MIP is committed to safeguarding the privacy of everyone who uses our services. This policy sets out how we will use your personal data.
This policy reflects our duties under the General Data Protection Regulation 2016 (GDPR), the Data Protection Act (1998) and all applicable Privacy and Electronic Communication Regulations. It describes how we use personal data fairly, keep it secure, make sure it is accurate and uphold your rights as a data subject.
This policy does not apply to other organisations to which we may link and whose privacy policies may differ.
Please read the following policy to understand how your personal information will be treated. It may change from time to time, so please check back periodically. It was last updated in May 2018.
Who we are
MIP is the data controller for the information you provide. Our address is:
MIP complies with all UNISON and FDA data management rules. To get in touch with their data officers, please contact us at firstname.lastname@example.org.
How MIP uses your personal data
The lawful basis for this processing is MIP pursuing our legitimate interests as a trade union. We may also use legitimate interest as our lawful basis for the following data processing:
Holding your data on our membership database.
- Your subscription payments.
- Confirming your identity when you contact us.
- Sending you statutory communications (these are communications that, as a trade union, we have to send you by law).
- Sending you the quarterly membership magazine.
- Ensuring you have a vote in all MIP elections and ballots that you are eligible to vote in.
- Ensuring you are represented through MIP's democratic processes.
- Member representation (this could be representing you individually or collectively) and case work.
- Booking you on to any trade union courses you want to attend and ensuring accessibility.
- Equality monitoring.
- Statistical analysis of our membership and of employers and workplaces.
Accessing your personal data within UNISON
Some of your personal data will be available to MIP’s employees, branch officials, workplace representatives and others formally instructed by MIP for the purposes of carrying out trade union duties. The type of personal data shared will be relevant to the purpose for which the data is used, so for example, unless you have expressly asked us not to, workplace representatives will be given your workplace details.
MIP uses industry standard efforts to safeguard the confidentiality of your personally identifiable information, such as firewalls and SSL (secure socket layers). We make every effort to protect the loss, misuse and alteration of information under our control. However, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. If you have elected to use MIPs online account management service, your MIP membership information is password-protected so that only you can access it and view the information contained in your account. You are responsible for maintaining the secrecy of your passwords.
Sharing your personal data with third parties
By third parties, we mean organisations that are not MIP. We share your information with third parties such as mailing houses that print and send our communications to you; providers of membership benefits; returning officers (who ensure our elections are run fairly); and scrutineers (who count the votes when we ballot).
When we share your data, we only share the minimum required for the purpose of the data processing (for example if the purpose is to send you a mailing by post, we wouldn’t share your email address with the mailing house, because they don’t need it). We also ensure that processes are in place so that data is always transferred to third parties securely.
The third parties we share data with are as follows. For all MIP members:
- ADM – the mailing house that prints and sends our postal communications.
- Electoral Reform Services (ERS) – the organisation that acts as scrutineer for our elections and returning office for our ballots.
- Union Insurance Association (UIA) – the organisation that runs the UNISON Direct call centre.
For some MIP members, depending on the membership benefits and services that you choose to access, we may also share information with:
- Your employer – if you choose to pay your subscriptions as a payroll deduction. We also may use the information your employer provides us to keep our records up to date. Please note that if you do not want us to disclose your MIP membership to your employer, you can pay your subscriptions by Direct Debit.
- The Labour Party – if you opt for membership of our Labour Link fund.
- Thompsons Solicitors – if MIP refers a case in which you are involved for legal advice.
- Union Income Benefit (UIB) – if you opt in to receiving information about membership benefits from third parties.
- Liverpool Victoria (LV) – if you opt in to receiving information about membership benefits from third parties.
- Unison Insurance Association (UIA) – if you opt in to receiving information about membership benefits from third parties.
Please note this transfer is separate to that for the UNISON Direct call centre. We very occasionally share personal data with organisations working to detect or prevent crime, such as the police.
You may be contacted and invited to participate in market research activities by third party organisations acting on MIP's behalf. While such research helps us to get valuable feedback on how we work well and where we can get better – and as such your participation is very helpful and always appreciated – you are not obliged to participate in such research. If you don’t want to, simply let the researcher know.
Transfers overseas and safeguards
We don’t routinely transfer your data outside of the UK. Where it is necessary, we ensure appropriate data protection measures are in place.
