Commercial procurement unit privacy notice

Who is the Data Controller for the information I provide?

Liverpool City Council is the data controller in relation to the information you provide.

Why we are collecting your data

Types of personal information collected and further processed concern the bidders and its staff or subcontractors (natural persons).

What is the legal process for collecting and processing this data?

The purpose of the processing is to use the various information in order to evaluate the proposals received in response to a call for quotation/tender referring to exclusion and award criteria as set out in the ITT or ITQ documentation. Also, to award the contract to the best candidate in terms of the most economically advantageous submission based on quality/price.

The purpose of publishing a call for tender/quotation is to open the competition, potentially increase the choice of potential suppliers by developing markets and achieving value for money quality solutions.

The legal bases for the processing operations on personal data are: The Local Government Act 2003, The EU Public Contracts Directive 2014 the Public Contracts Regulations 2015, the Constitution of Liverpool City Council, including Financial Regulations and Contract Standing Orders.

The information we may collect

Information can relate to the following data:

  • Name, address, telephone number, email address.
  • Copy of the company registration, bank account details.
  • Financial turnover and accounts, evidence of insurances held.
  • CVs of staff proposed for the provision of the goods, services and works.
  • TUPE data, as applicable.
  • Responses to questions as set out in a standard selection or suitability questionnaire of the ITT or ITQ on such matters including (but not limited to) professional misconduct, criminal activity, criminal record, health and safety records.
  • Evidence of the payment of social taxes.
  • Copies of certificates of different nature.
  • Any other documents required in the ITT or ITQ documentation.

Who will your information be shared with?

For the purpose detailed above, access to your personal information is given to the following persons, without prejudice to a possible transmission to the bodies in charge of a monitoring or inspection task in accordance with European Union and UK law:

  • Members of the evaluation panel and to the contract lead procurement, financial and legal staff at Liverpool City Council.
  • On occasion, consultants commissioned by Liverpool City Council to assist with the procurement process.
  • When Liverpool City Council collaborates on joint procurement activity with other local authorities or it’s arm’s length companies, members of their staff participation on the evaluation panel.
  • Successful tenderers' information will be published in accordance with the Council’s obligation to notify the outcome of the procurement procedure, and associated spend, as required by the EU Public Contracts Directive, the Public Contracts Regulations 2015 and The Local Government Transparency Code 2015.
    Tenderers who have been unsuccessful will be provided with feedback relative to the winning bidder/s.
  • Bodies charged with a monitoring or inspection task in application of EU/UK law (e.g. internal audits, Crown Commercial Services).
  • Members of the public. If you are awarded a contract by the Council, your personal information will be made public, in accordance with the Council’s obligation to publish information on the outcome of the procurement procedure and spend as required by the EU Public Contracts Directive, the Public Contracts Regulations 2015 and the Transparency Code 2015.

The information will concern in particular your name, address, contact details, the contract amount, title of the contract for which you are awarded a contract. It will be published as appropriate in the Official Journal of the European Union, on Contracts Finder, on the council's own contracts register contained within the council’s corporate contract register and as part of transparency data including quarterly publication of supplier spend £500 and above.

How long will you keep this information for and why?

Information of successful bidder is kept for at least six years following the discharge of the contract in question when agreement is signed under hand and for agreements sealed as a deed this is 12 years following the discharge of the contract. For unsuccessful bidders documentation held is destroyed one year after commencement of the contract.

How will my information be stored?

Documents received from bidders are held securely within the ProContract Portal and SAP financial system with access rights limited to Liverpool City Council staff and members limited to named personnel who are involved in opening and evaluation and award only. Any documents that need to be downloaded are stored on a secure server on a drive with dedicated folders accessible to staff conducting the procurement and evaluation of tenders only. Any physical files are stored in secure off site storage or a lockable cabinet within Liverpool City Council with restricted access rights.

Will this information be used to take automated decisions about me?


Will my data be transferred abroad and why?


What rights do I have when it comes to my data?

You have a number of rights that are set out on the How to access your data page of this section.

Where can I get advice?

View our Help and advice page for more information.

National Fraud Initiative

We participate in the Cabinet Office's National Fraud Initiative (NFI) which is an exercise that matches electronic data within and between public and private sector bodies to prevent and detect fraud.  We are required by law to provide particular sets of data, including personal data, to the Minister for the Cabinet Office for matching.

The use of data for the NFI exercise is carried out with statutory authority under part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under Data Protection legislation and General Data Protection Regulations 2018.

Data matching by the Cabinet Office is subject to a Code of Practice.

You can view information on what data we share and the Cabinet Office's legal powers and the reasons why it matches particular information.