General Data Protection Regulation

What is GDPR and why do we need it?

As technology develops and our private data is being used and shared in countless new ways, people are understandably becoming increasingly worried about security.

There are two key reasons why GDPR is being introduced – to bring all EU member states under one common regulation and to update regulations to reflect our new digital age.

In the UK charities like Great Wakering Sea are still following scout policy and organisation rules ensure the safety of people’s data. But technology and data sharing have developed a lot since 1998. This means that the current rules may not be entirely suitable for the needs of scouting and the types of technology we’re seeing today. GDPR will replace the Data Protection Act to better protect our data from breaches and hacks.

However, GDPR also gives you a number of ‘rights’ when it comes to your data, including:

  • The right to be informed– you have a right to know how your data will be used by our group.
  • The right to access your personal data– you can ask any scout group to share with you the data they have about you and your young person/s!
  • The right to rectification– this just means you can update your data if it’s inaccurate or if something is missing.
  • The right to erasure– this means that you have the right to request that a scout group deletes any personal data they have about you or your young person. There are some exceptions, for example, some information can be held by a group from first aid instance.
  • The right to restrict processing– if you think there’s something wrong with the data being held or you aren’t sure we are complying to rules, you can restrict any further use of data until the problem is resolved.

How we gather personal information

The majority of the personal information we hold on our members, is provided to us directly by yourself as parents / legal guardian in either paper form or via our online membership systems, in the case of an adult member or helper, data may also be provided by third party reference agencies, such as the disclosure and barring service (DBS).

Where a member is under the age of 13, this information will only be obtained from a parent / guardian and cannot be provided by the young person, however we will accept and potentially record any personal information, such as about any ongoing medical treatment from any member no matter their age.

How we use your personal information

We collect your personal and medical information for the protection and identification of that person whilst in the care of the Scout Group.

The collection of a person’s religion data is necessary to respect their beliefs with regards to activities, food and holidays.

We process the data to have the ability to contact the member, parents and guardians, to inform them of meetings and events that the group itself may be running or attending.

Our legal basis for using your personal information

  1. We only use your personal information where that is permitted by the laws that protect your privacy rights. We only use personal information where: We need to use the information to comply with our legal obligations.
  2. We need to use the information legitimately to contact you, regarding meetings, badge records, events, the collection of membership fee’s etc, i.e. for the day to day running of the group.
  3. it is fair to use the personal information in your interests, where there is no disadvantage to you – this can include where it is in our interests to contact you about products or services within scouting.

Sharing and transferring personal Information

We will only normally share personal information with our scout group leaders and limited information executive members.

We will, however, share your personal information with others outside Great Wakering Sea Scout Group where we need to meet or enforce a legal obligation, this may include organisers of events and camps the member is attending, such as Southend Estuary District Scouts, Essex County Scouts, PGL etc so they may fulfil any legal obligations although generally, such an event will have its own data collection form which will be securely held and disposed of after the event.

We may also share a member’s personal detail with The Scout Association and its insurance subsidiary “Unity”, local authority services and law enforcement, we will only share your personal information to the extent needed for those purposes.

If you move from Great Wakering Sea Scout Group, to another scout group or explorer group we will transfer your personal information to them.

We will never sell your personal information to any third party for the purposes of marketing.

Sometimes we may nominate a member for a county/national award, (such as a Scouting or Duke of Edinburgh award) such nominations would require we provide contact details to that organisation

Third Party Data Processors

Great Wakering Sea Scout Group employs the services of the following third-party data processors: –

The Scout Association via its membership system “Compass” which is used to record the personal information of leaders, adults and parents who have undergone a Disclosure and Barring Service ( DBS) check.

Unity Insurance (The Scout Association Insurance company)

Online Youth Manager Ltd (Online Scout Manager) which is used to record the personal information, badge records, event and attendance records etc, we have a data processing agreement in place with online youth manager, more information is available at https://www.onlinescoutmanager.co.uk/security.php

Dropbox inc occasionally used for secure transfer of limited personal information for events.

Google occasionally used for secure transfer of limited personal information for events.

How long we keep your personal information for

We will retain your personal information, throughout the time you are a member of Great Wakering Sea  Scout Group.

We will retain your full personal information for a period of six months after you have left Great Wakering Sea Scout Group, and in a much more limited form (just name, badge and attendance records, and first aid) for a period of up to 15 years (until age 21) to fulfil our legal obligations for insurance and legal claims.

