UNISON and the London Ambulance Service UNISON Branch is committed to safeguarding the privacy of everyone who uses our services.
This policy sets out how we will use your personal data.
This policy reflects our duties under the General Data Protection Regulation 2016 (GDPR), the Data Protection Act (1998) and all applicable Privacy and Electronic Communication Regulations. It describes how we use personal data fairly, keep it secure, make sure it is accurate and uphold your rights as a data subject.
This policy does not apply to other organisations to which we may link and whose privacy policies may differ.
Please read the following policy to understand how your personal information will be treated. It may change from time to time, so please check back periodically. It was last updated in August 2018.
Who we are
We are the London Ambulance Service Branch of UNISON.
Our website address is: https://lasunison.com
UNISON is the data controller for the information you provide. Our address is:
130 Euston Road
UNISON’s Data Protection Officer is Libby Bate, who can be contacted at firstname.lastname@example.org.
What personal data we collect and why we collect it
How UNISON uses your personal data
We routinely use your personal data for the following purposes:
- Registering you as a UNISON member.
- Contacting you about your membership and about essential trade union activities.
- Representing you effectively.
- Meeting our legal obligations as a trade union.
- Acting in accordance with the UNISON Rulebook.
The lawful basis for this processing is UNISON pursuing our legitimate interests as a trade union. We may also use legitimate interest as our lawful basis for the following data processing:
- Holding your data on our membership database.
- Processing your subscription payments.
- Confirming your identity when you contact us.
- Sending you statutory communications (these are communications that, as a trade union, we have to send you by law).
- Sending you the quarterly membership magazine.
- Ensuring you have a vote in all UNISON elections and ballots that you are eligible to vote in.
- Ensuring you are represented through UNISON’s democratic processes, such as conferences.
- Member representation (this could be representing you individually or collectively) and case work.
- Booking you on to any trade union courses you want to attend and ensuring accessibility.
- Equality monitoring.
- Statistical analysis of our membership and of employers and workplaces.
Accessing your personal data within UNISON
Some of your personal data will be available to UNISON’s employees, branch officials, workplace representatives and others formally instructed by UNISON for the purposes of carrying out trade union duties.
The type of personal data shared will be relevant to the purpose for which the data is used, so for example, unless you have expressly asked us not to, workplace representatives will be given your workplace details.
UNISON uses industry standard efforts to safeguard the confidentiality of your personally identifiable information, such as firewalls and SSL (secure socket layers). We make every effort to protect the loss, misuse and alteration of information under our control. However, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
If you have elected to use the “MyUNISON” service, your UNISON membership information is password protected so that only you can access it and view the information contained in your account. You are responsible for maintaining the secrecy of your passwords.
Sharing your personal data with third parties
By third parties, we mean organisations that are not UNISON.
We share your information with third parties such as:
- Mailing houses that print and send our communications to you.
- Providers of membership benefits.
- Returning officers (who ensure our elections are run fairly) and scrutineers (who count the votes when we ballot).
When we share your data, we only share the minimum required for the purpose of the data processing (for example if the purpose is to send you a mailing by post, we wouldn’t share your email address with the mailing house, because they don’t need it). We also ensure that processes are in place so that data is always transferred to third parties securely.
The third parties we share data with are:
For all UNISON members:
- ADM – the mailing house that prints and sends our postal communications.
- Electoral Reform Services (ERS) – the organisation that acts as scrutineer for our elections and returning office for our ballots.
- Union Insurance Association (UIA) – the organisation that runs the UNISON Direct call centre.
For some UNISON members, depending on the membership benefits and services that you choose to access:
- Your employer – if you choose to pay your subscriptions as a payroll deduction. We also may use the information your employer provides us to keep our records up to date. Please note that if you do not want us to disclose your UNISON membership to your employer, you can pay your subscriptions by Direct Debit.
- The Labour Party – if you opt for membership of our Labour Link fund.
- Thompsons Solicitors – if UNISON refers a case in which you are involved for legal advice.
- Salesforce – if you opt in to email communications from UNISON. This is the company we use to send electronic mailings.
- Union Income Benefit (UIB) – if you opt in to receiving information about membership benefits from third parties.
- Liverpool Victoria (LV) – if you opt in to receiving information about membership benefits from third parties.
- Unison Insurance Association (UIA) – if you opt in to receiving information about membership benefits from third parties. Please note this transfer is separate to that for the UNISON Direct call centre.
We very occasionally share personal data with organisations working to detect or prevent crime, such as the police.
You may be contacted and invited to participate in market research activities by third party organisations acting on UNISON’s behalf. While such research helps us to get valuable feedback on how we work well and where we can get better – and as such your participation is very helpful and always appreciated – you are not obliged to participate in such research. If you don’t want to, simply let the researcher know.
Transfers overseas and safeguards
We don’t routinely transfer your data outside of the UK. Where it is necessary, we ensure appropriate data protection measures are in place.
Retention of data
Retention means how long we keep your data for. We do this in accordance with UNISON’s data retention policy. This includes:
- Application form – retained for one year after processing, then securely destroyed.
- Membership record – retained for seven years after membership lapses, then minimised.
- Case files – retained for seven years after the case is closed, then securely destroyed.
If you would like to know more or see UNISON’s full data retention policy, please email email@example.com.
Your rights as a data subject
You have rights as a data subject. These rights are:
- The right of access – you have the right to access your personal data (e.g. data that is about you) that we hold. This is called a subject access request. We must respond to your request within one month. To request access to your data, please email firstname.lastname@example.org. It is very helpful if you tell us what of your personal data you are seeking.
