Privacy noticesStrathclyde Sport privacy notice

Privacy notice

This privacy notice explains how Strathclyde Sport uses personal information of members, non-members and volunteers who engage with us and use/visit our facilities.

It is important that you read this notice.

Who we are

Under data protection legislation the University of Strathclyde is the ‘data controller’. This means that the University is responsible for how it collects and processes your personal data.

If you have any questions regarding the handling of your personal data, or your rights, please contact the University’s Data Protection Officer at dataprotection@strath.ac.uk

Information we collect and use about you

We require your personal data for the purposes set out in the section below.  We collect and use the following information:

  • information you supply as part of your membership application
  • personal and contact information (including emergency contacts, sex and date of birth)
  • payment information (including bank details)
  • evidence of attendance at another college or university (non-Strathclyde students)
  • information to support concessions (proof of benefits, age)
  • evidence of employment (corporate membership)
  • exercise referral information (member status, DOB, age, medical history, current medications, risk factors)
  • gym consultations (gender, activity history, personal goals, injuries, likes and dislikes).
  • information you supply to us as part of an enquiry, voucher, attendance at an event, seminar etc.
  • health information (to ensure your safety)
  • filming/photography and live streaming of events may take place
  • CCTV is in use in Strathclyde Sport premises/venues
  • relevant information for Strathclyde Sport volunteers (previous experience, hobbies, likes, etc)

In some cases, data may be transferred directly from central staff/student systems to support the membership process.  You have the option as to whether this data is transferred. 

Why we require this information & our lawful basis

We require this information for a variety of purposes, including:

  • responding to queries
  • processing and managing memberships and applications
  • arranging access to facilities
  • processing bookings for access to classes/facilities
  • administrative and financial management (including the processing of payments)
  • managing events
  • general promotion of Strathclyde Sport
  • health and safety
  • the prevention and detection of crime
  • recording attendance
  • meeting our legal obligations
  • anonymised data management reporting
  • teaching and learning purposes
  • booking via the Strath Sport mobile app

Under data protection legislation, we are required to identify a lawful basis for processing your personal data.  Depending on the circumstances, we rely on: contract; consent; legitimate interests; vital interests; or legal obligation.  For special category data, e.g. data relating to health, we additionally rely on the lawful bases of: substantial public interest; explicit consent; vital interests.

Disclosing your information

Strathclyde Sport may be required to share your personal data with third parties who are contracted by Strathclyde Sport to provide services to its members, for example, the leisure management system, providers of online fitness classes and the mobile app. 

Strath Sport mobile app

When you download the App

We do not process any of your personal data when you first download the Mobile App. 

When you log into the App

We process some of the personal data which you have already provided to Strathclyde Sport when you log into the App. Personal data from our Leisure Management System is used to log in using users' Leisure Management System booking accounts: 

  • Email address and password 

Account deletion

Under UK GDPR, you have the right to be forgotten, which allows you to request that all the data Strathclyde Sport holds on you, including your personal data, be deleted. If you wish to exercise your right to have your Strath Sport mobile app account deleted, please contact strathclydesport@strath.ac.uk.

How long your information is retained

With the exception of filmed activities, which will be retained for up to 6 years from data collection, we will retain your personal data for up to 7 years after your membership has expired or your last Pay As You Go Visit for administrative and financial purposes.

Your personal data will be retained for marketing purposes until you unsubscribe from the service.

Your rights

Under data protection legislation, you have a number of rights* including the right to:

  • withdraw consent, at any time, where that is the lawful basis of our processing;
  • access your personal data and obtain a copy, free of charge;
  • rectify inaccuracies in personal data that we hold about you;
  • erasure, that is have your details removed from systems that we use to process your personal data;
  • restrict the processing in certain ways;
  • obtain a portable copy of data you have given to us in a commonly used electronic form; and
  • object to certain processing of your personal data by us.

*Please note that the ability to exercise these rights will vary and depend on the lawful basis under which the processing is being carried out. 

Please contact dataprotection@strath.ac.uk if you wish to exercise/enquire about any of these rights.

Complaints

If you wish to make a complaint about how we have handled your personal data, you can contact the Data Protection Officer at dataprotection@strath.ac.uk

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you also have the right to complain to the Information Commissioner’s Office.