The new General Data Protection Regulations (GDPR) came into force on the 25th May 2018. They cover the European Union but the UK will still adopt them after leaving. In accordance with these regulations we have to provide you with information about the data we collect, record and process about young members, parents, Leaders and Committee members.
What information do we collect?
When a young member joins the Group the responsible adult has to complete our Membership Form. This contains information about names, addresses, telephone numbers, email addresses, date of birth, ethnicity, nationality, religion and any disabilities or medical requirements.
Information is also collected for camping events when current contact details, health requirements and other necessary data is required. This data is destroyed once the event and its management requirements have ceased.
How is the information used?
The information is essential to manage young persons’ Scouting programme either at the Scout Centre or away from it. We need to ensure we can contact relevant persons in an emergency situation or deal with medical issues. We also need to communicate in order to inform you about events, meetings, camps etc. It will always be relevant to the normal operations regarding Scouting.
We do not give this information to anyone else outside of the Scouting fraternity. However, some aspects such as ethnicity, disabilities and medical conditions are supplied to the Scout Association in anonymised form so they can measure the effectiveness of their policies to provide access to Scouting for all.
How is it stored?
The main information about young persons is stored on a secure internet based programme used by the Group called Online Scout Manager (OSM). This enables us to manage basic information and record progress on badges and other milestones. It is also used to record attendance which is a legal requirement for all gatherings. The system provides us with the ability to run our Direct Debiting payments system by linking to the GoCardless system.
We also use Atlantic Data for the Disclosure and Barring Service. This is a legal requirement to vet persons having access to young persons.
How is it secured?
All of our third party providers have issued a statement to confirm that they comply with all the requirements of the general General Data Protection Regulations. This means they cannot share the data with anyone else and they use accepted secure storage methods. Any breach must be reported to us.
Who do we share the information with?
Other than anonymised data given to the Scout Association, we do not share the data with anyone else. We do not allow this information to be passed to anyone outside of the UK.
How long do we store the information?
Some information is stored longer than the membership of the individual due to requirements such as Gift Aid claim data which is 7 years. Information which may be included in reports of events may be retained indefinitely. This is how we build a historical trail for the Group’s progress over the years. However, most data is only in anonymised form in reports. For instance, if an individual is mentioned in Committee minutes regarding a sensitive issue then a Private version is created with a password controlled access only for Committee members to use.
Internet data
The Group does have a Website at www.17thReigate.org. Our policy is not to name individuals unless agreed with them. Only first names tend to be used. We also have a Facebook Page and the rules are the same. The use of photos is an option on the Membership Form.
Your rights
You have a right to object to any information we keep. If you have any concerns please discuss it with the Group Scout Leader or the Group Secretary. However, please remember that most of this data is required to enable us to comply with safeguarding children laws and to ensure that they can obtain the best outcome from being a member of the Scout Association.