- The right to rectification – if you think the data we hold on you is incorrect, tell us so we can put it right. You can do this by: logging in to MyUNISON; contacting UNISON Direct on 0800 0 857 857; or contacting your local branch.
- The right to erasure – you have the right to request that we delete your data. We will do so, provided that we do not have a compelling reason for keeping it. To request this, please email email@example.com.
- The right to restrict processing – you can change your communication preferences (therefore restricting how we communicate with you) by logging in to MyUNISON; contacting UNISON Direct on 0800 0 857 857; or contacting your local branch. There are also certain other circumstances in which you can suppress the processing of your personal data. To request this, please email firstname.lastname@example.org.
- The right to data portability – you can obtain and reuse your personal data for your own purposes across different services, for example different unions. To request this, please email email@example.com.
- The right to object – you have the right to object to a) Direct marketing from UNISON or from third parties we have shared your data with for direct marketing purposes. You can opt out of direct marketing any time by logging in to MyUNISON; contacting UNISON Direct on 0800 0 857 857; or contacting your local branch. There will also be instructions on how to unsubscribe included in any direct marketing message that we send to you. b) Any processing where our lawful basis is legitimate interest (see above).If you would like to formally object to any of our legitimate interest processing, please email firstname.lastname@example.org.
- Rights in relation to automated decision making and profiling – this is not something we do at UNISON. If that ever changes, this policy will be updated accordingly.
At UNISON we are committed to upholding your rights as a data subject. If you think we have not done so, please contact email@example.com.
You may also complain to the Information Commissioner’s Office (ICO) if you believe your rights have not been upheld. The ICO is the data protection regulator and their website is: www.ico.org.uk.
There are some types of data processing that we only do if you have given us your consent. These are:
- Sending direct marketing messages by email.
- Sharing your data with third party providers of membership benefits.
- Sharing your data with the Labour Party.
You are in control of what consent you give us. You can withdraw your consent at any time by: logging in to MyUNISON; contacting UNISON Direct on 0800 0 857 857; or contacting your local branch. There will also be instructions on how to unsubscribe included in any direct marketing message that we send to you.
Statutory data requirements
As a trade union, we have a statutory requirement to keep an accurate register of members’ names and addresses. If you wish to be a UNISON member, you must provide this information to us.
Data collected on our website
Personal data collected by this website will only be used for the purposes (or closely related purposes) for which it was collected.
We may use your personal information to:
- Administer the website.
- Improve your browsing experience by personalising the website.
- Enable your use of the services available on the website.
- Deal with enquiries and complaints made by you relating to the website.
Note: Smush does not interact with end users on our website.
Smush sends images to the WPMU DEV servers to optimise them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.
Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.
We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We keep contact form submissions only for as long as required to answer your enquiry. We may forward this request by e-mail in order to get it answered by the appropriate person. We do not use the information submitted through them for marketing purposes.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Our web host collects some anonymous analytics data. This is used to track number of website visitors and pages visited. You cannot be identified individually and all data is anonymous.
Who we share your data with
We do not share any personal data with anyone.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
In this section, you should provide a contact method for privacy-specific concerns. If you are required to have a Data Protection Officer, list their name and full contact details here as well.
All emails that we send you are tracked. This helps us to ensure that you only receive emails from us that are of interest to you. You can unsubscribe from emails at anytime by clicking the ‘unsubscribe’ button at the bottom of an email.
When on our website, data may be stored on a “cookie”. This is a tiny element of data that our site can send to your browser, which may then be stored on your hard drive. This small amount of information does NOT contain any private information stored on your computer.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Our cookies policy explains which cookies we use and why, along with where you can find more information about cookies.
Social media buttons
On many of the pages of the site you will see ‘social buttons’, such as share buttons for Twitter, and Facebook ‘Like’ buttons.
When you click on any of these buttons, these sites will be registering that action and may use that information.
You should check the respective policies of each of these sites to see how exactly they use your information and to find out how to opt out, or delete, such information.
From time to time we may use Facebook advertising to promote UNISON events and campaigns and encourage people to join UNISON. We do not collect any personal data from Facebook profiles. We do not use your member data to target our advertising on Facebook. We do not provide or sell member data to third parties for the purposes of Facebook marketing. To no longer receive Facebook ads click on the top right hand corner of the ad
External web services
We use a number of external web services on the UNISON site, mostly to display content within our web pages. For example, to display images we sometimes use Flickr; to show videos we use YouTube. This is not an exhaustive or complete list of the services we use, or might use in the future, when embedding content, but these are the most common.
As with the social buttons, these sites may use information about usage of embedded content. If you are not logged in to these external services, then they will not know who you are but are likely to gather anonymous usage information e.g. number of views, plays, loads etc.
UNISON E-Mail Addresses
If you are a UNISON representative and have been issued with an @lasunison.com or .net e-mail address then the above also applies. Your address will be stored by the webmaster and you may receive mailings from the webmaster, but only in connection with UNISON, the web site, occasional warnings such as virus attacks or in connection with your specific account. Your address will be displayed on the web site for members to contact you. If at any time you feel your account has been compromised we can change it or delete it for you.
From time to time the website operates a prize draw for various different reasons. If you are one of our prize draw winners then by accepting the prize you agree to us publishing your name on our list of winners page and in any other publications that we may send out from time to time.
If after your name has been published you have good reason for having your name removed then please notify us in writing.
In 2006 we launched an SMS text message alert service enabling us to send news and updates direct to your mobile phone. This service was discontinued in April 2018 and all data was erased.