Privacy notice and data protection
This privacy notice explains your rights under the Data Protection Act 2018 and General Data Protection Regulation. It describes the type of information we may hold about you, how it may be processed and who we might share it with.
Personal data (which we will call 'data' throughout the rest of this notice) means any information about an individual from which that person can be identified.
Social Security Scotland is registered with the Information Commissioner (registration number Z4857137) under Scottish Ministers, to handle your data.
If you would like to write to us, please use the below address.
PO Box 10301
1. Social Security Scotland
As an organisation we process a lot of data. We manage your personal data to deliver a number of social security benefits outlined in the Social Security (Scotland) Act 2018. We are committed to protecting and respecting your privacy.
To find out more information about benefits delivered by us, visit mygov.scot where you will also find a privacy notice with details of how we manage client information in relation to benefits.
2. As a visitor to our website
When online, we provide links to other parts of Scottish Government, including the Scottish Government website, the mygov.scot website and Work for Scotland website. Each of these areas will include important information about how any personal data you provide will be used. Please ensure you read this information.
We’ll only use your personal information when we are required to by law. We’ll use your personal information where:
3. Contact us
We provide a contact forms through which we collect a name and email address. We ask that these forms are not used to convey additional personal information.
We will use the information you provide to respond to your enquiry. In order to do this we will pass your request, including your personal data to colleagues within Social Security Scotland or other Scottish Government departments.
In some cases, we will share data with third parties when needed to fulfil our services, for example we use the services to help manage this website. We require third parties to respect the security of your data and to treat it in line with the law.
We will keep your data only for as long as it’s needed. The length of time may vary across the organisation, depending on the reason for collecting or holding the data. For example, the information you provide on this website under ‘Contact’ will be kept for seven days only after it has been passed to our colleagues best placed to respond to your enquiry. Thereafter, the information will be kept in line with legal and business requirements, for example if your enquiry relates to a benefit, it will be kept for a duration of the benefit plus seven years, in line with the requirement of the Public Sector Finance Manual.
In some cases, such as where fraud, error, or debt are involved, your data may be held for a longer period.
Social Security Scotland has a Safeguards Policy for processing special categories of personal data and criminal convictions. To receive a copy of our Safeguards Policy without charge contact our Data Protection Officer.
When someone visits www.socialsecurity.gov.scot we may use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. The cookies are turned off by default.
If you choose to switch these cookies on, we collect information about:
Any information we get is received in a way that we can't identify anyone by it. For example, we never receive your name or address.
We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
5. Your data will not be sent outside the UK or EEA
Your data will not be processed or sent outside the UK or EEA without suitable safeguards being in place.
6. Your rights
Under certain circumstances, you have the right to:
Please note that we do not have to comply with your requests in cases of the prevention, detection, investigation or prosecution of criminal offences.
7. How to contact us about your data
You have a right to access your data. You can ask us to see the data we hold about you.
Please contact our Data Protection Officer to ask about this, any of your other rights, or for any other questions or comments you may have. You can either ask for your information face to face, over the phone or online.
You can write to us at the below address.
Data Protection Officer
PO Box 10298
You can contact the Information Commissioner if you are concerned about how we process your data. If you are going to do this, we would ask you to let us have the chance to put things right first, by getting in contact with our Data Protection Officer and letting them know your concerns.
To lodge a complaint with the independent Information Commissioner, you can contact them using the below details.
Alternatively, you can write to:
The Information Commissioner