Notice Information
Notice Title
Data Privacy Impact Assessment System
Notice Description
A Data Privacy Impact Assessment tool was required to meet the requirements of the Data Protection Act 2018. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new Act the University needs to evidence its compliance with data protection legislation. The University of Edinburgh has elected to carry out this project as an EU tender to reach the widest possible market rather than because the expected value will be over the OJEU threshold for public procurement.
Lot Information
Lot 1
The introduction of a Data Privacy Impact Assessment tool is a core part of the University's strategy to meet the requirements of the Data Protection Act 2018. It will become compulsory for staff across the University to routinely carry these out when using personal data, for example when: A Data Privacy Impact Assessment tool is required to meet the requirements of the Data Protection Act. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new GDPR the University needs to evidence its compliance with data protection legislation. The tool is required to help staff across the University ensure their projects, strategies and initiatives are data protection compliant from the outset. The objective is to implement a process based solution to record all Privacy Impact Assessment documentation to meet the requirements of the Data Protection Act. Due to the Act for each business area retaining/moving/sharing personal info they need to complete a Privacy Impact Assessment). It is generally approved that this is delivered as a software as a service or licence/s, so each business area can call this off, complete record and it is maintained or published centrally. The introduction of a Privacy Impact Assessment tool is a core part of the University's strategy to meet the requirements of the Data Protection Act. It will become compulsory for staff across the University to routinely carry these out when using personal data, for example when: - building new IT systems for storing or accessing personal data; - developing legislation, policy or strategies that have privacy implications; - embarking on a data sharing initiative; or using personal data for new purposes.
Options: Renewals will be subject to budget and performance and are covered by Regulation 72 (1) (b) by Public Contracts Scotland Regulations 2015
Renewal: Renewals will be subject to budget and performance and are covered by Regulation 72 (1)(b) Public Contracts (Scotland) Regulations 2015
Notice Details
Publication & Lifecycle
- Open Contracting ID
- ocds-r6ebe6-0000544454
- Publication Source
- Public Contracts Scotland
- Latest Notice
- https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=JAN342474
- Current Stage
- Award
- All Stages
- Tender, Award
Procurement Classification
- Notice Type
- OJEU - F3 - Contract Award Notice
- Procurement Type
- Standard
- Procurement Category
- Services
- Procurement Method
- Open
- Procurement Method Details
- Open procedure
- Tender Suitability
- Not specified
- Awardee Scale
- SME
Common Procurement Vocabulary (CPV)
- CPV Divisions
48 - Software package and information systems
-
- CPV Codes
48000000 - Software package and information systems
Notice Value(s)
- Tender Value
- £1
- Lots Value
- Not specified
- Awards Value
- Not specified
- Contracts Value
- £1
Notice Dates
- Publication Date
- 17 Jan 20197 years ago
- Submission Deadline
- 20 Jul 2018Expired
- Future Notice Date
- Not specified
- Award Date
- 8 Jan 20197 years ago
- Contract Period
- Not specified - Not specified
- Recurrence
- Not specified
Notice Status
- Tender Status
- Complete
- Lots Status
- Complete
- Awards Status
- Not Specified
- Contracts Status
- Active
Buyer & Supplier
Contracting Authority (Buyer)
- Main Buyer
- UNIVERSITY OF EDINBURGH
- Contact Name
- Fergus Martin, Maria Dick
- Contact Email
- fergus.martin@ed.ac.uk, maria.dick@ed.ac.uk
- Contact Phone
- +44 1316514576, +44 1316517135
Buyer Location
- Locality
- EDINBURGH
- Postcode
- EH1 1HT
- Post Town
- Edinburgh
- Country
- Scotland
-
- Major Region (ITL 1)
- TLM Scotland
- Basic Region (ITL 2)
- TLM1 East Central Scotland
- Small Region (ITL 3)
- TLM13 City of Edinburgh
- Delivery Location
- TLM75 City of Edinburgh
-
- Local Authority
- City of Edinburgh
- Electoral Ward
- City Centre
- Westminster Constituency
- Edinburgh East and Musselburgh
Further Information
Notice Documents
-
https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=JUN321248
Data Privacy Impact Assessment System - A Data Privacy Impact Assessment tool is required to meet the requirements of the Data Protection Act 2018. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new Act the University needs to evidence its compliance with data protection legislation. The University of Edinburgh has elected to carry out this project as an EU tender to reach the widest possible market rather than because the expected value will be over the OJEU threshold for public procurement. -
https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=JAN342474
Data Privacy Impact Assessment System - A Data Privacy Impact Assessment tool was required to meet the requirements of the Data Protection Act 2018. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new Act the University needs to evidence its compliance with data protection legislation. The University of Edinburgh has elected to carry out this project as an EU tender to reach the widest possible market rather than because the expected value will be over the OJEU threshold for public procurement.
