Your data is important to us
We're a membership organisation which means at our heart is our students and the information process to make your University experience incredible. We also employ staff, work with suppliers and have customers for our commercial services so the information on this page is for those people too.
The way we manage and process your data is governed by the General Data Protection Regulation (GDPR) which, as of 25th May 2018, replaces all data protection legislation in EU member states (including the UK's Data Protection Act 1998 (DPA)) without the need for further national legislation. These web pages aim to explain how we manage your information inline with GDPR and what this means for you. We've been really open and transparent on these pages to help you be fully informed and understand your rights - you can see: how we access your data; how we assess our processing activities; how we gain consent and how you can change your preferences; the training any data processors go through; who else processes data about you; and our policies for processing data.
The data we process
In each of the privacy statements set out above we outline how you can enact your rights. It's important you understand your data rights and we recommend you visit the ICO Website for more information.
Our legal basis for processing your data
Contract- As student or staff you will likely have a contract with us when you use our services which allows us to facilitate our obligations to you.
Consent- We may ask you to consent to us processing your data for direct marketing purposes.
Legal- We are obliged by various laws including the Education Act, Contracts Act and employment law to process certain data.
Legitimate Interest- We carefully balance your rights when we think there is a legitimate interest in us processing data to support you.
Strath Union carefully curates marketing and communications that might be relevant to you. Sometimes we need to send essential information where we believe there is a legitimate interest in you receiving this.
We always provide a way to opt out in our communications without affecting your membership and we will never sell your data to third parties.
To help us deliver our charitable services we use external service providers who have limited access to your data and these are carefully managed by contracts and high levels of security standards.
Below we have outlined some of those who may process your data and where possible linked to their security information:
- National Governing Bodies - To register athletes as required
- Sage Pay- For payments on our website
- Paypal- for payments on our website
- University of Strathclyde - To improve your experience
When you use our Advice Service we want you to be assured of our confidentiality. Read about our Confidentiality Policy and Privacy Notice.
We have a handbook to guide the processing practices of those who handle personal data.
You are entitled to make requests concerning your data, you will find all the forms needed to do this here