General Data Protection Regulations (GDPR) Policy
The UK data protection regime is set out in the Data Protection Act (DPA) 2018, along with the General Data Protection Regulations (GDPR), which also forms part of UK law. It takes a flexible, risk-based approach which puts the onus on organisations to think about and justify how and why they use data.
We, 1st North Leigh Scout Group, store the data you give us for the purpose of your and your child’s safety, membership, or intended membership, of the 1st North Leigh Scout Group and our safeguarding processes. We do not collect data from sources other than yourself and we only provide your data to the Scout Association, and the Disclosure and Barring Service, again for the purposes of your membership and safeguarding processes. We will also provide relevant information about you to other organisations if we are required to do so by law.
When your child, or a leader, moves between sections (Beavers, Cubs, Scouts) the information we hold on your child or the leader does not change; however, the data fields that record which section your or your child is associated with will change. Who has access to your data will also change depending on who in the new section needs access to it and who in the previous section no longer needs access.
We store your information on an IT system called Online Scout Manager (OSM) in common with most scout groups in England. We also store some of this information on the Scout Association’s Compass membership system and a system that manages our disclosure requests to the Disclosure and Barring Service. These systems comply with GDPR and the Data Protection Act. In technical terms OSM and Compass are the Data Processor and we are the Data Controller.
For events, such as camps, we may print your data from OSM and/or Compass or may ask you to complete a paper form. This is because in an emergency we may not have access to OSM from a campsite. These paper copies of your data are destroyed at the end of the event unless they are required for investigating an incident that occurs on the event when the data will only be kept for as long as required by any investigation.
For applications for membership or a DBS check we may initially collect data using a temporary paper form or electronic copies of identity documents such as passports. Once the information has been transferred to our or the Scout Association’s IT systems these temporary copies are destroyed.
We do not keep your data on personal computers unless authorised by the Group Scout Leader for specific temporary purposes, for instance creating an email list for a specific purpose.
Your data we store is necessary for you and your child to be members of 1st North Leigh Scout Group and the Scout Association. We use it to contact you about scouting matters and incidents involving your child, for safeguarding children and vulnerable adults, for the payment of membership fees (subscriptions) and in aggregated form for the planning and management of 1st North Leigh Scouts and the Scout Association.
In particular it is necessary that our leaders know about any medical conditions that your child has and medicines your child may need that are relevant for Scouting purposes. Sometimes, for instance if they are assisting at camp, we may also ask adults if they have any relevant medical conditions. This data is held on OSM or temporarily on paper for the duration of the event.
Because it is necessary that we store your and your child’s data for safety and membership purposes you and your child would not be able to continue with your membership should you decide to request us to delete your data. You may request to end your membership and have your data deleted at any time by emailing Mr. Jeremy Taylor, the Group Chair, at firstname.lastname@example.org.
Your data will in any case be deleted when no longer required for membership of 1st North Leigh Scout Group.
Some parents of past child members and other interested adults such as past leaders like to keep in touch and we keep their details on OSM. We will periodically ask these adults if they wish opt in to us retaining their data.
Intending members, that is parents with children on the Waiting List, will periodically be asked if they wish to opt in to us keeping their data for the purpose of being on the waiting list.
You can find out more about your rights under GDPR at the Information Commissioner’s website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Should you wish to exercise any of these rights in respect to your data held by us then please email Mr. Jeremy Taylor, the Group Chair, at email@example.com.