Site navigation

Privacy Policy

Who we are

The Scottish Framework for Fair Access Toolkit website is committed to processing personal data fairly, transparently and in accordance with the law.

Our website address is:

The privacy notice advises what your rights are in relation to your personal data and how to contact us if you have any questions or concerns about the use of personal data.

See links below for applicable data protection laws:

Data Protection Legislation

From 25 May 2018, organisations must manage personal data in accordance with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). This legislation gives more rights to you as an individual and more obligations to organisations holding your personal data.

One of the rights is a right to be informed. Below is information about the way in which we use and share your personal data, the legal basis on which we process your personal data and information about the increased rights you have in relation to the data we hold on you.

What We Do With Your Personal Data

This website can be used at any time without the need for users to provide personal data. Insofar as personal data is collected on this website, it shall be provided voluntarily by the user. Personal data shall not be disclosed to any third parties if the user has not provided their express consent.

When you access our website, data is automatically transferred from your browser to our web server. This data includes anonymous access data such as the date and time, browser type, volume/type of data accessed and your IP address. This data is stored separately from any other data collected during your visit to our website. This data does not allow the identification of any individual person and is collected solely for logging user behaviour and for statistical purposes. Once the data has been evaluated accordingly, arrangements are made for the data to be deleted.

What Are Your Rights?

  • Access to Personal Data – You can request to see the personal data held about you.
  • Rectification of Personal Data – If you believe the personal data that Scottish Government hold is incorrect or incomplete then you are entitled to request to have that data corrected.
  • Erasure of Personal Data or the Restriction of its Processing – You have the right to ask for your personal data to be erased or to restrict processing of that data.

Subject Access Request

You have the right to see a copy of the personal information held, subject to exemptions. This right is commonly referred to as a Subject Access Request (SAR). Subject Access Requests should not be confused with Freedom of Information requests.

The GDPR allows anyone to request a copy of personal data the Scottish Government holds about them. There is no charge, and we will respond within one calendar month once we have all the relevant details, including proof of identity.

You can submit a subject access request by contacting the Advanced Learning & Science Directorate at the above address, or visiting this link:


Information about You

When you contact the Scottish Framework for Fair Access or SCAPP, the information you provide will be used to respond to your enquiry. This may be to

  • Register to be part of the SCAPP mailing list
  • Enquire about, or register for, an event or activity
  • Provide feedback about an event to support the evaluation and ongoing development of SCAPP and the Framework for Fair Access
  • Participating in the mentoring programme (MAPS) or the Widening Access and Participation Accreditation Scheme

When you  contact us this will enable us to provide you with the information you have requested or to be held for the purposes of allowing you to attend an event or receive the newsletter.

Information you provide in relation to these activities, including your personal details will be stored on University of Stirling servers where email addresses are used to communicate with you and where your data is from one of the third party sites is accessed to manage your request. Data collected for these purposes will be deleted by us from our data storage areas at your request. However, where we have provided you with a link to another website or service, your details will be subject to their policies and you should check these when re-directed.

We will not use any details provided to us on the website for marketing purposes, other than the newsletter or learning or networking events. However information you provide will be used to:


  • respond to any feedback you send us, if you’ve asked us to (as above)
  • provide you with services or links to services that you have asked to receive or access (as above)
  • evaluate and inform our work
  • The website will process information from your IP address and the technical information provided for:
  1. security purposes – to maintain the integrity of our online services and protect them from malicious or accidental abuse
  2. to generate approximate geographical information to determine the reach of our website/services across Scotland and worldwide
  3. to identify technical problems
  4. to determine how the website is being used by visitors


Lawful Basis

We will always have a lawful basis to process your data.  When you have requested to receive a newsletter, attend an event or respond to a survey the lawful basis will be consent.  Other processing will be done on the basis of our legitimate interest. By submitting your personal data to us, you are consenting to the storage and processing of your data for the reasons specified at the time of submission.

What Information We Process

  • your name, email address and other personal information when you submit enquiries, publication requests or feedback through one of our forms, leave a comment, sign up for email newsletters, events or workshops
  • your IP address, the resource being requested, the date and time of the request, the address of the page from where the request originated and the software used to access the page


Third Parties

The website is hosted by the Scottish Government.

