Using an employer’s IT system
An increasing number of UNISON branches are using their employers IT systems in the day-to-day running of their union duties. While this has a number of benefits, it can make for some complex interactions, especially around personal data.
The most important thing to know is that UNISON is the data controller for UNISON data even when it is held on the employer’s network i.e., emails sent to/from a UNISON representative’s work email address for the purpose of carrying out trade union duties. This essentially means that we decide how it is used and how long it is kept for. This view is shared by the Information Commissioner’s Office (ICO).
In the event you are asked for member’s personal data by your employer for a subject access request in your capacity as a UNISON representative, you must not disclose any data. Only the data controller of the personal data should do this. You can of course provide any personal data from your substantive post.
If a request is sent to you, the best courses of action are either:
- To respond and say that the member will need to make a subject access request to UNISON directly, or;
- Forward the request to dataprotection@unison.co.uk and UNISON’s Data Protection Team will help with the response and any other questions.
If you use an employer’s system and would like to discuss any issues or get an agreement put in place with your employer about use of IT systems and UNISON data, please email us at dataprotection@unison.co.uk and we will help in any way we can.
Meeting notes and other working notes
Branch representatives often make working notes for various reasons, such as keeping track of points in meetings which aren’t being formally minuted or for general case work memory aids. The UNISON branch retention schedule covers these notes:
- Working copies of any document, including drafts, revisions and rough notes. Ideally these should be destroyed once the final document is produced. If that is not possible, then no longer than 1 year after the final work is produced. and
- Working documents, i.e. drafts, rough notes, revisions, etc., should be destroyed once the final product is produced, and there is no longer any reference needed.
If anyone makes a subject access request (SAR) who may be mentioned in the notes, they can ask for these; if the notes are still held, they must be supplied as part of the response to the subject access request.
To protect the branch and to ensure that the most accurate data is held, it is recommended that notes taken as a memory aid be typed up and added to the relevant case file, such as in an email or case note, or destroyed if it is found they are not as relevant as expected. Per the retention schedule’s requirement to destroy after use, we do not advise retaining working notes if it’s possible to avoid doing so.
Communications to activists relevant to their role
UNISON has determined that communication to activists relevant to their role falls under the scope of the union’s legitimate interests. Essentially, this means that activists will be unable to unsubscribe from such communication. It is necessary to UNISON that activists are kept up to date and receive regular information on relevant issues and training opportunities that enable them to carry out the function of their role.
UNISON has made this decision because the information is of a clear benefit, and in some cases required by law i.e., health & safety reps. There is also a limited privacy impact on individuals because the communication is sent by email through UNISON’s systems, the content of which is relevant to the role individuals have volunteered to do.
If you have any questions regarding this, please contact UNISON’s Data Protection Team at dataprotection@unison.co.uk.