Liverpool Guild of Students ("the Guild", "we", "our" or "us") promises to respect any personal data you share with us, or that we get from other organisations and keep it safe. We aim to be clear when we collect your data and not do anything you would not reasonably expect.
Developing a better understanding of our members through your personal data allows us to make better decisions, communicate more effectively and, ultimately, helps us to reach our goal of having a positive impact on every University of Liverpool student.
Where we collect information about you
We collect information in the following ways:
When you become a Member
Each year that you enrol on a University of Liverpool accredited course you automatically become a member of Liverpool Guild of Students, unless you opt-out. The University of Liverpool shares a register of Members with us, which includes information about you and your course. When the University gives us this data we become responsible for it and will use this as our core central record of your membership.
When you give it to us directly
You may give us your information in order to sign up a student group or society, for one of our events or trips, to volunteer, undertake research activities, use our advice service, purchase our products or communicate with us. When you give us this information we take responsibility for looking after it and we will cross reference this data against our register of members.
When you give it to us indirectly
Your information may be shared with us by independent organisations, the University of Liverpool, or event partners. These independent third parties will only share this when you have indicated that you have given consent to share this data with us. You should check their Privacy Policy when you provide your information to understand fully how they will process your data.
When you give permission to other organisations to share
We may combine information you provide to us with information available from external sources in order to gain a better understanding of our members to improve our communication methods, products and services.
The information we get from other organisations may depend on privacy settings or the responses you give, so you should regularly check them. This information comes from the following sources:
Third party organisations
You may have provided permission for a company or other organisation to share your data with third parties such as the Students’ Union. This could be when you buy a product or service or register with another website.
Social Media
Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us permission to access information from those accounts or services.
Information Available Publicly
This may include information found in places such as Companies House and information that has been published in articles/newspapers.
When we collect it as you use our websites
Like most websites we use "cookies" to help us make our site and the way you use it better. Cookies mean that a website will remember you. They’re small text files that transfer to your computer, phone or tablet and make interacting with a website easier, e.g. by automatically filling your name or address in text fields. There are more details in our Cookies Statement.
In addition, the type of device you’re using to access our website and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have and what operating system you’re using. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
When you buy a product from us
To place an order with us online, either for tickets to an event or to buy merchandise, we request certain information including your name, email address and delivery address at the point of registration. This information is required to enable us to process your order and notify you of its progress. Once an order has been placed, we may contact you by email to confirm your order details and again once your order has been accepted and despatched. Should we need to contact you for any reason regarding your order, we will use the email address registered to your account, or the telephone number where provided.
What personal data we collect and how we use it
The type and quantity of information we collect and how we use it depends on why you are providing it.
Our Members
If you are one of our members the University, in response to their obligations to you, provide us with a set of key information you provided at enrolment:
- Name;
- Student Number & username;
- Contact details including email addresses, address and phone number;
- Date of Birth, gender, ethnicity, nationality, whether you are a UK, EU or International student;
- Details about your studies including the start and end dates, the mode, programme, location and year of study, your department or faculty and the number of years you have been registered as a student; and
- Whether you are an Erasmus student, mature student or final year.
When you use our services or participate in one of our activities we will use this information to provide the best possible standards of administration and communication.
We will provide contact details for Course Representatives to the relevant University of Liverpool staff and students to permit those individuals to make use of the Course Rep system.
We will provide details of society members to those societies’ committees to allow them to verify society membership.
In addition when you attend an event, join a student group or use one of our services we may ask for additional information such as:
- Your bank details to facilitate payments;
- Information relating to your health and the details of your next of kin if you are taking part in a high risk activity;
- Qualifications of trip leaders where relevant to the activity; and/or
- Any disabilities or dietary requirements so that we can make reasonable adjustments.
We will mainly use your data to:
- Provide you with the services, products or information you asked for
- Administer your membership
- Keep a record of your relationship with us
- Ensure we know how you prefer to be contacted
- Understand how we can improve our services, products or information
Building profiles of members and targeting communications
We use profiling and screening techniques to ensure communications are relevant and timely, and to provide an improved experience for our members. Profiling also allows us to target our resources effectively. We do this because it allows us to understand the background of the people who study at the University and helps us to deliver appropriate services and information to members who need it.
When building a profile we may analyse geographic, demographic and other information relating to you in order to understand your interests and preferences better so that we can contact you with the most relevant communications. Your data would only ever be analysed or profiled through encrypted and protected data processes, which only ever identifies broad statistics. In doing this, we may use additional information from third party sources when it is available.
