top of page
Image by Glenn Carstens-Peters


The QMU  takes your privacy seriously

The following principles underpin our approach to respecting your privacy:

  • We value the trust that you place in us by giving us your personal information. We will always use your personal information in a way that is fair and worthy of that trust.

  • We will provide clear information about how we use your personal information. We shall always be transparent with you about what information we collect, what we do with it, with whom we share it and who you should contact if you have any concerns.

  • We will take all reasonable steps to protect your information from misuse and keep it secure.

  • We will comply with all applicable data protection laws and regulations and we will co-operate with data protection authorities. In the absence of data protection legislation, we will act in accordance with generally accepted principles governing data protection.



Privacy Notice​

This notice explains have we collect and use information that we may hold about you as an individual. This notice covers the following:


  • What is personal information?

Personal information is any information that tells us something about you or could uniquely identify you. This could include information such as your name, contact details or date of birth.


  • How do we collect personal information?

We collect personal information about you from various sources including:

  1. Information that you give us directly;

  2. Information collected automatically when you use QMU Sites


  • What information do we collect?

We may collect the following categories of information about you:

Information that you give us directly;

We may collect information from you directly when you provide us with personal information, e.g. when you take out a membership of the QMU, sign up to receive information, attend an event, use applications, buy a product or service from us, fill out a survey, or make a comment or enquiry. The types of information we may collect from you directly include your:

  1. Personal contact details such as name, title, address, telephone number and personal email addresses

  2. Date of birth or age

  3. Gender

  4. Equal opportunities monitoring information such as ethnicity, religion, disability and sexual orientation

  5. Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions

  6. User generated content, posts and other content you submit to QMU sites

  7. Any other personal information that you voluntarily provide to us

Information collected automatically when you use QMU Sites;

We (and third-party service providers acting on our behalf) use cookies and other tools (such as web analytic tools and pixel tags) to automatically collect information about you when you use QMU Sites, subject to the terms of this Privacy Notice and applicable data laws and regulations. The types of information collected automatically may include:

  1. Information about the type of browser you use

  2. Details of the web pages you have viewed

  3. Your IP addresses

  4. The hyperlinks you have clicked

  5. Your user name, profile picture, gender, networks and any other information you choose to share when using Third Party Sites (such as when you use the “Like” functionality on Facebook or the +1 functionalities on Google+)

  6. The websites you visited before arriving at a QMU Site


Information we collect from other sources

We may receive personal information about you from other legitimate sources, including information from commercially available sources, such as public databases and data aggregators, and information from third parties. The types of personal information that we may collect from such sources include your:

  1. Personal contact details such as name, title, address, telephone number and personal email addresses

  2. Date of birth

  3. Gender


  • How do we use your information?

We may use your information for the following purposes:

  1. To administer your membership record and our relationship with you as a member, and to provide you with information about NUS activities and for other related purposes

  2. To administer relationships with you as either a customer or a supplier and provide you with information that you require to continue that relationship.

  3. To administer your attendance at an event to ensure that your requirements are accommodated so that you can fully participate in the event.

  4. To contact you regarding products and services which may be of interest to you, provided you have given us consent to do so or you have previously requested a product or service from us and the communication is relevant or related to that prior request and made within any timeframes established by applicable laws.


We may use your personal information to:

  1. suggest products or services or events (including those of relevant third parties) which we think may be of interest to you such as gigs in the QMU

  2. offer you the opportunity to take part in competitions or promotions. You can opt out of receiving communications from us at any time. Any direct marketing communications that we send to you will provide the information and means necessary to opt out.

  3. To provide you with products or services that you request from us.


We may use your personal information:

  1. for the purposes of competitions or promotions that you have entered

  2. to send you information, products or samples that you have requested

  3. to respond to your queries or comments

In order to protect information from accidental or malicious destruction, when we delete information from our services we may not immediately delete residual copies from our servers or remove information from our backup systems

We keep this privacy notice up to date, so if there are any changes to the way in which your personal information is used this privacy notice will be updated and we will notify you of the changes.



  • What is the legal basis that permits us to use your information?

Under data protection legislation we are only permitted to use your personal information if we have a legal basis for doing so as set out in the data protection legislation. The legal basis that permits us to use your information depends on the basis that we are using that information for.  We rely on the following legal bases to use your information:

  1. Where we need information to perform the contract we have entered into with you.

  2. Where we need to comply with a legal obligation.

  3. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.


