Page header image

About Us

The Standards Commission is an independent body whose purpose is to encourage high ethical standards in public life through the promotion and enforcement of Codes of Conduct for councillors and those appointed to the boards of devolved public bodies.

Data Protection Privacy Statement

1.   Introduction

1.1  The Standards Commission for Scotland’s aim is to help ensure that the highest possible standards are achieved by those appointed or elected to roles within Scottish public life.  We do so through our work in promoting the ethical standards framework and also through our role in adjudicating on alleged breaches of the Codes of Conduct.

1.2  This privacy statement provides details about the personal information we collect, why we collect it, how it is used, how long we keep it for and how we keep it safe.  We also provide information about an individual's rights in respect of any personal information we hold about them.  We are committed to protecting the privacy and security of any such personal information.

1.3  The Standards Commission is registered as a data controller with the Office of the Information Commissioner.

2.  Information we collect and why we collect it

2.1    In general terms, we collect and use personal information to fulfil the following functions:

  •  Our statutory obligations (providing Guidance on the Codes of Conduct and adjudicating on alleged   breaches by councillors or Members of devolved public bodies);
  •  Our work in promoting the ethical standards framework;
  •  Our work in dealing with enquiries, including on how the Codes should be interpreted; and 
  •  Our obligations as an employer.

Adjudication 

2.2   When we receive a report from the Commissioner for Ethical Standards in Public Life (the ESC), a file is created.  The file will normally contain the identity and contact details of the complainer(s), and the Respondent(s).  It may also contain the identity of other individuals identified within the complaint form and in other evidence that is subsequently submitted by the parties (being the ESC and the Respondent).  The file may also include details about any individuals who have been interviewed during the investigation process; and the contact details of any witnesses who have been asked to one of our public Hearings to give evidence.  We use the information provided to contact the parties and complainer(s) to provide notice of whether or not we intend to hold a Hearing and, if so, of the date and venue.

2.3  If the Standards Commission decides to hold a Hearing to adjudicate on an alleged breach of a Code of Conduct, the parties can submit evidence and information (such as documents and photographs), to be included in productions to be considered by the Hearing Panel (comprising of three Members of the Standards Commission).  The productions may contain personal information.  The productions are shared with the Hearing Panel and circulated to both parties, but are not made public.  We will name the Respondent on our website, on social media and in any media release and responses to enquiries in order to provide notice of Hearings.

2.4  The names of the Hearing Panel, Respondent and the ESC (and any individual appointed by either party to represent them at the Hearing) will be included in the Hearing Decision and may also be included in a press release, both of which are published on the Standards Commission's website after the Hearing has concluded.  The Hearing Decision will also be sent to the parties and the Chief Executive of the relevant Council or devolved public body, issued on request and it may also be shared on social media.  The names and job titles of other individuals connected to the case being considered at the Hearing may be included in the Hearing Decision and press release, but only if they are a councillor, a senior officer of the Council or devolved public body, a MSP or a MP.  The names of other individuals connected to the Hearing will be anonymised in the Hearing Decision and press release.   

2.5  On occasion, we may seek external legal advice on a case referred to the Standards Commission by the ESC or on an appeal against a decision made at a Hearing.  If so, we may share any personal information outlined above with our legal advisers.  Any legal advisers appointed will be required to comply with data protection legislation and professional, legal and regulatory obligations.

Promotion

2.6  We may process personal information in order to issue guidance and other education material, to organise workshops and to facilitate training and promotional events on the Codes of Conduct and the ethical standards framework.  In doing so, we may be required to collect the names, job titles and contact details of attendees.  We may need to share some of the personal information with third parties, such as any venue providers.

2.7   We use surveys to seek feedback on our Hearings and other work we undertake, to help us identify potential improvements. Feedback is provided on an anonymous basis and, as such we do not process personal information included in any response to a survey that could lead to an individual being identified.  We use a third-party, provider Survey Monkey, to help us gather such feedback.  Survey Monkey’s privacy notice is available on their website www.surveymonkey.com/mp/legal/privacy-policy .

Enquiries

2.8  We can be contacted by telephone, email, letter or by completing the 'contact us' form on our website.  We may use any personal information provided (for example, names and contact details) to deal with, and respond to, any queries, comments or requests received.  We will not share any personal information you send in an enquiry with a third party unless you have provided your consent for us to do so. 

Employer

2.9     We will process personal data provided by applicants for any staff vacancies, such as contact details and information about their qualifications, employment history and referees to assess their suitability for the role. 

 2.10   We share personal information of our staff and Members with third parties for the purpose of being provided with payroll and pension services.  The office of the Standards Commission is located within the Scottish Parliament building and, as such, we are also required to share some personal information of staff and Members with the Scottish Parliamentary Corporate Body (SPCB) for security, vetting and business continuity purposes, and so it can provide us with information technology and communication services. 

3.   The legal basis for our collection and use of your personal information:

3.1  We process personal information in order to comply with our legal obligations to provide guidance and to adjudicate on alleged breaches of Code of Conduct.  Our main statutory duties are outlined in the Ethical Standards in Public Life etc. (Scotland) Act 2000.  For example, we collect and use the name and contact details of the Respondent and the complainer to give them notice of the Hearing and the subsequent decision. 

