Our Privacy and Fair Processing Notice describes the categories of personal data we process and for what purposes. We are committed to collecting and using such data fairly and in accordance with the requirements of the General Data Protection Regulation (GDPR). This Notice should be read in conjunction with the Scout Association’s Data Protection Policy.
Who are we?
We, Water Orton Scouts, are a youth charity. Our mission is to actively engage and support young people in their personal development, empowering them to make a positive contribution to society. We are incorporated by royal charter and are regulated as a member of The Scout Association (see www.scouts.org.uk for more information.) As part of The Scout Association, we are not required to be individually registered with the UK Charity Commission, but we have chosen to register, and our registration number is 507441.
Every year we hold an annual general meeting where members of the charity executive committee (our trustees) are nominated, elected or co-opted in accordance with Scout Association rules. Every parent of a youth member and every adult member of the Scout Association has the right to attend the Annual General Meeting.
Our Executive Committee is the data controller for the information we collect from you for the purposes of GScout Group-level events, activities and appointments. Any personal data that we collect will only be in relation to the work we do with our members and through our relationship with supporters, donors and funders.
Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s, possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://waterortonscouts.org.uk/privacy-policy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
The majority of the personal information we hold, is provided to us directly by yourself or by parents / legal guardian in either paper form or via our online membership systems, in the case of an adult member, data may also be provided by third party reference agencies, such as the Disclosure and Barring Service (DBS).
Where a member is under the age of 18, this information will only be obtained from a parent/guardian. However, we are able to obtain data and consent from young people from the age of 13 for online services (This is particularly applicable to the Explorer or Young Leader section where we encourage young people to start to make decisions for themselves). LINK
Photography – When an event takes place it is very likely that photographs and videos will be taken. We will make every effort to inform you beforehand of the photographer’s presence so if there is an issue it can be resolved beforehand. If we do not inform you before an event of the photographers, we will seek permission before using photographs and videos on its websites and social media accounts, or in any printed or promotional material”.
Why do we collect data?
The data we collect in support of our activities and operation will include data that is Personal Data and Sensitive Personal Data. The GDPR requires that there is a lawful basis to process personal data. We collect under the following bases:
Consent
Where we maintain mailing lists for sending information out about events and activities run by Scout Group through the use of OnlineScoutManager
Legitimate Interest
We have a legitimate interest to process personal data and sensitive personal data in order to provide membership services and activities.
Activities
Where we provide an activity, there is a requirement to ensure that we know who is on an activity and some details about them. This will enable us to ensure that the correct amount of money is collected for an activity, to process any awards that may result from an activity, to be able to contact participants before, during and after an activity, and to be able to provide information to any third-parties as required in support of the activity or to respond to an emergency. Additionally, there may be a need to store sensitive personal data about an individual’s health in order to ensure that suitable support can be given to them on an event.
We comply with our obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
How we store personal data
We are committed to the protection of your personal information.
We generally store personal information in one of two secure digital online database systems, where access to that data is restricted and controlled.
Compass: – is the online membership system of The Scout Association; this system is used to collect and store adult personal data.
Online Scout Manager is an online membership system run by Online Youth Manager Ltd; this is a secure membership database where we store Adults and Youth members’ personal information for the day-to-day running of Scout Group.
Where data is required to be held in an off-line system (e.g. a paper system on an event) we will ensure that there is suitable protection for the paper records (e.g. locked filing cabinet) and that paper records will be securely destroyed after an event (unless there is a requirement to maintain a paper record for a legal reason such as an injury on the event, in which case the paper record will be stored securely).
Third-Party Data Processors
Water Orton Scout Group, employs the services of the following third-party data processors:
- The Scout Association via its adult membership system “Compass” is used to record the personal information of leaders, adults and parents who have undergone a Disclosure and Barring Service (DBS) check.
- Online Youth Manager Ltd (Online Scout Manager) which is used to record the personal information, badge records, event and attendance records etc, we have a data processing agreement in place with online youth manager, more information is available at https://www.onlinescoutmanager.co.uk/security.php/
Automated decision making
Water Orton Scout Group does not have any automated decision-making systems.
How long do we keep your personal data?
We will retain your personal information, throughout the time you/your child(ren) are a member of Water Orton Scout Group.
We will retain your full personal information for a period of one year after you have left Water Orton Scout Group and in a much more limited form (just name, badge and attendance records) for a period of up to 15 years (or until the age 21) to fulfil our legal obligations for insurance and legal claims. Where awards have been gained we will keep a record of the name and the award in perpetuity unless requested to delete this data.
We will also keep any Gift Aid Claim information for the statutory 7 years as required by HMRC (which may be beyond age 21)
Your rights and your personal data
You have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete and restrict the personal information we use. In addition, you have a right to complain to us and to the data protection regulator.
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to be informed – you have a right to know how your data will be used by our Scout Group
- The right to access your personal data – you can ask us to share with you the data we have about you
- The right to rectification – this just means you can update your data if it is inaccurate or if something is missing. Adult members can view and edit their own personal information directly on our online membership system Compass
- The right to erasure – this means that you have the right to request that we delete any personal data they have about you. There are some exceptions, for example, some information can be held for legal reasons
- The right to restrict processing – if you think there is something wrong with the data being held about you, or you are not sure if we are complying to rules, you can restrict any further use of your data until the problem is resolved
- The right to data portability – this means that if you ask us we will have to share your data with you in a way that can be read digitally – such as a pdf. This makes it easier to share information with others
- The right to object – you can object to the ways your data is being used. This should make it easier to avoid unwanted marketing communications and spam from third parties
- Rights in relation to automated decision making and profiling – this protects you in cases where decision are being made about you based entirely on automated processes rather than a human input.
Whether or not you exercise your new rights is up to you – the main thing to remember is that they’re there if you need them.
Further Processing
If we wish to use your personal data for a new purpose, not covered by this Data Privacy and Fair Processing Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
Contact Details
To exercise all relevant rights, queries of complaints please in the first instance contact our Data Protection Lead.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
