• CoDEC Project Survey Privacy Notice


This Privacy Notice explains how we collect and use data that you provide to us when you are invited to participate in a survey on Building Information Models (BIM) and Asset Management (AM) for CoDEC project.

TRL Ltd is the Data Controller for the purposes of the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679).

What data will be collected for this research?

The below table details the data that will be collected during the course of this research:

When will this data be collected Data Data collection method Purpose of collecting the data
During the survey Your survey responses Online surveys To understand your view of asset management during the operational phase and feasibilities of integrating it with BIM environment, identify emerging technologies and trends in asset management.
During the survey Your full name, telephone number, email address, organisation, country and position Online surveys To contact you about the project outputs, and potentially invite you to further consultation activities, attend project workshops and/or be involved in case studies.

The lawful basis for using your information

The lawful basis for us collecting and using your personal data for this research (full name, telephone number, email address, organisation, country and position) is your consent, which we will obtain when we invite you to complete an online survey. 

What will happen with the information you provide

Any of your personal data collected by TRL for this research will be kept private and processed in accordance with the EU General Data Protection Regulation (GDPR). Any paper records of your personal data will be kept in a locked file or transferred to an electronic, password-protected file before being securely destroyed. Electronic files containing participants’ personal data are accessible only to members of the TRL CoDEC Project Team who need to access them.

We may wish to share your personal contact data and survey responses with other CoDEC project consortia members (data “processors”) for data processing purposes (to analyse the responses, potentially consult with you regarding the answers, contact you regarding this research or invite you for further consultation activities such as interviews, detailed questionnaires, workshops):

The consortia members are

In case we will have to provide your personal data for data “processors”, we will implement a data handling agreement with each of the organisations ensuring that your personal data is handled in accordance with GDPR requirements and used only for CoDEC project purposes.

We will not share your personal data with anyone else, including our client, Danish Road Directorate acting on behalf of Conference of European Directors of Roads (CEDR). Your personal data will not be transferred outside the European Economic Area. The anonymised and summarised findings from this research will be shared with Conference of European Directors of Roads (CEDR), discussed during the workshops and project meeting resulting in a project report to help European road authorities improve their asset management practises through integration with BIM environment for infrastructure operational phase.

The length of time we keep your information

The data will be stored only for as long as it is relevant to the purposes above. The project is scheduled to end in April 2022. Your data will be retained for 6 months after the end of the project and will then be securely deleted or destroyed.

Your rights

We will respect your Rights under the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679).

Who to contact about the collection and use of your information

For any queries or requests about the collection and use of your personal data for this research, please email TRL at CoDEC@trl.co.uk.

If you would like to make a complaint about how we have collected or processed your data, please contact our Compliance Team at compliance@trl.co.uk, or telephone ICO (an independent data privacy supervisory authority) on 0303 123 1113.


What does this mean?

1. Right to be informed

You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we are providing you with the information in this Privacy Notice.

2. Right of access

You have the right to obtain access to your personal data (if we are processing it) and certain other information (similar to that provided in this Privacy Notice). This is so you are aware and can check that we are using your personal data in accordance with data protection law.

3. Right to rectification

You are entitled to have your personal data corrected if it is inaccurate or incomplete.

4. Right to erasure

This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.

5. Right to restrict processing

You have the right to ‘block’ or suppress further use of your personal data in certain circumstances. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.

6. Right to data portability

You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.

7. Right to object to processing

You have the right to object to us processing your personal data for our legitimate business interests or for direct marketing purposes (including in each case any related profiling).

8.Right to withdraw consent to processing

If you have given your consent to us to process your personal data for a particular purpose you have the right to withdraw your consent at any time (although if you do so, it does not mean that any processing of your personal data up to that point is unlawful).

9. Right to make a complaint to the data protection authorities

You have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we have handled your personal data or believe our processing of your personal data does not comply with data protection law.

Get in touch

Have a question? Speak to one of our experts today.