Date privacy notice was completed: 20/04/2022
Our organisational details:
Name: Warwick Nightline
Phone Number: 02476522199
Email: nightline@warwick.ac.uk or su222@warwicksu.com
Our governing body’s details:
Name: Warwick Student Union (stakeholder)
Phone Number: 02476572777
Email: studentactivities@warwicksu.com
Useful Definitions
‘Personal data’ is information that is personally identifiable, i.e. you can use the data to find out who it is about. This could be a name, date of birth or location data.
‘Special category data’ is more sensitive information, for example, health or genetic information.
‘Processing’ is the action that Warwick Nightline or a trusted third party takes when collecting, updating, storing, or sharing an individual’s personal data.
‘We’ or ‘Nightline’ refers to Warwick Nightline.
Why we collect your data
We aim to minimise as much as possible the amount of personal data we process. We may process personal data where the law requires us to do so, in order to safeguard vulnerable individuals, to protect our volunteers’ wellbeing and to continuously improve and develop the services we provide.
All of our practices comply with UK GDPR. We have lawful bases for processing your personal data and special category data. The main lawful bases we rely upon are:
- We have a legal obligation
- Protecting vital interests
- Our legitimate interests as an organisation
How we protect your data
At Nightline, we only collect the data we need and we only share it on a need-to-know basis.
We do not share personal data externally with the exception of the circumstances outlined in this policy. In this situation, we will always make you aware of how your personal data might be affected and will always check that the organisation’s systems comply with privacy laws and have robust privacy and security practices.
We store most of our data on Google Workspace (i.e. Gmail, Google Drive etc). It is secured and supported by Google and has been security assessed by independent organisations (including the National Cyber Security Centre: https://www.ncsc.gov.uk/guidance/g-suite-security-review). We store some personal data on other systems too. For every system we use, we check that it complies with privacy laws and has good privacy and security practices.
How we process your data
Nightline Service Users
As a general rule, Nightline does not store personal data of service users in call records. We keep call logs, but these are limited to primarily statistical information and no identifying information is recorded.
On some occasions, in order to detect and prevent abuse to Nightline services, we do collect data about calls we believe to be non-genuine, in order to prevent such calls taking place again in the future. This information includes details of the caller and the topics discussed on the call.
Some personal data (IP addresses, email addresses, etc.) and messages are stored in the databases of our anonymous instant messaging and email software, which is provided to Nightline by our umbrella organisation, the Nightline Association. The coordinators of the service will anonymise your email address before your email is passed onto listening volunteers. The Nightline Association does not access the databases (unless requested by us as outlined below), except in exceptional circumstances where system administrators must undertake system maintenance. All emails and addresses are deleted after a 1-year retention period. This is so that we are aware of previous context should you respond within this time on the same email thread, and for service statistical collation to improve the running and quality of the service.
In certain circumstances, Nightline may share personal data with a third party:
- Terrorism
Any information relating to an act or potential act of terrorism will be reported to the police in order to comply with our legal obligation under the Terrorism Act 2000 - Safeguarding
Any calls where there is a threat to either a child or an adult at risk may require us to make a report to the police or to the local authority. This is done to meet our responsibilities to protect vulnerable individuals. - Suicide
Where we receive a call where there is a serious risk of harm to the caller we may pass personal data onto the emergency services in order to protect the vital interests of the caller - Court Order
Personal data may be disclosed to the police if requested under a court order. This is in order to meet our legal obligation to cooperate. - Abuses of the Service
It is in the legitimate interests of Nightline to protect against abuses of the service to protect our volunteers’ safety and wellbeing, and ensure that the service remains available for genuine callers.
In order to serve this interest, where a caller acts in an abusive or threatening manner towards our volunteers, Nightline may disclose personal data of that caller to appropriate third parties. These parties include the police, other Nightlines, the Nightline Association, and other organisations with responsibility for the welfare of our volunteers such as the University of Warwick and the University of Warwick Students’ Union. This disclosure may include personal data such as a name.
Volunteers and Potential Volunteers
During the process of recruiting new volunteers, we collect some information from everyone who registers their interest in volunteering. The data collected includes the following:
- Name
- Contact details (email)
- Year of study and dietary requirements (for those passing to Training Weekend)
Once the recruiting procedure is over, we retain the information of unsuccessful applicants for the academic year. The information is not shared with anyone outside of Nightline before, during or after the recruitment drive.
For our volunteers, we store this data (along with other relevant information such as the number of shifts you complete and ongoing training sessions you attend) for as long as you are a volunteer and for one year after you leave the Nightline.
We collect this information in order to administer the recruitment process and effectively run the service.
Website Visitors
When you visit the Warwick Nightline website, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the website, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.
Warwick Nightline uses “cookies” to collect information. You can opt-out of cookies but you are required to do this proactively by changing the setting in your browser – unfortunately, we cannot control this on your behalf. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
Anonymised data from visitors to our website will be collected, including your interaction with our website and cookies to track with pages you visit. This helps us to analyse how our website is being used and how we can improve.
Social Media
Warwick Nightline may choose to use sponsored advertising on our social media platforms. In this case cookies enable the advertiser to offer customised suggestions to you and to understand the information we receive about you, including information about your use of other websites and apps, whether or not you are registered or logged in.
To show adverts that are relevant to you, the advertiser uses information about what you do on social media and on third-party sites and apps you use. For example, you might see ads based on the people you follow and things you like on Instagram, your information and interests on Facebook, and the websites and apps you visit.
To know more about the information collected by Facebook, for example, please check the following link: https://www.facebook.com/about/privacy.
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at: http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info
Data Retention Periods
We only keep your information for as long as is necessary for the relevant purpose. We use a number of criteria for determining the retention period, including obligations under law, our legitimate interests, and consideration of the original purpose we collected it for.
Your rights
The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and rights. This is why we are providing you with the information in this policy. If you have any additional questions, you can contact us using the contact details at the end of this policy.
The right to object
You always have the right to object to certain types of processing, including the option to stop receiving information from us across all of our communication channels (which is known as processing for direct marketing). This is at your discretion and we will respect your choice. However, for us to enact this we encourage you to notify us. You can use unsubscribe links on emails or contact us using the contact details at the end of this policy.
The right to access a copy of the personal data we hold.
You, or an organisation with legal purpose, can request a copy of your personal data for legitimate purposes. This is known as a ‘Subject Access Request’. To request this, contact us using the contact details at the end of this policy. Please note that proof of identity may be required and providing the reason for your request will allow Warwick Nightline to respond most appropriately. We may ask for further details if needed.
The right to erasure
This is where you can request that Warwick Nightline delete the data that we hold on you. Please note that this will not apply if there is lawful basis for us to continue to use the data we hold about you. To request this, contact us using the contact details at the end of this policy.
The right to rectify inaccurate data
As detailed above you can make corrections to the data we hold about you. To request this, contact us using the contact details at the end of this policy.
The right to restrict processing
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
The right to data portability
You have rights to obtain and re-use your personal data for your own purposes across different services.
The right to lodge a complaint
You can lodge a complaint about the way we handle or process your personal data with us or your national data protection regulator.
Contact nightline@warwick.ac.uk or su222@warwicksu.com. We will respond to your complaint within 48 hours.
The national data protection regulator for the UK is the Information Commissioner’s Office (ICO) and they can be contacted here: https://ico.org.uk/global/contact-us/.