Notice URLs
Open Contracting Data Standard (OCDS)
View full OCDS Record for this contracting process
The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts.
{
"tag": [
"compiled"
],
"id": "ocds-r6ebe6-0000544454-2019-01-17T00:00:00Z",
"date": "2019-01-17T00:00:00Z",
"ocid": "ocds-r6ebe6-0000544454",
"initiationType": "tender",
"parties": [
{
"id": "org-14",
"name": "University Of Edinburgh",
"identifier": {
"legalName": "University Of Edinburgh"
},
"address": {
"streetAddress": "Charles Stewart House, 9-16 Chambers Street",
"locality": "Edinburgh",
"region": "UKM75",
"postalCode": "EH1 1HT"
},
"contactPoint": {
"name": "Maria Dick",
"email": "maria.dick@ed.ac.uk",
"telephone": "+44 1316517135",
"url": "https://www.publictendersscotland.publiccontractsscotland.gov.uk/esop/pts-host/public/pts/web/login.html"
},
"roles": [
"buyer",
"centralPurchasingBody",
"reviewBody"
],
"details": {
"classifications": [
{
"id": "Body governed by public law",
"scheme": "TED_CA_TYPE"
},
{
"id": "09",
"description": "Education",
"scheme": "COFOG"
}
],
"url": "http://www.ed.ac.uk/schools-departments/procurement/supplying"
}
},
{
"id": "org-23",
"name": "University Of Edinburgh",
"identifier": {
"legalName": "University Of Edinburgh"
},
"address": {
"streetAddress": "Charles Stewart House, 9-16 Chambers Street",
"locality": "Edinburgh",
"region": "UKM75",
"postalCode": "EH1 1HT"
},
"contactPoint": {
"name": "Fergus Martin",
"email": "fergus.martin@ed.ac.uk",
"telephone": "+44 1316514576",
"url": "http://"
},
"roles": [
"buyer",
"reviewBody"
],
"details": {
"classifications": [
{
"id": "Body governed by public law",
"scheme": "TED_CA_TYPE"
},
{
"id": "09",
"description": "Education",
"scheme": "COFOG"
}
],
"url": "http://www.ed.ac.uk/schools-departments/procurement/supplying"
}
},
{
"id": "org-244",
"name": "OneTrust Technologies Ltd.",
"identifier": {
"legalName": "OneTrust Technologies Ltd."
},
"address": {
"streetAddress": "27 Bush Lane",
"locality": "London",
"region": "UKI",
"postalCode": "EC4R 0AA"
},
"contactPoint": {
"email": "info@onetrust.com",
"telephone": "+44 7508340490"
},
"roles": [
"supplier"
],
"details": {
"scale": "sme",
"url": "https://www.onetrust.com/"
}
}
],
"buyer": {
"name": "University Of Edinburgh",
"id": "org-23"
},
"tender": {
"id": "EC0828",
"title": "Data Privacy Impact Assessment System",
"description": "A Data Privacy Impact Assessment tool was required to meet the requirements of the Data Protection Act 2018. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new Act the University needs to evidence its compliance with data protection legislation. The University of Edinburgh has elected to carry out this project as an EU tender to reach the widest possible market rather than because the expected value will be over the OJEU threshold for public procurement.",
"status": "complete",
"items": [
{
"id": "1",
"additionalClassifications": [
{
"id": "48000000",
"scheme": "CPV"
}
],
"deliveryLocation": {
"description": "Edinburgh"
},
"deliveryAddresses": [
{
"region": "UKM75"
},
{
"region": "UKM75"
}
],
"relatedLot": "1"
}
],
"value": {
"amount": 1,
"currency": "GBP"
},
"procurementMethod": "open",
"procurementMethodDetails": "Open procedure",
"mainProcurementCategory": "services",
"submissionMethod": [
"electronicSubmission"
],
"submissionMethodDetails": "http://www.publictendersscotland.gov.uk",
"tenderPeriod": {
"endDate": "2018-07-20T12:00:00Z"
},
"awardPeriod": {
"startDate": "2018-07-20T12:00:00Z"
},
"documents": [
{
"id": "JUN321248",
"documentType": "contractNotice",
"title": "Data Privacy Impact Assessment System",
"description": "A Data Privacy Impact Assessment tool is required to meet the requirements of the Data Protection Act 2018. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new Act the University needs to evidence its compliance with data protection legislation. The University of Edinburgh has elected to carry out this project as an EU tender to reach the widest possible market rather than because the expected value will be over the OJEU threshold for public procurement.",
"url": "https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=JUN321248",
"format": "text/html"
},
{
"id": "JAN342474",
"documentType": "awardNotice",
"title": "Data Privacy Impact Assessment System",
