Spectrum.Life 24/7 helpline privacy notice

Find out what information we hold about you, why we need to keep it, and how we may use that data. Understand your rights, and how to contact us.

About this notice

This privacy notice explains:

  • who we are
  • how and why we collect and use personal information about you
  • what personal data is collected and held about you when you use the Spectrum.Life 24/7 helpline
  • our purposes and lawful bases for processing
  • who we share your personal data with
  • relevant retention periods
  • how you can exercise your privacy rights.

This notice provides information in addition to the main Spectrum.Life privacy information. Please read this notice and if you have any questions contact us using the details provided.

Who we are

Throughout this notice, “University”, “we”, “our” and “us” refer to the Manchester Metropolitan University, an exempt charity under Schedule 2 to the Charities Act 1993 (amended by the Charities Act 2011). The University is the Data Controller in respect of the personal data you provide as part of your use of the Spectrum.Life 24/7 helpline.

The University is registered as a data controller with the Information Commissioner’s Office (ICO). We manage personal data in accordance with the General Data Protection Regulation (GDPR) and the University’s Data Protection Policy.

The personal data we process

When you engage with the Spectrum.Life counselling and wellbeing service, the following information is shared with the University’s Counselling, Mental Health and Wellbeing Service (CMHWS).

Spectrum.Life shares a monthly utilisation report with the University CMHWS that lists the following details of the students who have used the service that month:

  • Spectrum.Life case number
  • Date case opened
  • Student ID number 
  • Primary presenting issue
  • Sub-service required
  • Risk code (red/amber/green)
  • Method of contact

There are some exceptional circumstances where Spectrum.Life may share additional information with the University CMHWS, without student consent, in order to best support the student and to protect them or others from more imminent harm. 

These exceptions are classified as amber (where there are escalating concerns of clinical risks) and red risks (where there are high risk concerns for urgent clinical attention), and are seen below.

Amber risk: escalating concerns of clinical risks

  • Moderate suicide risk
  • Alcohol/substance abuse
  • Significant history of psychiatric disorders
  • Significant work-related stress
  • Deteriorating presentation during the counselling process
  • Any disclosed risk to others, especially children and/or vulnerable adults

Red risk: high risk concerns for urgent clinical attention

  • Imminent or actual suicide attempt
  • Alcohol/substance abuse in safety sensitive jobs
  • Major psychiatric disorders
  • Risk to others
  • Critical/corporate incident
  • Other serious factors affecting confidentiality/competence

How we share information

Information may be shared in the form of a risk report. These reports are likely to contain the following information:

  • Student ID number 
  • Time of contact 
  • Date of contact 
  • Risk disclosure 
  • Level of risk (based on assessment): red, amber, none 
  • Actions, agreed check in or follow up 
  • Contacted emergency services and campus security: yes/no 
  • Safety plan 
  • Case file number (Spectrum.Life)

Reports will be securely shared with the University CMHWS within 24 hours of the risk being disclosed to the Spectrum.Life clinical team, so that the University CMHWS can respond and provide support in a timely manner. This information will be held by the University CMHWS with a high level of information security and access control, and only accessed and used by those qualified and experienced to best help and support the student.

What is the lawful basis of the processing?

Spectrum.Life and the University rely upon the ‘public task’ and ‘vital interests’ lawful bases, under the UK General Data Protection Regulation in order to share this information and use it for these purposes.

Data retention

Your personal data will only be retained for as long as it is necessary by the University’s Retention and Disposal Schedule. Exchanged information will be retained by the CMHWS for a period of six years following the date of last contact.

Your rights with respect to the processing

The GDPR provides data subjects with the following data subject rights:

  • The right to be informed – this privacy notice assists with fulfilling these obligations.
  • The right of access.
  • The right to rectification.
  • The right to erasure.
  • The right to restrict processing.
  • The right to data portability.
  • The right to object.

Please note, that these rights apply in certain circumstances, for example, according to the lawful basis utilised by the University. The right of access to personal information held about you exists to be aware of, and verify, the lawfulness of the processing. To exercise these rights please email dataprotection@mmu.ac.uk.

How to contact us

For further information about this additional privacy notice information, please contact counselling@mmu.ac.uk in the first instance. For more information about your data subject rights and contact information for the University’s Data Protection Officer, please see Data Subject Rights.

Right to complain to the supervisory authority

You have the right to complain to the Information Commissioner’s Office (ICO) as the supervisory authority in respect of the processing of your personal data. We would encourage you to use our internal complaints procedure through our initial contact and the University Data Protection Officer, prior to contacting the ICO. If you wish to contact the ICO, the following contact information can be used: casework@ico.org.uk or telephone: 0303 123 1113. For any further contact information please see the ICO website.

Updates to this privacy notice

We may update this privacy notice from time to time in response to changing legal, technical or business developments. When we update our privacy notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material privacy notice changes if and where this is required by applicable data protection laws.

This privacy notice was last updated on 14 May 2024.