Contacting Glasgow Life by Email
Contact by Email
Like most organisations we make regular use of email to contact our citizens and service users. We also provide Glasgow Life email addresses to allow them to contact us quickly and easily.
However, when using email as a means of communicating with us, you should be aware that it is not completely secure. It is possible for emails to be intercepted, copied or altered as they cross the internet from the sender to the receiver.
As an ALEO of the council we use Transport Layer Security (TLS) to encrypt and protect our email traffic in line with government security guidance. If your email service does not support TLS, you should be aware that any emails we send to you, or you receive from us, may not be protected in transit. You should check with your own email provider whether they support TLS.
When you want to send sensitive information to a web page (similar to a bank), you would typically look for a https connection, shown in your web browser by a green padlock, TLS is a similar concept for email.
We would also strongly recommend that you do not send or receive emails, particularly emails which are not protected in transit, when connected to public Wi-Fi hotspots.
It is very easy for email to be intercepted, without your knowledge, in such an environment. The risk of email interception is much lower if you use a fixed connection or 4G/5G.
If you are using Wi-Fi at home you should make sure that you have set up your Wi-Fi with a modern encryption setting such as WPA2 or WPA and avoid older settings such as WEP.
You must also make sure that your home Wi-Fi is not set to 'open' as this will offer no security protection at all and you are at risk. Similarly, connected devices e.g. smartphones, speakers, and other home appliances such as robotic hoovers and smart lightbulbs not having a strong password or not changing the default password can allow an attacker easy access to your home network.
We will respond to email enquiries by a return email on the basis that you have chosen to use this means of communication with us - given the associated risks. We will also initiate contact by email if you have supplied us with your email address in, for example, a paper form you have sent us or when speaking to a member of our team.
If you do not want us to email you, or do not wish us to send you emails with any sensitive content, please make this clear when you contact us. Otherwise if we have your email address then this will generally be our primary means of contacting you.
However, if the reply we would be sending contains particularly sensitive information, which you may not have been expecting to receive back in response to your email, then we will contact you (normally by email) to advise that we have sensitive material to send to you and to check whether you are happy with us emailing this to you or whether you would rather we communicated by a different method.
Alternative methods of communicating with us are:
- by telephone - but sometimes we will need to send a lot of information which you will need to be able to refer to later, so telephone may not always be appropriate;
- by secure email - we intend to move to a policy where emails with any sensitive content will only be sent encrypted using TLS or sent using our secure email platform. By using our secure email platform, this requires the person receiving the email to additionally verify their email address to read the message sent by us; or
- by post.
Please note that we monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to make sure that any email you send is within the bounds of the law. Emails containing malicious software or viruses will be intercepted by our filters and will not reach the intended recipient.
Our policies on use of email means that members of our team, other than the individual you send the email to, may be able to access the email (for example, if the named recipient is not at work). We make sure this is handled in line with our general data protection obligations.