Privacy Policy

Your privacy is important to us.
This Privacy Policy outlines what personal information is collected when you visit our site, the ways in which it is collected, how we may use that information, where we store it, how long we store it for, and how we protect it.
We will also explain your rights in relation to your personal information. Please read the following carefully to understand our views and practices regarding your personal information and how we may collect it and treat it.
This Privacy Policy applies to our sites,,, and any other services that we may provide to you through our site ("our services” for short). In the context of this Privacy Policy “personal information” means information which, on its own or in combination with other information, can be used to identify you, in particular by reference to an identifier such as your name, your address, or location data. The personal information that you give us or that we collect from you will be held under data protection legislation (but we’ll just refer to this as “the legislation”). The legislation requires that we tell you that we are a data controller for your personal information, or, in other words, we determine the purposes for which and the manner in which any of your personal information are, or are to be, processed by us.
We're the Digital Office for Scottish Local Government – we are hosted by COSLA thus our official registered company name is COSLA, a membership organisation registered with the Information Commissioner as a data controller under the Registration No: Z6216554 and operating from Verity House, 19 Haymarket Yards, Edinburgh, EH12 5BH
The Digital Office manages communications for the Scottish Local Authority Digital Partnership and the Scottish Digital Telecare Partnership. If you work are a member of either of those two partnerships you can register for our newsletter, send us a message, or register for the digital telecare website. Please only provide a corporate email address.
Any email addresses provided from non-partner organisations or personal email addresses will be deleted from our records. We do not need your consent to hold the corporate email addresses of our partner organisations, we have a legitimate interest to process such data. We do not however wish to annoy any of partners’ staff through nuisance email communications so if you feel that we are contacting you too much, please contact us to discuss. We are happy remove you from any mailing list that you have requested to be included on, but we would ask that you first engage with your employer to ensure that we can continue to provide our agreed service to them without providing push notifications to you.
Information you may pass to third-parties outside our control: On many of the pages on our site you will see ‘social buttons’. These enable you to share or bookmark pages on our site. These may include buttons for: Twitter, Facebook, Instagram or other social features. In order for us to implement these buttons on our site and connect them to the relevant social networks and external sites, there are scripts that are executed from domains owned by third-parties and outside of our control. You should be aware that these sites are likely to be collecting information about what you are doing all around the Internet, including on our site. So if you click on any of these buttons, these sites will be registering that action and may use that information. In some cases these sites will be registering the fact that you are visiting our site, and the specific pages you are on, even if you don’t click on the button but are already or automatically logged into their services, like Google and Facebook. We recommend that you check the respective policies of each of these sites to see how exactly they use your personal information and to find out how to opt out, or delete such personal information.
When you give us your personal information then we may use it to: Carry out our obligations from any contracts entered into between you and us and to provide you with information that you request from us. Provide you with information about Digital Office. Ensure that content from our site is presented in the most effective manner for you and for your computer. If you provide us with your e-mail then we may contact you by these electronic means (e-mail).
The Digital Office does not conduct direct market as defined by the ICO. We will only ever contact you in relation to our existing contract with your respective partnerships. We will never contact you in order to solicit sales.
We do not envisage transferring any information about or relating to individuals to anyone who is located outside of the European Economic Area. However, on some occasions, the information we collect may be transferred to organisations who may store and use such data at premises in other countries. Where we allow an organisation to process your personal information outside of the European Economic Area, we will ensure that we create and maintain appropriate safeguards with those organisations so that your personal information is subject to the same standards and protections as when we are processing your personal information inside the European Economic Area. If you choose to receive emails from us we use one of two third party companies, MailChimp and Survey Monkey, to send these. They will store such information in the United States. The EU has not endorsed the privacy laws of the United States but has approved a framework for the transfer of personal data called the EU:US Privacy Shield under which MailChimp and Survey Monkey has a valid certificate enabling us to lawfully transfer your personal data to those organisations safely.
Our site may contain links to other sites on the Web. The information practices of those websites are not covered by this privacy policy. Although we are committed to protecting your Personal Information, we cannot control and do not accept any responsibility or liability for the privacy practices or content of such other websites. We encourage you to read the privacy statements of each and every website that collects personal information. You are solely responsible for maintaining the secrecy of your passwords and other account information.
Data protection laws grant you, as a Data Subject, certain ‘information rights’, which are summarised below:
Right of access - You have the right to obtain a copy of information we hold about you
Right of rectification or erasure - If you feel that any data that we hold about you is inaccurate, you have the right to ask us to correct or rectify it. You also have a right to ask us to erase information about you where you can demonstrate that the data we hold is no longer needed by us, or if you withdraw the consent upon which our processing is based, or if you feel that we are unlawfully processing your data. Please note that we may be entitled to retain your personal data despite your request, for example if we are under a separate legal obligation to retain it. Your right of rectification and erasure extends to anyone we have disclosed your personal information to and we will take all reasonable steps to inform those with whom we have shared their data about your request for erasure.
Right to restriction of processing - You have a right to request that we refrain from processing your data where you contest its accuracy, or the processing is unlawful and you have opposed its erasure, or where we do not need to hold your data any longer but you need us to in order to establish, exercise or defend any legal claims, or we are in dispute about the legality of our processing your personal data.
Right to Portability - You have a right to receive any personal data that you have provided to us in order to transfer it onto another data controller where the processing is based on consent and is carried out by automated means. This is called a data portability request.
Right to Object - You have a right to object to our processing your personal data where the basis of the processing is our legitimate interests including but not limited to direct marketing and profiling.
Right to Withdraw Consent - You have the right to withdraw your consent for the processing of your personal data where the processing is based on consent.
Right of Complaint - You also have the right to lodge a complaint about any aspect of how we are handling your data with the UK Information Commissioner’s Office, which can be contacted at
Right to Opt-out of Marketing Communications – The Digital Office does not conduct direct marketing, but we are happy for you to unsubscribe to our mailing lists at any time by clicking the “unsubscribe” link at the bottom of the marketing emails related to our existing contract that we send you. You can also contact us using the contact details provided below.
Depending on how you engage with us it may be necessary for us to store your personal information for shorter or longer periods of time. Either way, we will only store your personal information for a legitimate and lawful reason.
The Digital Office does not collect personal data based on consent and as such we are not required by law to delete the data we hold on you if you send us a request to opt out. We are however dedicated to making all of the employees of our partners happy so if you would like us to delete personal information that we store about you we will happily oblige. We only request that you discuss this with your employer first so that they can ensure that we are still able to uphold our contract with them without us having your contact details.
We may need to change this Privacy Policy if it’s necessary for legal reasons or to reflect changes to our site and services. In any case, the provisions of this Privacy Policy may be changed without prejudice to your rights. When we change our Privacy Policy we will make the updated Privacy Policy available on our site. Once we change our Privacy Policy, it will become legally binding on you 30 days after we post it on our site. During that period you’re welcome to contact us if you have questions about the changes. If you don’t agree with our changes to the Privacy Policy (regardless of whether you get in touch with us) then unfortunately we may need to restrict or limit your use of the parts of our site that require your personal information in order for us to deliver our services to you.
We're the Digital Office for Scottish Local Government – we are hosted by COSLA thus our official registered company name is COSLA, a membership organisation registered with the Information Commissioner as a data controller under the Registration No: Z6216554 and operating from Verity House, 19 Haymarket Yards, Edinburgh, EH12 5BH