Data Protection & Your Privacy
Your privacy is important to us. We want to securely hold and process personal information and communicate with members and other related parties in a way which has their consent, and which is in line with UK law on data protection. As a result of the introduction of the General Data Protection Regulation (or GDPR for short) in 2018, we took the necessary steps to ensure we complied. This was communicated to all County Members as shown below:
We are notifying you of how we will be using your personal data going forward with the new data protection regulations (General Data Protection Regulation or GDPR). The way we communicate will not change with our members as we need to be able to inform you of changes, updates and opportunities to enable a balanced programme for our young people. We will legitimately use your data to ensure you have the information required to complete your role in scouting. We will contact you to inform you of updates to policy, events and programme that provide you with the resources to produce a balanced programme. It is recommended that you have your own Scouting email to receive this information. This will include:
- All County Training
- All County Appointments and Opportunities
- All County Events
- All County Awards
- All County Updates, including newsletters
- All County Policy information
- All County Scout Council information
- All County Campsite Information
- All County Programme Opportunities
- Any Safeguarding, Safety or Complaints
- Any other legitimate Scouting information relating to our Policy, Organisation and Rules.
We will take the data used to communicate with you from the Compass Membership database; so please ensure that your information is correct and kept up to date by logging into your Compass account. New members must be informed of how and why their personal data will be used. If you are reading this notice because you have a youth member involved in County run Scouting then their personal details will be retained on Online Scout Manager (OSM). You can access these details through your own OSM log in.
From time to time we receive new of events and training outside of the county and Scouting. If you would like us to forward this information to you please opt in by e-mailing Yes to email@example.com.
We will only take your medical and emergency contact details if you are attending an event or camp and will securely destroy the information after the event is completed. We will also take young person’s medical and emergency contact details if you are attending an event or camp and will again securely destroy the information after the event is completed. Please note if you are on a series of events where each event is frequent through the year your medical and emergency contact details will remain on file until the overall event is completed. We will also pass on this information, including notifying you of the process, to The Scout Association if attending National Events. We consider these to be events such as:
Any other youth event will mean your information will be exchanged on a case by case decision with your permission. You will be informed of this each time.
Information afterwards will be destroyed by the shredding of paper and digital records. The information described as data may be held digitally or/and on paper depending on the event and the organiser. When we hold data digitally in will usually be in a GDPR compliant cloud form; where our providers are audited yearly to ensure they remain GDPR compliant. Access to this information will be on a device which is password protected and then users will require two factor identifications to access to the data online. We will be using the following services when processing your personal data:
- Online Scout Manager (OSM) – details relevant to young peoples’ (under 18) membership of The Scout Association, including medical, emergency and personal details.
- Compass – details relevant to adult membership of the Scout Association.
- Eventbrite – personal details when booking on to events.
- Doodle – personal contact details when attempting to organise events.
- Office 365 – general office including permits, personal , medical and emergency details to provide information on the planning of scouting activities, safeguarding and security of members
- Dropbox and Onedrive – programme data with names
- Jotform- to collect event details
- Moo! – Online Membership Tool for events
- Stripe – process card payments
- Xero – financial records and billing
- Customer/Client Relationship Management (CRM) – contact details to deploy relevant communications to member
- Zoho and e-mail – contact Details to deploy relevant communications to member
- IONOS Hosted Servers WordPress Sites for Events and Virtual Events
- Hard copy / paper as appropriate
Records of members may be printed on to paper. This information will be securely stored, e.g. in a briefcase or sealed folder, if potentially required during the course of the day. When not in use or in transit they will be kept securely.
We have created a data protection policy and number of data protection procedures which can be found here as PDF files:
- Our Data Protection Policy (May 2018)
- Our Data Privacy Management Procedure (March 2018)
- Our Data Breach Reporting Procedure (March 2018)
- Our Data Subject Access Request Procedure (March 2018)
- Our Data Subject Correction Request Procedure (March 2018)
- Our Data Subject Deletion Request Procedure (March 2018)
If you have concerns or questions, please in the first instance contact your local Unit Leader. If they cannot provide an answer of if they have further queries, email your County contact.
Please take this opportunity to logon to your membership account in Compass (if an Adult Member) and OSM (if youth and adult member) and ensure your details are current.