PRIVACY STATEMENT

We take the privacy of your data very seriously. Although we gather very little information about those who contact us, it's important for us to be transparent in how we handle what we do have.

 

1. Introduction

Strathclyde and Caledonian Nightline (“we, us, our”) of Strathclyde Students’ Union and Glasgow Caledonian University Students’ Association takes your data protection and rights in relation to this very seriously. We have written this document to make things as clear as we can, if you have any questions about your privacy in relation to getting support* from Nightline then please contact us (details in section 10).

We promise to respect and protect any data you share with us; we won’t do anything with your data that you wouldn’t reasonably expect us to do when you contact us for support.

Data protection in the UK is overseen by the Information Commissioner’s Office and the main legislation that underpins it is the EU General Data Protection Regulations (2014) (GDPR).

*Support means emotional support, active listening, and provision of information where available and should be read as such through the rest of this document.


2. What Data We Collect – People Who Contact Us

When you contact us and ask for support we keep a statistical record of some of the information that we take from your contact with us. Unless you explicitly consent to us recording personal information about you we do not keep a record of any personal identifiable information.

When you contact us for support, we may identify information about you which is considered special category data under the law, however without your explicit consent there will no identifiable information recorded about you which links this information to you as an individual.

Special category data is anything related to your ethnic origin, religion, health (including disability), sexual orientation, etc.

3. What Data We Collect – Volunteers

When you apply to volunteer with Nightline the information you put in your application is viewed by the coordinators at Strathclyde Students’ Union and Glasgow Caledonian University Students’ Association.


We record the following: name, institution, Faculty/School, email address, telephone number, whether you are a Home/RUK/EU/International Student, whether you are an undergraduate or postgraduate student, if you are a mature student, and anticipated year of graduation.


We record information about you that is required to process your application as a volunteer and to inform our recruitment procedures. We have a legitimate interest to record this information in order to run and deliver the service.

Additionally, we ask all those attending a training or other formally organised event with us to complete a medical questionnaire. This is a disclosure form and is held securely in a locked cabinet or on a password protected online folder by staff coordinators in the event of a medical or health emergency in which a disclosure of a health condition or medication taken would be valuable for emergency services or other health professional. All questions are voluntary.


The data included in this is the following: title, full name, date of birth, address, phone number, email address, name of doctor and address of medical practice, name and relationship of next of kin, contact phone number for next of kin, known medical conditions, medication, any other relevant medical details (including religious preferences for medical treatment). The information on this form will only be used in the event of a medical emergency and forms will be destroyed one month followed the date of the event.


4. How We Collect and Use Your Data

Nightline is a listening and information service delivered for the students of University of Strathclyde and Glasgow Caledonian University. We process your data for our own records. Caller data is stored electronically externally to the Union/Association and University servers. Volunteer data is stored electronically on internal servers; this is held on a secure, password protected user account. We will never use the information about you for marketing purposes.

We collect data about you that we are provided directly from you. We use your data for two purposes: for statistical purposes from callers and to facilitate the running of the service from volunteers.


From the GDPR legislation, the legal basis we have to collect your data is called a legitimate interest (Article 6 GDPR). This means that we feel you would reasonably expect us to process your data when you approach us for volunteering or support. For example, it would be very difficult for us to interview you for a volunteering role if we did not have your contact details. Because of this, we don’t need direct consent to process your data when it is part of an application to join. It is necessary for Nightline to protect your interests as our volunteers and callers as well as our interests as a service.


We believe that you have a right to complain if the support or information you receive is incorrect or unsatisfactory. Without storing data, including contact details when appropriate or when explicitly consented to, it may be difficult for you to seek redress. We require your data in the event of a complaint so that we can check if the support or information provided was accurate or appropriate and you were treated in a fair and respectful manner.

The second reason that we process your data is for monitoring and statistical purposes. At this point any data is anonymised, so you can’t be directly identified from it. We then use this to look at trends/patterns so that we can focus our work on helping students in the best possible way.


5. Sharing Your Data and Disclosure to Others

In general, we will not share your information outside of Nightline without you giving your direct consent. However, we have a statutory obligation to share data as set out by an Act of Parliament where information is disclosed related to terrorist activity. We also make disclosures in certain circumstances where we have identifiable information if we believe there is a substantial threat to life/harm to yourself or a child or adult at risk.


We disclose information about terrorist activity that we receive even when identifiable information is not made available. You will be made aware by a volunteer when a disclosure will be made.

6. Consent

Consent has been clarified and defined in the GDPR. It has to be a clear process and involve a positive choice from the person giving it (no pre-ticked boxes allowed!). You are also able to withdraw your consent at any time and we can’t refuse to support you on that basis alone.

We will ask for your explicit consent for one reason. This is to get your permission share your information when it is relevant/necessary to support you to access support from emergency services. If we or you deem this necessary, we will ask you explicitly if you consent to us sharing information that you have provided to us.


7. How to Change and Erase Data We Hold on You

You have the right to be able to see the information we hold on you, have any incorrect facts changed and to have your data erased. If you want to exercise any of these rights, please contact us and we will talk you through the process.

8. Your Rights

The GDPR sets out your rights as an individual, we strive to uphold and protect your rights in balance with our legitimate interest in providing support for you.

  1. The right to be informed

  2. The right of access

  3. The right to rectification

  4. The right to erasure

  5. The right to restrict processing

  6. The right to data portability

  7. The right to object

  8. Rights in relation to automated decision making and profiling.

You can see detailed explanations on each of these rights here.


9. Keeping Information Secure

We have explained why we process your data; we also want to explain the actions we take to keep it secure. We store all of our caller data on a system called Call Report. This is held externally to both the Union/Associations and the Universities and is only accessible to Nightline staff and volunteers.


Call Report is a call data system that is used across many Nightline services and is fully compliant with the GDPR

We thought carefully about what storage system we wanted to use and Call Report have clear statements on their commitment to the security and protection of your data, if you would like to see these please get in touch.

We store information about volunteers on two systems. The first of these is 3 Rings, a rota and volunteer management system which is held externally to both the Union/Associations and the Universities and is only accessible to Nightline staff and volunteers. 3 Rings is a volunteer data and rota system that is used across many Nightline and other support services and is fully compliant with the GDPR.

The second of these is a secure, password protected file held by staff coordinators.

10. Time Frames

The GDPR states that we can only keep your data for no longer than it would be reasonable for the purposes that we have outlined. We retain volunteer data for one year after they have left the service or left/completed their studies; this allows us a volunteer to rejoin if they wish without having to provide all of their data again or for us to provide a volunteering reference for a reasonable period after their volunteering.


We retain caller data for two years; this allows us to produce statistical information about calls to the service for a reasonable period after they have been made. After this time all of your data will be deleted from 3 Rings, Call Report, and any other internal systems.

11. How to Contact Us

If you have any questions about privacy and confidentiality, please get in touch:

Holly Shaw – Strathclyde Nightline Coordinator
holly.shaw@strath.ac.uk

Meg MacDonald – Glasgow Caledonian Nightline Coordinator
Meg.MacDonald@GCUstudents.co.uk

 

Privacy Statement 

©2021 by Strathclyde and Caledonian Nightline. Proudly created with Wix.com.