Privacy
Your data and the SLCC
The nature of our business is one which requires a culture of confidentiality.
The 2007 Act requires us to keep information about complaints (including personal information) confidential, unless the law requires us to share that data with certain people and organisations to carry out our role.
A video about how we handle your data and your rights
On 25th May 2018, the General Data Protection Regulation came into effect. It brought in changes to the way organisations like us handle your personal data.
It gives you more control over how your personal data is used. It also gives you a number of rights in relation to your personal data.
And it affects every business and organisation that handles data, from your gym to your local café to us.
This video explains how we handle your data, your rights under GDPR and how we keep your data safe.
We need a lawful basis to collect your data. Our lawful basis might be to deal with a complaint, to monitor information about complaints, to provide training or to send you our publications if you ask us to.
We take your confidentiality seriously.
We take steps to make sure your data is secure.
But sometimes, we need to share the information you’ve given us with other organisations, like the Law Society of Scotland.
But we won’t share it any more widely than we need to.
We’ll treat sensitive data with extra care. Special data includes information about health, sexual orientation, race, religion and political views.
We’ll only collect data we need. We’ll have to ask for some information like your name, your contact details and information about your complaint.
But we promise not ask for information we don’t need. Like what you had for dinner last night.
You have rights under GDPR. You have the right to be informed about the data we hold on you, the right to access that data free of charge and without delay, the right to have wrong information about you corrected and the right to have your personal data erased if we no longer need it.
We’ll always keep your data secure. Our files are securely stored, we have strong cybersecurity systems and we use telephone ID checks to ensure we’re speaking to you.
So what happens if we don’t follow the data rules?
Depending on what’s happened and how serious it could be, we might investigate what went wrong, speak to the people involved, tell the Information Commissioner’s Office what happened and let you know what we’ve done. Then, we’ll take action to make things safer in the future.
About GDPR
Like everyone else, we also have to comply with the data protection laws.
The General Data Protection Regulation ("GDPR") came into effect on May 25, 2018. It applies strict rules about how we use your personal information, how we store it, who has access to it and how long we keep it for.
Privacy notices
Our Privacy Notices tell you what we will do with your personal information while we have it in our possession and how we will make sure that it is kept safe.
Privacy notice for service users and contractors - this takes the form of FAQs
Privacy notice for under 16s - also in the form of FAQs
Data breaches
Our data breach policy explains what happens in the event of there being a data breach. You can also find information about this in our 'Your data and the SLCC' video.
