Business in the Parliament Logo Business in the Parliament home
The Scottish Parliament
4 December 2020
Skip to main content

Privacy statement: Business in the Parliament

This privacy statement explains how we collect and use personal information for the Business in Parliament Conference

Some of the language used in privacy notices can be specialised.  The Information Commissioner's website provides a useful introduction to key terms and concepts.

The Scottish Parliament is hosting the 2020 Business in Parliament Conference which provides an opportunity for Members and representatives from the business sector in Scotland to come together to discuss business issues.  This event will be chaired by the Presiding Officer (PO).  The image of speakers and what they say during the formal conference sessions will be made public via online video conferencing. Registration for the conference will be managed via a third-party supplier Eventbrite.

The purpose of the processing

The purpose of the processing by the Scottish Parliament is to enable participants to register for the conference. 

Read Eventbrite’s terms and conditions for processing personal data

Conference sessions

The SPCB will use BlueJeans, a third-party video conferencing tool, to record and broadcast the formal speaker sessions during the conference. If your question is chosen, the PO will either read out your name and organisation and read out your question to the panel or you may be asked to join the live broadcast on screen and ask your own question alongside the PO.  This will be made public via Parliament TV and made available on social media and parliament podcasts.

More information about the way Blue Jeans collects and stores personal information 

Virtual networking session 

The SPCB will use Microsoft Teams, a third-party communication tool, to enable the virtual networking session at the close of the conference. The Scottish Parliament will not record or take notes or copy any of the questions discussed from these sessions. We ask that participants do not to record or share the content of what is being discussed via Teams.

Read the privacy notice for Microsoft Teams  

Collecting and holding personal data

The Scottish Parliamentary Corporate Body (SPCB) processes any personal data you send in line with the requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Personal data consists of data from which a living individual may be identified.  The SPCB will hold any personal data you share with us securely, we will use it only for the purposes set out in this privacy notice and for which it was collected and will only in line with the legal basis for which it is being processed. 

Further information about how the Scottish Parliament processes personal data  

Categories of information processed

The personal data used is “normal category” data in accordance with the General Data Protection Regulation’s definition this will include your title and your name and the organisation you represent along with your image and what you say as a speaker at the conference.  

Source of the information

Personal data is provided directly to the SPCB by those speaking at the conference and by those participants in the final networking session.   

Legal basis for data processing

Data protection law states that we must have a legal basis for handling your personal data.  The legal basis for processing the personal data you provide to the Scottish Parliament during the Business in Parliament Conference is that it is carried out in the legitimate interest of the SPCB. The legitimate interest is to facilitate meetings of MSPs and business during the Business in Parliament Conference (Art 6(1)(f) GDPR.)

Data sharing and retention of data

The information captured on Blue Jeans video conferencing will be used by the Economy, Energy and Fair Work Committee as part of the Business in the Parliament Conference to inform the next conference after which it will be securely deleted two weeks after the event.

Your rights

Data protection legislation sets out the rights which individuals have in relation to personal data held about them by data controllers. Applicable rights are listed below, although whether you will be able to exercise data subject rights in a particular case may depend on the purpose for which the data controller is processing the data and the legal basis upon which the processing takes place.

For example, the rights allowing for deletion or erasure of personal data, data portability and objecting to the processing of personal data do not apply in cases where personal data is processed for the purpose of complying with a legal obligation – these particular rights will therefore not apply to any personal data processed by us for the purpose of fulfilling our legal obligations under the Lobbying (Scotland) Act 2016.

The following rights apply:

Access to your information

You have the right to request a copy of the personal information about you that we hold. For further information, have a look at our page on Making a Subject Access Request.

Correcting your information

We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards. 

Objecting to how we may use your information 

You have the right at any time to require us to stop using your personal information for direct marketing purposes. In addition, where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.

Restricting how we may use your information

In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where this is no longer a basis for using your personal information, but you don't want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so. 

Please contact us in any of the ways set out in the Contact information and further advice section if you wish to exercise any of these rights.

Child Protection

In line with the principles underlying the National Guidance for Child Protection in Scotland (2014), published by the Scottish Government, our staff may report a concern to the relevant authorities if they come across an issue in the course of their work which causes them to think that a child may be at risk of abuse or harm.

Changes to our privacy statement

We keep this privacy statement under regular review and will place any updates on this website.  Paper copies of the privacy statement may also be obtained using the contact information below.

This privacy statement was last updated on 17 November 2020 and will be reviewed within 12 months if not updated prior to that.


We seek to resolve directly all complaints about how we handle personal information but you also have the right to lodge a complaint with the Information Commissioner's Office online at:

Or by phone at: 0303 123 1113

Contact information and further advice

If you have any further questions about the way in which we process personal data, or about how to exercise your rights, please contact the Head of Information Governance at:
The Scottish Parliament
EH99 1SP

Telephone: 0131 348 6913

(Calls are welcome through the Text Relay service or in British Sign Language through contactSCOTLAND-BSL.)


Please contact us if you require information in another language or format

Share this page