Retention of data
Retention means how long we keep your data for. We do this in accordance with MIP’s data retention policy. This includes: Application form – retained for one year after processing, then securely destroyed. Membership record – retained for seven years after membership lapses, then minimised. Case files – retained for seven years after the case is closed, then securely destroyed. If you would like to know more or see UNISON’s full data retention policy, please email email@example.com
Your rights as a data subject
You have rights as a data subject. These rights are:
- The right of access – you have the right to access your personal data (e.g. data that is about you) that we hold. This is called a subject access request. We must respond to your request within one month. To request access to your data, please email firstname.lastname@example.org. It is very helpful if you tell us what of your personal data you are seeking.
- The right to rectification – if you think the data we hold on you is incorrect, tell us so we can put it right. You can do this by: logging in to MyUNISON; contacting UNISON Direct on 0800 0 857 857; or contacting your local branch.
- The right to erasure – you have the right to request that we delete your data. We will do so, provided that we do not have a compelling reason for keeping it. To request this, please email
- The right to restrict processing – you can change your communication preferences (therefore restricting how we communicate with you) by logging in to MIPs online membership system or by contacting us by email or telephone. There are also certain other circumstances in which you can suppress the processing of your personal data. To request this, please email email@example.com.
- The right to data portability – you can obtain and reuse your personal data for your own purposes across different services, for example different unions. To request this, please email
- The right to object – you have the right to object to direct marketing from MIP. You can opt out of direct marketing any time by logging in to MIP's online membership system or contacting us by telephone or email. There will also be instructions on how to unsubscribe included in any direct marketing message that we send to you. b) Any processing where our lawful basis is legitimate interest (see above). If you would like to formally object to any of our legitimate interest processing, please email firstname.lastname@example.org.
- Rights in relation to automated decision making and profiling – this is not something we do at MIP. If that ever changes, this policy will be updated accordingly.
At MIP we are committed to upholding your rights as a data subject. If you think we have not done so, please contact email@example.com. You may also complain to the Information Commissioner’s Office (ICO) if you believe your rights have not been upheld. The ICO is the data protection regulator and their website is: www.ico.org.uk
There are some types of data processing that we only do if you have given us your consent. These are:
- Sending direct marketing messages by email.
- Sharing your data with third party providers of membership benefits.
- Sharing your data with the Labour Party.
You are in control of what consent you give us. You can withdraw your consent at any time by logging in to MIPs online membership service, or via phone or email. There will also be instructions on how to unsubscribe included in any direct marketing message that we send to you.
Statutory data requirements
As a trade union, we have a statutory requirement to keep an accurate register of members’ names and addresses. If you wish to be a MIP member, you must provide this information to us.
Data collected on our website
Personal data collected by this website will only be used for the purposes (or closely related purposes) for which it was collected. We may use your personal information to:
- Administer the website.
- Improve your browsing experience by personalising the website.
- Enable your use of the services available on the website.
- Deal with enquiries and complaints made by you relating to the website.
All emails that we send you are tracked. This helps us to ensure that you only receive emails from us that are of interest to you. You can unsubscribe from emails at anytime by clicking the ‘unsubscribe’ button at the bottom of an email.
Social media buttons
On many of the pages of the site you will see ‘social buttons’, such as share buttons for Twitter, and Facebook ‘Like’ buttons.
When you click on any of these buttons, these sites will be registering that action and may use that information.
You should check the respective policies of each of these sites to see how exactly they use your information and to find out how to opt out, or delete, such information.
From time to time we may use Facebook advertising to promote MIP events and campaigns and encourage people to join MIP. We do not collect any personal data from Facebook profiles. We do not use your member data to target our advertising on Facebook. We do not provide or sell member data to third parties for the purposes of Facebook marketing. To no longer receive Facebook ads click on the top right hand corner of the ad.
External web services
We use a number of external web services on the MIP site, mostly to display content within our web pages. For example, to display images we sometimes use Flickr; to show videos we use YouTube. This is not an exhaustive or complete list of the services we use, or might use in the future, when embedding content, but these are the most common.
As with the social buttons, these sites may use information about usage of embedded content. If you are not logged in to these external services, then they will not know who you are but are likely to gather anonymous usage information e.g. number of views, plays, loads etc.