Lawful basis, retention and security
When we process your data we will have already carefully assessed the lawful justification for doing so, the parameters in which the data is processed, the length of time the data is held for, the secure storage of your data and undertaken impact assessments to ensure your rights are delivered. We believe that in pursuing our activities as a students’ union we have a legitimate interest in processing our members' data.
The law on data protection sets out a number of different reasons for which an organisation may collect and process your personal data, including:
Consent
In specific situations, we can collect and process your data with your consent. For example, when you tick a box to receive email marketing.
Contractual obligations
In certain circumstances, we need your personal data to comply with our contractual obligations. For example, if you order an item from the online shop for home delivery, we’ll collect your address details to deliver your purchase, and pass them to our courier.
Legal compliance
If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity affecting the Guild to law enforcement .
Legitimate interest
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running the Guild and which does not materially impact your rights, freedom or interests. For example, we will use your @liverpool.ac.uk email address to send you information on elections.
How long we keep your data
The length of time we keep your data varies depending on why we have collected it. We will keep your personal data only for as long as we need for the purpose it was gathered and for a limited time after that to ensure that we comply with our legal obligations and that we have sufficient records to respond to queries (including complaints, legal claims and safeguarding). We will ordinarily keep most records for no more than seven years. We are required under law to retain our Members names and addresses for a period of ten years.
How we keep your data safe and who has access
Personal data collected and processed by us may be shared with Guild employees, our volunteers and under strictly controlled conditions the following groups where necessary:
- Contractors
- Advisors
- Agents
- Service Provider Partners
- Staff and students of the University of Liverpool
When we allow access to your information, we will always have complete control of what they see, what they are allowed to do with it and how long they can see it. We do not sell or share your personal information for other organisations to use.
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.
Some of our suppliers run their operations outside the European Economic Area (EEA). Although they may not be subject to the same data protection laws as companies based in the UK, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law. By submitting your personal information to us you agree to this transfer, storing or processing at a location outside the EEA.
We may need to disclose your details if required to the University of Liverpool, the police, regulatory bodies or legal advisors.
We will only ever share your data in other circumstances if we have your explicit and informed consent.
Marketing & Communications Preferences
Membership Communications
As a member of the Guild we believe you have a legitimate interest in hearing from us about the products and services we offer, what we’re doing to represent you and opportunities that might be of interest to you. You may opt out of these communications at any stage by clicking the unsubscribe link contained within the email. Where these emails relate to our statutory obligations, i.e. participation in our democratic structures or company meetings you will not be able to unsubscribe from these emails whilst you remain a member of the Guild.
Direct Marketing
We may send marketing material on behalf of our social enterprise, retail, advertising and events divisions where you have told us that we can. We do not sell or share personal details to third parties for the purposes of marketing.
Controlling what you want to hear about
We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms have clear marketing preference questions and we include information on how to opt out when we send you marketing. If you don’t want to hear from us, that’s fine. Just let us know when you provide your data or by altering your profile on the Guild website.
Keeping your information up to date
We mostly use the record of members provided by the University of Liverpool to maintain accurate data about you as described above. We really appreciate it if you let us know if your contact details change.
Understanding the detail of our data security measures
The Guild operates a Data Protection and Information Security Policy; all employees and volunteers handling data are required to undertake general data protection training and third parties handling data are required to provide a contract that meets the requirements of the Information Commissioner’s Office.
The Guild does not store any payment card data on our systems following online transactions. The Guild utilises the National Union of Students handle these payments.
Your rights
You have a right to see the information the Guild holds about you. You can also request changes to be made to incorrect information. You can ask for information to be deleted or blocked if you legitimately think that the Guild is not processing this information for the purpose it was collected.
If you have any queries about this notice or your personal information generally, please send these to guilddpa@liverpool.ac.uk.
If you wish to access your information you should complete the Subject Access Request Form with a description of the information you want to see and the required proof of your identity by post to Liverpool Guild of Students, 160 Mount Pleasant, Liverpool, L3 5TR.
Where information is held on the basis of your consent you have the right to withdraw this at any time.
For further information see the Information Commissioner’s Guidance here.
Changes to this statement
We may change this Privacy Statement from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website or by contacting you directly.
If you have any questions, comments or suggestions, please let us know by contacting guilddpa@liverpool.ac.uk