In more limited circumstances we may also rely on the following legal bases:

  1. Where we need to protect your interests (or someone else's interests).

  2. Where it is needed in the public interest or for official purposes.


Some information is classified as "special" data under data protection legislation. This includes information relating to health, racial or ethnic origin, religious beliefs or political opinions, sexual orientation and trade union membership. This information is more sensitive and we need to have further justifications for collecting, storing and using this type of personal information. There are also additional restrictions on the circumstances in which we are permitted to collect and use criminal conviction data. We may process special categories of personal information and criminal conviction information in the following circumstances:

  1. In limited circumstances with your explicit consent, in which case we will explain the purpose for which the information will be used at the point where we ask for your consent.

  2. We will use information about your physical and mental health or disability status to comply with our legal obligations, including to ensure your health, safety and wellbeing at an event is attended to.

  • How do we share your information?

We share your personal information in the following ways:

  1. Where we use third party services providers who process personal information on our behalf in order to provide services to us. This includes IT systems providers and IT contractors.

  2. We will share your personal information with regulators where we are required to do so to comply with our regulatory obligations.

  3. We will share your personal information with third parties where we are required to do so by law.

  4. If we sell any part of our business and/or integrate it with another organisation your details may be disclosed to our advisers and to prospective purchasers or joint venture partners and their advisers. If this occurs the new owners of the business will only be permitted to use your information in the same or similar way as set out in this privacy notice.


Where we share your personal information with third parties we ensure that we have appropriate measures in place to safeguard your personal information and to ensure that it is solely used for legitimate purposes in line with this privacy notice.


  • How do we keep your information secure?

We take all reasonable precautions to keep your personal information secure and require any third parties that handle or process your personal information for us to do the same. Access to your personal information is restricted to prevent unauthorized access, modification or misuse and is only permitted among our employees and agents on a need-to-know basis.

  • When do we transfer your information overseas?

When data is transferred to countries outside of the UK and the European Economic Area those countries may not offer an equivalent level of protection for personal information to the laws in the UK. Where this is the case we will ensure that appropriate safeguards are put in place to protect your personal information.


  • For how long do we keep your information?

As a general rule we keep your personal information only for as long as we need it. What this really means is that we will retain your information for the duration of the time that we need to use it.  For example, if you are attending an event, the information required is only required until the event has finished.  Within 3 months of the event finishing, the information that is not required will be deleted.

However, where we have statutory obligations to keep personal information for a longer period or where we may need your information for a longer period in case of a legal claim, then the retention period may be longer.


  • Your rights in relation to your information

You have a number of rights in relation to your personal information, these include the right to:

  • be informed about how we use your personal information;

  • obtain access to your personal information that we hold;

  • request that your personal information is corrected if you believe it is incorrect, incomplete or inaccurate;

  • request that we erase your personal information in the following circumstances: 

    • if we are continuing to process personal data beyond the period when it is necessary to do so for the purpose for which it was originally collected;

    • if we are relying on consent as the legal basis for processing and you withdraw consent;

    • if we are relying on legitimate interest as the legal basis for processing and you object to this processing and there is no overriding compelling ground which enables us to continue with the processing;

    • if the personal data has been processed unlawfully (i.e. in breach of the requirements of the data protection legislation);

    • if it is necessary to delete the personal data to comply with a legal obligation;

  • ask us to restrict our data processing activities where you consider that: 

    • personal information is inaccurate;

    • our processing of your personal information is unlawful;

    • where we no longer need the personal information but you require us to keep it to enable you to establish, exercise or defend a legal claim;

    • where you have raised an objection to our use of your personal information;

  • request a copy of certain personal information that you have provided to us in a commonly used electronic format. This right relates to personal information that you have provided to us that we need in order to perform our agreement with you and personal information where we are relying on consent to process your personal information;

  • object to our processing of your personal information where we are relying on legitimate interests or exercise of a public interest task to make the processing lawful. If you raise an objection we will carry out an assessment to determine whether we have an overriding legitimate ground which entitles us to continue to process your personal information;

  • not be subject to automated decisions which produce legal effects or which could have a similarly significant effect on you.


If you would like to exercise any of your rights or find out more, please contact


  • Complaints or Contacting Us

Our contact details are as follows:

Address:          Queen Margaret Union, 22 University Gardens Glasgow G12 8QN
Telephone:     01413399784

We have appointed a person with responsibility for data protection matters who has responsibility for advising us on our data protection obligations. You can contact this person officer using the following details:

If you have any complaints about the way we use your personal information please contact who will try to resolve the issue. If we cannot resolve your complaint, you have the right to complain to the data protection authority in your country (the Information Commissioner in the UK). 

bottom of page