Name: ASP.NET_SessionId
    Typical content: randomly generated number
    Expires: when you close the browser

    Cookies for measuring visitor numbers
    SiteAnalyze sets a cookie to help us accurately estimate the number of visitors to the website and volumes of usage. This to ensure that the service is available when you want it and fast.

    Name: nmstat
    Typical content: randomly generated number
    Expires: 2 years 8 months

    Google Analytics is another software package we use to track numbers of website visitors.

    Name: _utma
    Typical content: randomly generated number
    Expires: 2 years

    Name: _utmb
    Typical content: randomly generated number
    Expires: 30 minutes

    Name: _utmc
    Typical content: randomly generated number
    Expires: when you close the browser

    Name: _utmz
    Typical content: randomly generated number + info on how the site was reached (e.g. directly or via a link, organic search or paid search)
    Expires: 6 months

    For further details on the cookies set by Google Analytics, please refer to the Google Code website

    Third-party cookies

    Cookies used by Scribd

    Scribd is used to embed documents, such as PDFs, in our web pages. It generates the following cookies (in addition to Google Analytics cookies).

    Name: __qca
    Typical content: randomly generated number
    Expires: 26 years

    Name: _scribd_session
    Typical content: encoded text
    Expires: 6 years

    Name: scribd_rtc
    Typical content: encoded text
    Expires: 15 years

    Name: scribd_ubtc
    Typical content: encoded text
    Expires: 15 years

    Name: grvinsights
    Typical content: encoded text
    Expires: 18 months

    5. Log files
    Log files allow us to record visitors' use of the site. The Department puts together log file information from all our visitors, including IP address*, which we use to make improvements to the layout of the site and to the information in it, based on the way that visitors move around it. Log files do not contain any personal information about you.

    *An IP address is a numerical label assigned to a computer on a network using the Internet Protocol. Any computer or mobile device connected to the internet has an associated IP address so that data can be routed to it. It is difficult to trace an IP address back to an individual person, and we make no attempts to do so. 

  • Print this page