"description": "A Data Privacy Impact Assessment tool was required to meet the requirements of the Data Protection Act 2018. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new Act the University needs to evidence its compliance with data protection legislation. The University of Edinburgh has elected to carry out this project as an EU tender to reach the widest possible market rather than because the expected value will be over the OJEU threshold for public procurement.",
"url": "https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=JAN342474",
"format": "text/html"
}
],
"lots": [
{
"id": "1",
"description": "The introduction of a Data Privacy Impact Assessment tool is a core part of the University's strategy to meet the requirements of the Data Protection Act 2018. It will become compulsory for staff across the University to routinely carry these out when using personal data, for example when: A Data Privacy Impact Assessment tool is required to meet the requirements of the Data Protection Act. The new EU GDPR regulation was adopted on 27 April 2016. It applies in the UK from 25 May 2018 after a two-year transition period. The university is aiming to have an effective way for staff across the University to assess the privacy impact of proposals involving the use of personal data. Under the new GDPR the University needs to evidence its compliance with data protection legislation. The tool is required to help staff across the University ensure their projects, strategies and initiatives are data protection compliant from the outset. The objective is to implement a process based solution to record all Privacy Impact Assessment documentation to meet the requirements of the Data Protection Act. Due to the Act for each business area retaining/moving/sharing personal info they need to complete a Privacy Impact Assessment). It is generally approved that this is delivered as a software as a service or licence/s, so each business area can call this off, complete record and it is maintained or published centrally. The introduction of a Privacy Impact Assessment tool is a core part of the University's strategy to meet the requirements of the Data Protection Act. It will become compulsory for staff across the University to routinely carry these out when using personal data, for example when: - building new IT systems for storing or accessing personal data; - developing legislation, policy or strategies that have privacy implications; - embarking on a data sharing initiative; or using personal data for new purposes.",
"status": "complete",
"options": {
"description": "Renewals will be subject to budget and performance and are covered by Regulation 72 (1) (b) by Public Contracts Scotland Regulations 2015"
},
"hasOptions": true,
"submissionTerms": {
"variantPolicy": "notAllowed"
},
"contractPeriod": {
"durationInDays": 1440
},
"hasRenewal": true,
"renewal": {
"description": "Renewals will be subject to budget and performance and are covered by Regulation 72 (1)(b) Public Contracts (Scotland) Regulations 2015"
},
"awardCriteria": {
"criteria": [
{
"type": "quality",
"name": "Quality",
"description": "70.00"
},
{
"type": "price",
"description": "30.00"
}
]
}
}
],
"bidOpening": {
"date": "2018-07-20T12:00:00Z",
"address": {
"streetAddress": "Edinburgh"
}
},
"communication": {
"atypicalToolUrl": "http://www.publictendersscotland.gov.uk"
},
"contractTerms": {
"performanceTerms": "Accessibility It is a requirement for the performance of this contract that the supplier takes adequate measures to ensure accessibility and conforms to the following standards in contract delivery: The University has a legal and moral duty to ensure its systems are accessible to the widest possible audience, including disabled users. As such, we expect bidders to, as far as possible to confirm system compliance with the Web Content Accessibility Guidelines (WCAG) Version 2.0, AA standard (https://www.w3.org/WAI/intro/wcag.php). If the University feels that the bidder has failed to reach a satisfactory level of compliance with these guidelines or is unable to demonstrate and firmly commit to a satisfactory standard being reached prior to the release date of the software within the University it will be excluded from the procurement. Qualified Bidders will be required to provide a test site for the University's Accessibility Officer."