We will also keep any Gift Aid Claim information for the statutory 7 years as required by HMRC (which may be beyond age 21)

Automated decision making

Great Wakering Sea Scout group does not have any automated decision-making systems.

Transfers outside the UK

Great Wakering Sea Scout Group will not transfer your personal information outside of the UK, with the exception where an Event is taking place outside of the UK and it is necessary to provide personal information to comply with our legal obligations, although generally, such an event will have its own data collection form which will be securely held and disposed as appropriate, for example, world jamboree.

Data Storage

Great Wakering Sea Scout Group is committed to the protection of your personal information.

We generally store personal information in one of two secure digital online database systems, where access to that data is restricted and controlled.

Compass: – is the online membership system of The Scout Association, this system is used for the collection and storage of Adult personal data.

Online Scout Manager is an online membership system run by Online Youth Manager Ltd, this is a secure membership database where we store the personal information of Adults and Youth members for the day to day running of the group.

Printed records and Event data

Paper is still used within Great Wakering Sea Scout Group to capture and retain some data, for example, the following: –

  • New joiners form.
  • New joiners waiting lists.
  • Health and contact records update forms.
  • Gift Aid Collection forms.
  • Events/Camps consent from parents.
  • Events coordination with event organisers.
  • Award notifications/nominations

In the case of Joining forms, health and contact update forms, this information is securely held by the leader or waiting list manager and transferred to our secure digital systems as soon as possible before the paper form is destroyed.

Gift Aid collection forms will be securely held by the Groups Treasurer to aid in the collection of Gift Aid for monthly membership fee’s, we have a legal obligation to retain this information for 7 years after our last claim.

Events

As a member of Great Wakering Sea Scout Group it is hoped you will take up the opportunity to attend events and camps, where is necessary to fulfil our legal obligations we will be required to potentially have a less secure means to access personal information, such as printouts of personal contacts and medical information, (including specific event contact forms), rather than relying on secure digital systems, as often the events are held where internet and digital access will not be available. We will minimise the use of paper to only what is required for the event/camp.

We will ensure

  1. Transfer of paper is secure, such as physical hand to hand transfer or registered post.
  2. Paper forms are securely destroyed after use.
  3. Secure destruction will be through a shredding machine or securely burned.
  4. Always keeping the paper records secure, especially when in transit, by using.
  5. A lockable briefcase.
  6. A lockable filing cabinet if long-term stored.
  7. If transferred to somebody, we will audit that they return them when the event is complete.
  8. Allegedly information and medication will not be locked away as a leader may need fast access but will not be generally on show during an event.
  9. AwardsSometimes we may nominate a member for the national award, (such as Queens Scout or Duke of Edinburgh award) such nominations would require we provide contact details to the awarding organisation, this is most often done on paper via registered post.

Photography

The law on image use and GDPR needs further clarification, the position Great Wakering Sea Scout group is as follows: –

Photographs/images (which can be classed as personal information) of yourself or your son/daughter may be taken during activities and be used within a Scouting context and in particular publicity material, for example, Scouting publications and the media. Images may be published to official Scout websites and scouting affiliated social media and our public display boards in the parish centre (but will never identify individuals in line with Scout Association guidelines).

We do ask for explicit consent “Yes/No”, as consent and this presumes that it can be revoked.

If we publish a photograph or image in any public forum such as in a newspaper, we no longer have control over that photograph, as it can be downloaded, screenshotted, re-photographed and shared by others, stored in systems not related or controlled by Great Wakering Sea Scout Group.

Under GDPR consent is invalid if people cannot easily withdraw consent, which would be the case with publishing to any publically accessible system, therefore if you do not wish your son/daughter to appear in these then please confirm, in writing, to the Group Scout Leader, and we will not publish any photograph. your child on a public forum such as social media from that point forward, we will be unable to confirm full removal of images and photographs from the historical record online or otherwise stored.

Please note that the group cannot control or stop images being taken by other individuals, parents or organisations not connected with the Great Wakering Sea Scout Group leadership team.

Great Wakering Sea Scout group will store an image of you or your child on the Online Scout Manager ( OSM) membership database for the purposes of identification, alongside and linked to the personal information, access to this image is limited to the leaders and authorised users of OSM as is the rest of the personal information.