We use some external companies to facilitate communication with you.

  • Contact details for SCAPP members are stored via JISC. You can unsubscribe from JISC at any time or you can make a request via SCAPP who can do this on your behalf. For further information on how JISC will process your personal data please refer to their Privacy Notice.
  • If you wish to subscribe to the SCAPP newsletter (‘Connect with SCAPP’), your personal data will be processed by MailChimp. You can unsubscribe from MailChimp at any time or you can make a request via SCAPP who can do this on your behalf. For more information on how MailChimp will process your personal data please refer to their Privacy and Terms.
  • If you register to attend an event, your data will be processed by Eventbrite or Ticket Tailor. For further information on how Eventbrite will process your data please refer to their Privacy Notice and Terms of Service. For information on the way Ticket Tailor process data, please view their Privacy Policy, Terms and conditions, and Compliance with GDPR.
  • If you respond to a survey, your data will be processed by Jisc Online Surveys. For further information on how Jisc Online Surveys will process your data please refer to About Online Surveys, Terms and Conditions and Security


Overseas transfers

As MailChimp and Eventbrite servers are located in the United States the personal data you provide to them may be processed in the United States.

While the data protection, privacy, and other laws of companies operating outside of the UK and the European Economic Area (EEA) might not be as comprehensive as those in the UK/EEA they take appropriate measures to protect your privacy. Please refer to the individual privacy notices and terms of service for more information.


We have procedures and security features in place to keep your data secure, however, as with all websites, there are some risks in transmitting information over the internet.  We will take all reasonable steps to ensure your personal data is secure however, any data you transmit is at your own risk.

The third party sites we use have their own procedures and security features in place to keep your data as secure as possible unless there is a legal obligation to do so.


The Scottish Framework for Fair Access /SCAPP will not share your information with any organisations, other than those listed above in accordance with their notices and terms of service.



We will keep your information only for as long as it is required to fulfil the purposes described in this policy. This is also the case for any third party services that process data on our behalf. When we no longer need to use your information we will remove it from the relevant websites.

Your rights

You have the right to request to see a copy of the information we hold about you and to request corrections or deletions of the information that is no longer required.


If you provide consent for us to use your personal data in the ways outlined above you have the right to subsequently withdraw your consent.

In some circumstance you may have the right to object to the processing of your personal data, to request it is erased where it is no longer required for the stated purposes, or that inaccurate information about you is corrected.  For more information about your rights see the ICO Your Data Matters webpage.

To exercise these rights please use the contact details below


Contact details

If you have any questions relating to this privacy notice or the way we are planning to use your information, in the first instance please contact:


SCAPP Development Manager

University of Stirling, Stirling, FK9 4LA


Data Controller

The controller of your personal data is the Scottish Government. Their address is:


Scottish Government

Advanced Learning and Science Directorate

Higher Education and Science Division

7th Floor

5 Atlantic Quay

150 Broomielaw


G2 8LU


Complaint to the Information Commissioners Office (ICO)

You have the right to lodge a complaint against the The Scottish Framework for Fair Access /SCAPP  regarding data protection issues with the Information Commissioner’s Office.








Use of Cookies

Use of Cookies

Cookies are small files that a site or its service provider transfers to the user’s computer’s hard drive through a Web browser (if allowed) that enables the sites or service providers’ systems to recognize the browser and capture and remember certain information.

Cookies are covered by the Privacy and Electronic Communications Regulations.

Why we use cookies

We use Google Analytics to collect aggregated visitor statistics, and session cookies which allow the website to recognise a visitor throughout their visit and not treat them as a new visitor on each page.

Data collected by the Google Analytics cookies is hosted by Google. For more information please see Google Analytics Privacy Policy.

How can I control my cookies?

You can use your web browser to:

  • delete all cookies
  • block all cookies
  • allow all cookies
  • block third-party cookies
  • clear all cookies when you close the browser
  • open a ‘private browsing’ session
  • install add-ons and plug-ins to extend browser functionality.

User agreement on cookies

By continuing to use our site, you agree to the placement of cookies on your device. If you choose not to receive our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be.