},
"coveredBy": [
"GPA"
],
"otherRequirements": {
"requiresStaffNamesAndQualifications": true
},
"selectionCriteria": {
"criteria": [
{
"type": "economic",
"description": "Bidders will be required to have a \"general\" annual turnover threshold value 2 times the value of the contract value (GBP) for the last three years prior to the date of the proposed contract award. Minimum level(s) of standards required: All bidders must pass the ESPD"
},
{
"type": "technical",
"description": "As stated in the ESPD.",
"minimum": "As stated in the ESPD."
}
]
},
"submissionTerms": {
"languages": [
"en"
],
"bidValidityPeriod": {
"durationInDays": 90
}
},
"classification": {
"id": "48000000",
"scheme": "CPV"
},
"hasRecurrence": false,
"legalBasis": {
"id": "32014L0024",
"scheme": "CELEX"
}
},
"language": "EN",
"description": "Exclusion statement Modern Slavery, Blacklisting Equalities Act 1. Introduction The University of Edinburgh is committed to protecting and respecting human rights and have a zero-tolerance approach to slavery and human trafficking in all its forms.The University is alos committed to promoting fair working practices and embedding Equality and Diversity across all its work. Bidders and subcontractors engaged in the delivery of this contract may be excluded if they have not met applicable social, environmental and labour obligations, under national , EU and international law. This includes obligations for certain organisations under: -The Modern Slavery Act 2015 ( available at http://www.legislation.gov.ukpga/2015/30/contents/enacted) -the ILO conventions and other measures listed in Annex x of Directive 2014/24/EU (available at http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32014L0024&from=EN) -the Equality Act 2010 (available at https://www.legislationn.gov.uk/upga/2010/15/contents) -the Employment Relations Act 1999 (Blacklists) Regulations 2010 (http://www.legislationn.gov.uk/uksi/2010/493/contents/made) - this is grounds for mandatory exclusion or termination of any procurement or contract stage. At any stage , bidders and/or relevant subcontractors may be required to provide statements and means of proof demonstrating their compliance with these obligations or the reliability of their self-cleansing measures, including the annual statement as provided for by section 54 of the Modern Slavery Act for organisations with a turnover of 36,000,000 GPB or over. The buyer is using PCS-Tender to conduct this ITT exercise. The Project code is 10074 . For more information see: http://www.publiccontractsscotland.gov.uk/infoCentre.aspx?ID=2 The buyer is using PCS-Tender to conduct this ITT exercise. The Project code is 10074. For more information see: http://www.publiccontractsscotland.gov.uk/info/InfoCentre.aspx?ID=2343 (SC Ref:531153) (SC Ref:569230)",
"links": [
{
"rel": "canonical",
"href": "https://api.publiccontractsscotland.gov.uk/v1/Notice?id=ocds-r6ebe6-0000544454"
},
{
"rel": "canonical",
"href": "https://api.publiccontractsscotland.gov.uk/v1/Notice?id=ocds-r6ebe6-0000544454"
}
],
"noticetype": "OJEU - F3 - Contract Award Notice",
"awards": [
{
"id": "EC0828 DPIA",
"suppliers": [
{
"id": "org-244",
"name": "OneTrust Technologies Ltd."
}
],
"relatedLots": [
"1"
]
}
],
"contracts": [
{
"id": "EC0828 DPIA",
"awardID": "EC0828 DPIA",
"status": "active",
"value": {
"amount": 1,
"currency": "GBP"
},
"dateSigned": "2019-01-08T00:00:00Z"
}
],
"relatedProcesses": [
{
"id": "1",
"relationship": [
"planning"
],
"scheme": "EU-OJ",
"identifier": "2018/S 106-241909"
}
],
"bids": {
"statistics": [
{
"id": "506",
"measure": "bids",
"value": 4,
"relatedLot": "1"
},
{
"id": "507",
"measure": "smeBids",
"value": 4,
"relatedLot": "1"
},
{
"id": "508",
"measure": "foreignBidsFromEU",
"value": 4,
"relatedLot": "1"
}
]
}
}