 3.2  We process personal information necessary for the performance of tasks carried out in the public interest or in the exercise of our official authority.  For example, we may process information about individuals who are attending training events in order to send them a programme and details of the venue.

 3.3  We process personal information necessary for the performance of a contract and for our legitimate business interests.  For example, we hold and process personal information about Members and staff in order to pay them.

3.4  We will process personal information lawfully, fairly and in a transparent way.  We will only process personal information for the purpose of fulfilling our responsibilities and duties.  It will not be used in any way which is incompatible with these purposes.

4.   How long we retain your personal information

4.1  We will retain personal information for no longer than necessary and in accordance with the Standards Commission’s Document Retention Schedule and Disposal Policy (a copy of which can be provided on request).  We will only retain information for as long as it is necessary to comply with legal requirements or for legitimate business reasons. 

5.   How we keep your information safe

5.1  Electronic files are held on a secure network which is provided by the SPCB’s Business Information and Technology Team under a Service Level Agreement.  The Standards Commission’s Members and staff are obliged to comply with the Scottish Parliament’s Acceptable Use of IT and Social Media policy, a copy of which can be found at: www.parliament.scot/abouttheparliament/89734.aspx.

5.2  Appropriate measures are taken by the SPCB to ensure personal information is secure and to protect it against unauthorised or unlawful processing, as well as against its accidental loss, destruction or damage. 

5.3  In addition, access to data held on behalf of the Standards Commission on the SPCB’s Information Technology system is strictly controlled through a permission system, which means that Members and staff are only given access to files and information on a ‘need to know’ basis.  Access to the IT network is provided through the use of passwords, which require to be changed on a regular basis.  The SPCB has appropriate security measures in place to prevent personal information being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  Such security measures include password protection, IT encryption, access controls, regular security updates, firewalls and the regular testing of systems.

5.4  Any paper files created by the Standards Commission are kept in cabinets, which are securely locked at the close of business each day.

5.5  All staff and Members are trained on, and understand the importance of, complying with data protection legislation.

6.   Your rights in relation to your personal data

6.1   If we have asked you for your consent to hold your personal information, you have the right to withdraw that consent at any time.

6.2  (i)  You have the right to ask us to confirm whether we hold your personal information and if so, to ask

  • why we hold it
  • what we do with it
  • what kinds of data we hold about you (and how long we keep this information)
  • who we share it with
  • where we got if from (if we did not get it from you)

       (ii) Your have the right to ask for a copy of the personal information we (making a Subject Access Request).

6.3   You have the right to object to us processing the personal information we hold about you.

6.4   You have the right to ask us to correct the personal information we hold about you if you you consider it is inaccurate or incomplete.

6.5   You have the right to request that the personal information we hold about you is erased if there is no compelling reason for us to continue to process it.

6.6   Where you have sought to exercise any of your rights in relation to the personal information we hold about you, or you consider that we are processing your information unlawfully, you have the right to ask us to restrict processing. 

6.7   Requests for information or about these rights should be made in writing and sent to enquiries@standardscommission.org.uk.  Responses about your rights will be provided within one month of receipt of the request and where information is provided this is usually supplied free of charge. 

7.   Cookies

7.1   When visiting our website www.standardscommissionscotland.org.uk we use a third party service, Google Analytics, to collect details about visitor behaviour patterns and supply statistics on the overall number of visits to the site and the pages visited.  We do not use cookies to collect or record personal information, such as names, addresses or other contact information.  We do not share this information with any third parties.  The information collected by Google Analytics will be held by them until we stop using this service.

7.2   Videos available on the website are supported by third-party providers such as Facebook, Twitter, Flash or YouTube.  These providers may use cookies when you access the videos from our website.

7.3   To find out more about cookies, including how to control and delete them, please visit www.allaboutcookies.org.  Disabling cookies may prevent you from using certain websites. You can find out more about this at www.allaboutcookies.org/manage-cookies. 

8.   Links to Other Websites

8.1   Our website contains links to other websites.  We are not, however, responsible for the content or reliability of the linked websites and do not necessarily endorse any views expressed within them.  We cannot guarantee that these links will work all of the time and we have no control over the availability of linked pages.

8.2   This privacy statement does not cover any websites which are accessed through using the links on our website.  We encourage you to read the privacy statements on any other websites you visit.

9.   Contact us:

9.1  We treat any complaints about the way we process personal information seriously.  Please let us know if you think we are processing your personal information unfairly or inappropriately. 

If you wish to contact us about anything in this privacy statement, or in relation to any matters regarding our use of your personal data you can email us at enquiries@standardscommission.org.uk or alternatively you can write to:

The Executive Director
Standards Commission for Scotland
T2.21, Scottish Parliament
Edinburgh
EH99 1SP.

9.2  If we are unable to resolve the data protection issue about how we handle your information, you are entitled to make a complaint to the Information Commissioner.  More information can be found at www.ico.org.uk or send your complaint to:

Information Commission’s Office
Wycliffe House
Water Lane
Wilmslow
SK9 5AF.

Tel: 03030 123 1113.

10.  Changes to our privacy statement

10.1  We will keep this privacy statement under regular review and will publish updates on our website.

Version: 2020 v1 (18/02/2020)

Downloads
Data Protection Policy

Data Protection Policy

22nd May 2019

Download PDF
Privacy Statement

Privacy Statement

18th February 2020

Download PDF